Skip to content
/ secure-remote-dind Public

A HelmChart to provide a secure rootless remote dind service for other deployments.

License

MIT license
4 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

AustrianDataLAB/secure-remote-dind

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

55 Commits
.github/workflows
.github/workflows
 
 
Charts/secure-remote-dind
Charts/secure-remote-dind
 
 
examples
examples
 
 
img
img
 
 
.gitignore
.gitignore
 
 
Dockerfile
Dockerfile
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

Secure Remote Docker-in-Docker

A HelmChart to provide a secure rootless remote dind service for other deployments.

What to expect / How to use it?

The following example demonstrates how a gitlab-runner can access the secure-remote-dind service via mTLS certificate authorization which is provided by the cert-manager CSI Driver. Furthermore the gitlab-runner-jobs are configured to use minio-s3 as cache.

See the examples directory for the demo deployment.

secureremotedind.drawio

Motivation

We needed to have rootless docker-in-docker support for our CI/CD pipelines without giving privileged access to the runner pods.

Future Work

  • Create a ClusterIssuer with a CertificateRequestPolicy to allow multiple namespaces to authorize against the dind service.
  • Remove PSPs.
  • Metrics export for the dind service.
  • Health endpoint for the dind service.

About

A HelmChart to provide a secure rootless remote dind service for other deployments.

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

4 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases 3

secure-remote-dind-0.0.3 Latest
Sep 16, 2022
+ 2 releases

Packages

 
 
 

Languages