Skip to content

Commit

Permalink
Set necessary container security options and capabilities
Browse files Browse the repository at this point in the history
  • Loading branch information
@justin-stephenson
justin-stephenson committed Jan 23, 2025
1 parent 11f851b commit 07d50e9
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion .github/workflows/intg.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@ jobs:
- name: Build the Docker image
run: sudo -E XDG_RUNTIME_DIR= podman build . --file Dockerfile.fedora --tag ${IMAGE}
- name: Run the container
run: sudo podman run --privileged --security-opt seccomp=unconfined --detach -p 80:80 --name=${CONTAINER} ${IMAGE}
run: sudo podman run --privileged --security-opt seccomp=unconfined --security-opt apparmor=unconfined --security-opt label=disable --detach -p 80:80 --cap-add=CAP_DAC_READ_SEARCH --cap-add=CAP_DAC_OVERRIDE --name=${CONTAINER} ${IMAGE}
- name: Check the container is up
run: sudo podman ps
- name: Setup ./configure
Expand Down

0 comments on commit 07d50e9

Please sign in to comment.