New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Enable nested exec by default #7141
Comments
One question with this - since we inject the dagger "version identifier" into nested execs, this would mean we would invalidate every cache when we bump that ID? We originally added that for our own integration tests, so that on re-runs of tests against a re-built engine would need to re-run when the engine was new. ...I'm not actually sure how much we care about this right now - but it would be a bit tricky to restore the previous caching behavior. Maybe if we could have some way to detect if a step accessed the dagger API? Then, if it did, we could write the version identifier to the disk, using the shim/worker api? |
When nested execs (i.e. execs that can call back to the dagger API) were originally added, they weren't safe since they gave full blown access to the original caller's FS, but that's no longer the case. We can instead make this behavior the default for convenience and instead have a flag for opting out.
There's one last pre-req first, which is handled as part of #6916. That PR results in nested execs connecting back to the same server (among many other things), which will result in them actually being tracked nicely in telemetry, having tightly scoped access to certain session resources like auth, etc.
The text was updated successfully, but these errors were encountered: