actions-runner-kubernetes
actions-runner-kubernetes copied to clipboard
Reduce privileges granted to docker container
Background
- The
docker:stable-dind-rootless
container has a few requirements that aren't satisfied by all clusters today. - https://blog.jessfraz.com/post/building-container-images-securely-on-kubernetes/ has background on all of the rad patches that may possibly enabling running the rootless dind container without
--privileged
. - This blog post has some additional historical background.
- This one is a bit more recent.