You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I mount files outside the build context ($HOME/.netrc), so I get warnings with the new buildx version.
Running docker buildx bake (without arguments) is really convenient, I don't want to have to pass --allow=fs.read=/Users/milas/.netrc on every command. I understand the security angle, but UX-wise, this is a bit lacking.
Can I:
Globally permit specific path(s) via buildkitd.toml or similar?
Specify via an environment variable (BUILDKIT_ALLOW_FS_READ=/Users/milas/.netrc)?
Your build is requesting privileges for following possibly insecure capabilities:
- Read access to path /Users/milas/.netrc
In order to not see this message in the future pass "--allow=fs.read=/Users/milas/.netrc" to grant requested privileges.
Your full command with requested privileges:
docker buildx bake --allow=fs.read=/Users/milas/.netrc
This warning will become an error in a future release. To enable filesystem entitlements checks at the moment, set BUILDX_BAKE_ENTITLEMENTS_FS=1 .
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
-
I mount files outside the build context (
$HOME/.netrc), so I get warnings with the new buildx version.Running
docker buildx bake(without arguments) is really convenient, I don't want to have to pass--allow=fs.read=/Users/milas/.netrcon every command. I understand the security angle, but UX-wise, this is a bit lacking.Can I:
buildkitd.tomlor similar?BUILDKIT_ALLOW_FS_READ=/Users/milas/.netrc)?Beta Was this translation helpful? Give feedback.
All reactions