provisioner: augment Networks config from caller when -unsafe (#411)

Currently container instances are hard-coded to join a single network, the network associated with the session. This change allows the caller of CreateInstance to specify which additional networks should be joined. This is useful, for example, when a container instance requires access to additional "backend" services that may be running. There are security implications associated with this change, hence the additional networks are only joined when a new -unsafe flag is specified. It is hoped the name is a sufficient indicator that thought needs to go into using it.
2020-09-04 13:46:31 +01:00
parent 78e9689249
commit 681de41e0a
4 changed files with 28 additions and 3 deletions
--- a/pwd/types/instance.go
+++ b/pwd/types/instance.go
@@ -40,4 +40,5 @@ type InstanceConfig struct {
 	Type           string
 	DindVolumeSize string
 	Envs           []string
+	Networks       []string
 }