Skip to content

Commit

Permalink
Merge pull request kubernetes#27273 from sftim/20210328_restrict_priv…
Browse files Browse the repository at this point in the history 
…ileges_local_preview

Run local container previews with minimal privileges
  • Loading branch information
@k8s-ci-robot
k8s-ci-robot authored Apr 25, 2021
2 parents 11537e9 + 6214d89 commit 80a91d7
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion Makefile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -68,7 +68,7 @@ container-build: module-check
$(CONTAINER_RUN) --read-only --mount type=tmpfs,destination=/tmp,tmpfs-mode=01777 $(CONTAINER_IMAGE) sh -c "npm ci && hugo --minify"

container-serve: module-check ## Boot the development server using container. Run `make container-image` before this.
$(CONTAINER_RUN) --read-only --mount type=tmpfs,destination=/tmp,tmpfs-mode=01777 -p 1313:1313 $(CONTAINER_IMAGE) hugo server --buildFuture --bind 0.0.0.0 --destination /tmp/hugo --cleanDestinationDir
$(CONTAINER_RUN) --cap-drop=ALL --cap-add=AUDIT_WRITE --read-only --mount type=tmpfs,destination=/tmp,tmpfs-mode=01777 -p 1313:1313 $(CONTAINER_IMAGE) hugo server --buildFuture --bind 0.0.0.0 --destination /tmp/hugo --cleanDestinationDir

test-examples:
scripts/test_examples.sh install
Expand Down

0 comments on commit 80a91d7

Please sign in to comment.