mirrors/woodpecker
1
0
Fork 0
mirror of https://github.com/woodpecker-ci/woodpecker.git synced 2024-11-25 19:31:05 +00:00
Code Issues Projects Releases Wiki Activity

Docs: update local backend page (#3765)

Browse source
This commit is contained in:
Patrick Schratz 2024-06-06 09:18:31 +02:00 committed by GitHub
parent 964860434c
commit f5671ba20f
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 9 additions and 13 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

22
docs/docs/30-administration/22-backends/20-local.md
View file

@ -5,33 +5,31 @@ toc_max_heading_level: 3
# Local backend # Local backend
:::danger :::danger
The local backend will execute the pipelines on the local system without any isolation of any kind. The local backend executes pipelines on the local system without any isolation.
::: :::
:::note :::note
Currently we do not support services for this backend. Currently we do not support [services](../../20-usage/60-services.md) for this backend.
[Read more here](https://github.com/woodpecker-ci/woodpecker/issues/3095). [Read more here](https://github.com/woodpecker-ci/woodpecker/issues/3095).
::: :::
Since the code runs directly in the same context as the agent (same user, same Since the commands run directly in the same context as the agent (same user, same
filesystem), a malicious pipeline could be used to access the agent filesystem), a malicious pipeline could be used to access the agent
configuration especially the `WOODPECKER_AGENT_SECRET` variable. configuration especially the `WOODPECKER_AGENT_SECRET` variable.
It is recommended to use this backend only for private setup where the code and It is recommended to use this backend only for private setup where the code and
pipeline can be trusted. You shouldn't use it for a public facing CI where pipeline can be trusted. It should not be used in a public instance where
anyone can submit code or add new repositories. You shouldn't execute the agent anyone can submit code or add new repositories. The agent should not run as a privileged user (root).
as a privileged user (root).
The local backend will use a random directory in `$TMPDIR` to store the cloned The local backend will use a random directory in `$TMPDIR` to store the cloned
code and execute commands. code and execute commands.
In order to use this backend, you need to download (or build) the In order to use this backend, you need to download (or build) the
[binary](https://github.com/woodpecker-ci/woodpecker/releases/latest) of the [agent](https://github.com/woodpecker-ci/woodpecker/releases/latest), configure it and run it on the host machine.
agent, configure it and run it on the host machine.
## Usage ## Usage
To enable the local backend, add this to your configuration: To enable the local backend, set the following:
```ini ```ini
WOODPECKER_BACKEND=local WOODPECKER_BACKEND=local
@ -39,7 +37,7 @@ WOODPECKER_BACKEND=local
### Shell ### Shell
The `image` entry is used to specify the shell, such as Bash or Fish, that is The `image` entrypoint is used to specify the shell, such as `bash` or `fish`, that is
used to run the commands. used to run the commands.
```yaml title=".woodpecker.yaml" ```yaml title=".woodpecker.yaml"
@ -51,15 +49,13 @@ steps:
### Plugins ### Plugins
Plugins are just executable binaries:
```yaml ```yaml
steps: steps:
- name: build - name: build
image: /usr/bin/tree image: /usr/bin/tree
``` ```
If no commands are provided, we treat them as plugins in the usual manner. If no commands are provided, plugins are treated in the usual manner.
In the context of the local backend, plugins are simply executable binaries, which can be located using their name if they are listed in `$PATH`, or through an absolute path. In the context of the local backend, plugins are simply executable binaries, which can be located using their name if they are listed in `$PATH`, or through an absolute path.
### Options ### Options