Replies: 1 comment 1 reply
-
|
There are many users doing exactly this. I’m not clear how they lock down their systems. I don’t think users are typically allowed to author the YAML. |
Beta Was this translation helpful? Give feedback.
1 reply
-
|
yes, I wouldn't allow users to do write their own argo yml, they will have a much simpler abstraction, eg, they'd submit something like [
{image: 'python', script: '...'},
{image: 'python', script: '...'}
]to my service as a list of steps, and I'll translate that to an argo workflow. still, the problems above remain. I'd be curious to know how they lock down their systems. I couldn't find any reference about people trying to do this. |
Beta Was this translation helpful? Give feedback.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
I am considering using argo for running untrusted user-submitted code. Is argo suitable for such a thing?
The main problem I am facing is that I want to provide network isolation for the untrusted pod, so that it cannot communicate with the internal services. to do so, I can write a NetworkPolicy, but NetworkPolicy apply at the pod level, not container level, so that will block also requests from the
waitcontainer. there are other problems, like setting a specific serviceAccountName that doesn’t auto-mount only in the untrusted main container, but not in wait. not to mention a more secure container runtime like kata or gvisor (not sure if argo is compatible with them)Has anyone ever tried this? Does it make sense to use Argo, or should I look elsewhere?
Beta Was this translation helpful? Give feedback.
All reactions