kemko/nomad
1
0
Fork 0
mirror of https://github.com/kemko/nomad.git synced 2026-01-01 16:05:42 +03:00
Code Issues Packages Projects Releases Wiki Activity
Files
0ece7b5c166aa640b64c4247ddeebf8afbfa6600
nomad/drivers/docker/driver_default.go
Piotr Kazmierczak 0ece7b5c16 docker: validate that containers do not run as ContainerAdmin on Windows (#23443) 
This enables checks for ContainerAdmin user on docker images on Windows. It's
only checked if users run docker with process isolation and not hyper-v,
because hyper-v provides its own, proper sandboxing.

---------

Co-authored-by: Tim Gross <tgross@hashicorp.com>
2024-06-27 16:22:24 +02:00

19 lines
418 B
Go
Raw Blame History

// Copyright (c) HashiCorp, Inc.
// SPDX-License-Identifier: BUSL-1.1
//go:build !windows
package docker
import (
docker "github.com/fsouza/go-dockerclient"
)
func getPortBinding(ip string, port string) docker.PortBinding {
return docker.PortBinding{HostIP: ip, HostPort: port}
}
func validateImageUser(imageUser, taskUser string, taskDriverConfig *TaskConfig, driverConfig *DriverConfig) error {
return nil
}
Reference in New Issue View Git Blame Copy Permalink