Browse code
build: device entitlement support
Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
CrazyMax authored on 2025/07/21 17:26:14Showing 2 changed files
| ... | ... |
@@ -135,6 +135,7 @@ type BuilderHistoryConfig struct {
|
| 135 | 135 |
type BuilderEntitlements struct {
|
| 136 | 136 |
NetworkHost *bool `json:"network-host,omitempty"` |
| 137 | 137 |
SecurityInsecure *bool `json:"security-insecure,omitempty"` |
| 138 |
+ Device *bool `json:"device,omitempty"` |
|
| 138 | 139 |
} |
| 139 | 140 |
|
| 140 | 141 |
// BuilderConfig contains config for the builder |
| ... | ... |
@@ -537,13 +537,17 @@ func parseGCPolicy(p config.BuilderGCRule, prefix string) (reservedSpace, maxUse |
| 537 | 537 |
|
| 538 | 538 |
func getEntitlements(conf config.BuilderConfig) []string {
|
| 539 | 539 |
var ents []string |
| 540 |
- // Incase of no config settings, NetworkHost should be enabled & SecurityInsecure must be disabled. |
|
| 540 |
+ // In case of no config settings, NetworkHost and Device should be enabled |
|
| 541 |
+ // but SecurityInsecure must be disabled. |
|
| 541 | 542 |
if conf.Entitlements.NetworkHost == nil || *conf.Entitlements.NetworkHost {
|
| 542 | 543 |
ents = append(ents, string(entitlements.EntitlementNetworkHost)) |
| 543 | 544 |
} |
| 544 | 545 |
if conf.Entitlements.SecurityInsecure != nil && *conf.Entitlements.SecurityInsecure {
|
| 545 | 546 |
ents = append(ents, string(entitlements.EntitlementSecurityInsecure)) |
| 546 | 547 |
} |
| 548 |
+ if conf.Entitlements.Device == nil || *conf.Entitlements.Device {
|
|
| 549 |
+ ents = append(ents, string(entitlements.EntitlementDevice)) |
|
| 550 |
+ } |
|
| 547 | 551 |
return ents |
| 548 | 552 |
} |
| 549 | 553 |
|