Join GitHub today
GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.Sign up
add -thin-manifest-dir flag #141
Thin manifests are like regular manifests but instead of having
I could have added a corresponding
This forces users to have only 1 promoter manifest, named "promoter-manifest.yaml" defined per directory if using the -manifest-dir flag. This makes using the -manifest-dir flag more secure for PRs from the community because we will no longer allow any *.yaml to be read in.
This is just like -manifest-dir, but instead of expecting promoter manifests that have both registries: ... and images: ... information, it only expects so-called thin manifests that look like registries: ... imagesPath: <path to images.yaml> . These thin manifests are designed to be owned by a select few, and they will refer to images.yaml files that reside in other folder(s) with less restrictive ACLs. The point is to force PRs to only change the images.yaml portions of manifests, and *NEVER* the 'registries:' part, which contains important metadata that should rarely change.
[APPROVALNOTIFIER] This PR is APPROVED
The full list of commands accepted by this bot can be found here.
The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing