You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository has been archived by the owner on Feb 24, 2020. It is now read-only.
It would be great to have some sort of pod that we can run for acbuild. Their would be a couple of moving parts:
the file accepter, a server that a developer could upload their source code and a acbuild script to
the image builder, would build whatever ends up in the shared mount from the file accepter
the image server, would serve up the end result images for the user to consume after the build completes
The basic idea would be to do an acbuild against a remote server by sending it the context of a currently checked out project like a Go project, rails app, etc.
The text was updated successfully, but these errors were encountered:
I'm not sure of the security implications of this, since an acbuild script is normally a shell script that runs as root. If we're running it in a container that gets blown away at the end of the build, is a user uploading a script that can break out of the container a concern? If so maybe revisiting the subject of an acbuild script mode could help.
Step 1 could be accomplished with some github integration, which would be very convenient for CD reasons.
Ideally at the end of a successful build it would just push a new image to quay or a private acserver or something with acpush, which would remove the need for step 3.
Regardless of if this thing serves the image itself or pushes it somewhere, it'll need to be able to sign it for the user. I don't like the idea of asking users to upload a private key, so maybe just generate a new key on the server for each project and sign it with that? That would complicate pushing the images somewhere else though, since the current push proposal for appc has the public gpg key sent to the server OOB.
Sign up for freeto subscribe to this conversation on GitHub.
Already have an account?
Sign in.
It would be great to have some sort of pod that we can run for acbuild. Their would be a couple of moving parts:
The basic idea would be to do an acbuild against a remote server by sending it the context of a currently checked out project like a Go project, rails app, etc.
The text was updated successfully, but these errors were encountered: