✧✦Catherine✦✧the expectation of being able to run docker whenever in CI jobs is probably the single worst outcome of free GitHub Actions minutes because reproducing it in a bring-your-own-compute environment is borderline impossible unless you make every machine single-tenant
even if you make every machine single-tenant, most configurations of Forgejo Actions runners would enable malware to escape the build container, persist itself and infect all future releases
samir, an unknown quantity@whitequark Docker and friends are definitely semi-trusted environments. You have to at least know the people who built the image IMO.
Does something like Firecracker help isolate them? It’s another layer, which feels somewhat pointless, but might be necessary for compatibility and security.
@samir well how am I supposed to jam Firecracker into Forgejo Actions runner?
@whitequark I was thinking the other way around. The runner goes inside a firecracker instance.
@samir then malware that escapes the container (trivial with dockerd.sock exposed) can steal the Forgejo Actions secret
@samir there is an "emphemeral" runner function in it but it's incredibly immature and the example in the repo is completely insecure in a way where it shouldn't be used
@whitequark Oh I see, different threat vector to what I was imagining. And yes, it has root, so you have no chance.
My mind is spinning towards single-use tokens from a secrets provider but it’s an immature thought so I’ll spare you.
I hope you figure it out.