Merge pull request #962 from carolynvs/doc-allow-docker-host-access

Explain allow-docker-host-access setting
getporter · Mar 31, 2020 · 3127765 · 3127765
2 parents 86cd302 + e5e95eb
commit 3127765
Show file tree

Hide file tree

Showing 2 changed files with 26 additions and 2 deletions.
diff --git a/docs/content/configuration.md b/docs/content/configuration.md
@@ -13,6 +13,10 @@ You may set a default value for a configuration value in the config file,
 override it in a shell session with an environment variable and then override
 both in a particular command with a flag.
 
+* [Enable Debug Output](#debug)
+* [Output Formatting](#output)
+* [Allow Docker Host Access](#porter-allow-docker-host-access)
+
 ## Flags
 
 ### Debug
@@ -40,9 +44,28 @@ value of the environment variable, when defined.
 For example, you can set `PORTER_DEBUG=true` and then all subsequent porter
 commands will act as though the `--debug` flag was passed.
 
+### PORTER_ALLOW_DOCKER_HOST_ACCESS
+
+The `PORTER_ALLOW_DOCKER_HOST_ACCESS` environment variable is not exposed as a
+flag yet. 
+
+It controls whether or not the local Docker daemon should be made available to
+executing bundles. When this value is set to true, bundles are executed in
+a privileged container with the docker socket mounted.
+This allows you to use Docker from within your bundle, such as `docker push`,
+`docker-compose`, or docker-in-docker.
+
+🚨 **There are security implications to enabling access! You should trust any
+bundles that you execute with this setting enabled as it gives them elevated 
+access to the host machine.**
+
+⚠️️ This configuration setting is only available when you are in an environment 
+that provides access to the local docker daemon. Therefore it does not work with
+the Azure Cloud Shell driver.
+
 ## Config File
 
-Common flags can be defaulted in the config file. The config file is located in
+Common settings can be defaulted in the config file. The config file is located in
 the PORTER_HOME directory (**~/.porter**), is named **config** and can be in any
 of the following file types: JSON, TOML, YAML, HCL, envfile and Java Properties
 files.
@@ -53,4 +76,5 @@ Below is an example configuration file in TOML
 ```toml
 debug = true
 output = "json"
+allow-docker-host-access = true
 ```
diff --git a/docs/resources/_gen/assets/scss/sass/styles.scss_b95b077eb505d5c0aff8055eaced30ad.content b/docs/resources/_gen/assets/scss/sass/styles.scss_b95b077eb505d5c0aff8055eaced30ad.content