Supporting whitelist configuration for # syntax = frontend would be useful for preventing malicious frontends from being specified due to e.g. typo.
The whitelist could be specified either via static buildkitd.toml or dynamic CRUD object.
whitelist types
- image reference prefix
- image digest
- notary signer key
...
dynamic CRUD object
For a while bbolt could be used, but in long-term, we might want to use distributed store like etcd for supporting multi-master distributed mode.
Supporting whitelist configuration for
# syntax =frontend would be useful for preventing malicious frontends from being specified due to e.g. typo.The whitelist could be specified either via static
buildkitd.tomlor dynamic CRUD object.whitelist types
...
dynamic CRUD object
For a while bbolt could be used, but in long-term, we might want to use distributed store like etcd for supporting multi-master distributed mode.