From 1ad399285bbf4668c3b88af81c2c6232c41f13fc Mon Sep 17 00:00:00 2001 From: Zoran Regvart Date: Thu, 29 Jun 2023 19:35:35 +0200 Subject: [PATCH] build: more SELinux labels for Docker volumes (#6061) Ref #6054 Signed-off-by: Zoran Regvart Co-authored-by: Johan Fylling --- Makefile | 4 ++-- build/run-wasm-rego-tests.sh | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/Makefile b/Makefile index 36d72ab26b..5581762a8d 100644 --- a/Makefile +++ b/Makefile @@ -142,7 +142,7 @@ wasm-sdk-e2e-test: generate .PHONY: check check: ifeq ($(DOCKER_RUNNING), 1) - docker run --rm -v $(shell pwd):/app -w /app golangci/golangci-lint:${GOLANGCI_LINT_VERSION} golangci-lint run -v + docker run --rm -v $(shell pwd):/app:ro,Z -w /app golangci/golangci-lint:${GOLANGCI_LINT_VERSION} golangci-lint run -v else @echo "Docker not installed or running. Skipping golangci run." endif @@ -150,7 +150,7 @@ endif .PHONY: fmt fmt: ifeq ($(DOCKER_RUNNING), 1) - docker run --rm -v $(shell pwd):/app -w /app golangci/golangci-lint:${GOLANGCI_LINT_VERSION} golangci-lint run -v --fix + docker run --rm -v $(shell pwd):/app:Z -w /app golangci/golangci-lint:${GOLANGCI_LINT_VERSION} golangci-lint run -v --fix else @echo "Docker not installed or running. Skipping golangci run." endif diff --git a/build/run-wasm-rego-tests.sh b/build/run-wasm-rego-tests.sh index 155c6ba90b..4bc20d5a3a 100755 --- a/build/run-wasm-rego-tests.sh +++ b/build/run-wasm-rego-tests.sh @@ -46,7 +46,7 @@ function generate_testcases { --name $TESTGEN_CONTAINER_NAME \ -u $(id -u):$(id -g) \ -v $PWD/.go/bin:/go/bin:Z \ - -v $PWD:/src:Z \ + -v $PWD:/src:z \ -v $ASSETS:/assets:Z \ -e GOCACHE=/src/.go/cache \ -w /src \ @@ -65,7 +65,7 @@ function run_testcases { docker run \ --rm \ --name $TESTRUN_CONTAINER_NAME \ - --volumes-from $TESTGEN_CONTAINER_NAME \ + --volumes-from $TESTGEN_CONTAINER_NAME:z \ -e VERBOSE=$VERBOSE \ -w /scratch \ node:14 \