mirrors/woodpecker
1
0
Fork 0
mirror of https://github.com/woodpecker-ci/woodpecker.git synced 2024-06-12 18:39:33 +00:00
Code Issues Projects Releases Wiki Activity

Add some warning regarding the local backend (#875)

Browse source
This commit is contained in:
mscherer 2022-04-07 17:50:37 +02:00 committed by GitHub
parent 16cf59163e
commit 410b0bb217
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 10 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
docs/docs/30-administration/22-backends/20-local.md
View file

@ -1 +1,11 @@
# Local backend
The local backend will execute the pipelines on the local system without any isolation of any kind.
Since the code run directly in the same context as the agent (same user, same filesystem), a malicious pipeline could
be used to access the agent configuration especially the `WOODPECKER_AGENT_SECRET` variable.
It is recommended to use this backend only for private setup where the code and pipeline can be trusted. You shouldn't
use it for a public facing CI where anyone can submit code or add new repositories.
The backend will use a random directory in $TMPDIR to store the clone code and execute commands.