Do you know if I can use drone exec with privileged: true?
(drone exec is really cool to debug locally).
Another thing about privileged: true is that I fear it will give too much authorization to docker containers. The docker seccomp profile option looks better to me.
Do you think Drone.io could include this feature?
@leamas for info, I have found that it is possible to change the docker seccomp profile for the docker daemon directly. It’s not a perfect workaround (again, it’s too much authorization, I would prefer to avoid changing seccomp profile system-wide) but it exists. See dockerd | Docker Documentation
I just tested and it doesn’t fix the issue I have with running Chromium inside Drone docker container.
Changing docker daemon seccomp fixes it but it’s too wide.
The ideal solution would be to be able to pass docker container run command a custom --security-opt argument.