[PR #716] [MERGED] Add support for container kernel capabilities #1575

New issue

Closed

opened 2026-03-01 21:51:46 +03:00 by kerem · 0 comments

kerem commented

2026-03-01 21:51:46 +03:00

Owner

📋 Pull Request Information

Original PR: https://github.com/nektos/act/pull/716
Author: @jbenden
Created: 6/1/2021
Status: ✅ Merged
Merged: 6/4/2021
Merged by: @mergify[bot]

Base: master ← Head: capabilities

📝 Commits (1)

05385e7 Add support for container kernel capabilities

📊 Changes

6 files changed (+17 additions, -7 deletions)

View changed files

📝 cmd/input.go (+2 -0)
📝 cmd/root.go (+4 -0)
📝 pkg/container/docker_run.go (+6 -4)
📝 pkg/runner/run_context.go (+1 -1)
📝 pkg/runner/runner.go (+2 -0)
📝 pkg/runner/step_context.go (+2 -2)

📄 Description

This patch adds two new command-line flags to specify one or
more kernel capabilities to add or remove from the workflow
containers.

The command-line flag --cap-add allows for new
capabilities on the workflow containers; where as,

The command-line flag --cap-drop allows for removing
specific capabilities on the workflow containers.

This was developed to specifically be able to add SYS_PTRACE
to a workflow I maintain. It involves using this capability to
monitor a make build, to then build a compilation database.

Signed-off-by: Joseph Benden joe@benden.us

_{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

## 📋 Pull Request Information **Original PR:** https://github.com/nektos/act/pull/716 **Author:** [@jbenden](https://github.com/jbenden) **Created:** 6/1/2021 **Status:** ✅ Merged **Merged:** 6/4/2021 **Merged by:** [@mergify[bot]](https://github.com/apps/mergify) **Base:** `master` ← **Head:** `capabilities` --- ### 📝 Commits (1) - [`05385e7`](https://github.com/nektos/act/commit/05385e73993d763d02a4993cc574bf729e06ee52) Add support for container kernel capabilities ### 📊 Changes **6 files changed** (+17 additions, -7 deletions) <details> <summary>View changed files</summary> 📝 `cmd/input.go` (+2 -0) 📝 `cmd/root.go` (+4 -0) 📝 `pkg/container/docker_run.go` (+6 -4) 📝 `pkg/runner/run_context.go` (+1 -1) 📝 `pkg/runner/runner.go` (+2 -0) 📝 `pkg/runner/step_context.go` (+2 -2) </details> ### 📄 Description This patch adds two new command-line flags to specify one or more kernel capabilities to add or remove from the workflow containers. The command-line flag `--cap-add` allows for new capabilities on the workflow containers; where as, The command-line flag `--cap-drop` allows for removing specific capabilities on the workflow containers. This was developed to specifically be able to add `SYS_PTRACE` to a workflow I maintain. It involves using this capability to monitor a make build, to then build a compilation database. Signed-off-by: Joseph Benden <joe@benden.us> --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>

kerem

2026-03-01 21:51:46 +03:00

closed this issue
added the
pull-request
label

kerem referenced this issue

2026-03-01 21:53:38 +03:00

[PR #1575] [CLOSED] build(deps): bump github.com/docker/cli from 23.0.0-rc.1+incompatible to 23.0.0-rc.3+incompatible #2011

No milestone

No project

No assignees

1 participant

Notifications

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/act#1575

No description provided.

Rows
Columns