Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: restrict effectors #2110

Merged
merged 18 commits into from
Feb 26, 2024
Merged

feat: restrict effectors #2110

merged 18 commits into from
Feb 26, 2024

Conversation

kmd-fl
Copy link
Contributor

@kmd-fl kmd-fl commented Feb 23, 2024
edited
Loading

Description

[Provide a brief description of the changes introduced by this pull request and the motivation behind them.]

Motivation

safe nox

Proposed Changes

  • generate configs inside nox
  • add new method to add module that doesn't accept config
  • other methods still accept it, but use only the name
  • make curl (from the config example) a default effector

Additional Notes

  • System services still use the config from distro
  • Marine configs are still stored when we add module distro (TODO: fix it)
  • allowd_binaries in the peer info API now prints the list of paths used in effectors

Config example:

[effectors.curl]
wasm_cid = "bafkreids22lgia5bqs63uigw4mqwhsoxvtnkpfqxqy5uwyyerrldsr32ce"
  [effectors.curl.allowed_binaries]
  curl = "/usr/bin/curl"

or

[effectors.curl]
wasm_cid = "bafkreids22lgia5bqs63uigw4mqwhsoxvtnkpfqxqy5uwyyerrldsr32ce"
allowed_binaries = { curl = "/usr/bin/curl" }

New api

service Dist("dist"):
   add_module_bytes_from_vault(name: string, module_cid: string) -> string

@kmd-fl kmd-fl requested a review from folex February 23, 2024 19:18
github-actions[bot]
github-actions bot reviewed Feb 23, 2024
View reviewed changes
particle-modules/src/error.rs Show resolved Hide resolved
particle-modules/src/error.rs Show resolved Hide resolved
particle-modules/src/error.rs Show resolved Hide resolved
particle-modules/src/error.rs Show resolved Hide resolved
particle-modules/src/error.rs Show resolved Hide resolved
particle-modules/src/error.rs Show resolved Hide resolved
particle-modules/src/error.rs Show resolved Hide resolved
particle-modules/src/error.rs Show resolved Hide resolved
particle-modules/src/error.rs Show resolved Hide resolved
particle-modules/src/error.rs Show resolved Hide resolved
justprosh
justprosh reviewed Feb 23, 2024
View reviewed changes
nox/src/node.rs Outdated Show resolved Hide resolved
@kmd-fl kmd-fl added the e2e Run e2e workflow label Feb 24, 2024
@kmd-fl kmd-fl merged commit a4485ab into master Feb 26, 2024
17 of 18 checks passed
@kmd-fl kmd-fl deleted the restrict-effectors branch February 26, 2024 17:06
@fluencebot fluencebot mentioned this pull request Feb 26, 2024
Merged
@kmd-fl kmd-fl restored the restrict-effectors branch February 26, 2024 18:03
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@folex folex folex left review comments

@github-actions github-actions[bot] github-actions left review comments

@justprosh justprosh justprosh approved these changes

Assignees
No one assigned
Labels
e2e Run e2e workflow
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@kmd-fl @folex @justprosh