Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add support for experimental hermetic execution mode to TaskRuns #3956

Merged
merged 1 commit into from
May 20, 2021
Merged

Add support for experimental hermetic execution mode to TaskRuns #3956

merged 1 commit into from
May 20, 2021

Commits on May 20, 2021

  1. Add experimental hermetic execution mode to TaskRun 

    This PR adds supoprt for an experimental hermetic execution mode. If users specify this on their TaskRun, then all user containers are run without network access.
Any containers created or injected by tekton (init containers or sidecar containers) are not affected, and user sidecar containers are also not affected.

Some notes around this PR:
1. Adds documentation around hermetic execution mode and points to it from taskrun.md
2. Removes the API change & instead specify execution mode as an annotation on a TaskRun
3. Also puts hermetic execution mode behind the `alpha` feature flag
4. Adds a unit test to make sure that the TEKTON_HERMETIC env var is set such that it can't be overridden

Relevant TEP: https://github.com/tektoncd/community/blob/main/teps/0025-hermekton.md
    Priya Wadhwa committed May 20, 2021
    Configuration menu
    Copy the full SHA
    19d9eda View commit details
    Browse the repository at this point in the history