To securely manage which global files a container can modify, an allowlist will be introduced and stored in a new, hand-edited configuration file.

• The command contract for configure and release supports a write-only /output directory mount for the container to write updated global files.
• A new config.yaml file is created in the .librarian directory for repository-specific, hand-edited settings.
• Librarian can parse a global_files_allowlist from this file, specifying file paths and permissions (read-write, read-only, write-only).
• A read-only input mount (/repo) is provided to the container with the contents of global files declared for reading in the allowlist.
• New or updated global files are copied from the container's /output directory back into the repository.
• Only files explicitly allowlisted for writing are copied into the repository.

Example config.yaml:

# .librarian/config.yaml

global_files_allowlist:
  # Allow the container to read and write the root go.work file
  # during the 'configure' step to add new modules.
  - path: "go.work"
    permissions: "read-write"

  # Allow the container to read a template.
  - path: "internal/README.md.template"
    permissions: "read-only"
  
  # Allow publishing the updated root README.md
  - path: "README.md"
    permissions: "write-only"

See: go/librarian:global-file-edits