Linter: untrusted repositories cannot mount host volumes


#1

linter: untrusted repositories cannot mount host volumes
I met the above error but I did not find where to set up it in the web console of in drone/drone:1.0.0-rc.3.
I use docker run to build a single drone server as below:

docker run
–volume=/var/run/docker.sock:/var/run/docker.sock
–volume=/var/lib/drone:/data
–env=DRONE_GITHUB_SERVER=https://github.com
–env=DRONE_GITHUB_CLIENT_ID=…
–env=DRONE_GITHUB_CLIENT_SECRET=…
–env=DRONE_RUNNER_CAPACITY=1
–env=DRONE_SERVER_HOST=drone.single.com
–env=DRONE_SERVER_PROTO=https
–env=DRONE_TLS_AUTOCERT=false
–env=DRONE_GIT_ALWAYS_AUTH=false
–env=DRONE_ADMIN=zhanwenzhuo-github
–publish=80:80
–publish=443:443
–restart=always
–detach=true
–name=drone
drone/drone:1.0.0-rc.3


#2

You have to set it up thourgh CLI:
drone repo update --trusted <your/repo>


#3

you can find the setting at a active drone repo settings


#4

maybe your admin is set wrong , that will make you can’t set any settings


#5

I have use CLI to update it but it seemed that no use.

root@awx-dev-02:~/my_python_shell# drone repo info zhanwenzhuo-github/game-of-life
Owner: zhanwenzhuo-github
Repo: game-of-life
Config: .drone.yml
Visibility: public
Private: false
Trusted: false
Protected: false
Remote: https://github.com/zhanwenzhuo-github/game-of-life.git
root@awx-dev-02:~/my_python_shell# drone repo update zhanwenzhuo-github/game-of-life --trusted=true
Successfully updated repository zhanwenzhuo-github/game-of-life
root@awx-dev-02:~/my_python_shell# drone repo info zhanwenzhuo-github/game-of-life
Owner: zhanwenzhuo-github
Repo: game-of-life
Config: .drone.yml
Visibility: public
Private: false
Trusted: false
Protected: false
Remote: https://github.com/zhanwenzhuo-github/game-of-life.git


#6

only a system administrator can Trusted mode. If you cannot set this field it is because you are not a Drone system administrator. To create an administrative user please follow the instructions here: https://docs.drone.io/administration/user/admins/


#7

Thanks a lot!

And I have updated the command below.

docker run
–volume=/var/run/docker.sock:/var/run/docker.sock
–volume=/var/lib/drone:/data
–env=DRONE_GITHUB_SERVER=https://github.com
–env=DRONE_GITHUB_CLIENT_ID=9cdfd9e8a13d3c004e0c
–env=DRONE_GITHUB_CLIENT_SECRET=322c2f1bc178aaa83aa753531f126c8f0048c0e3
–env=DRONE_RUNNER_CAPACITY=2
–env=DRONE_SERVER_HOST=drone-dev-02.awx.im
–env=DRONE_SERVER_PROTO=https
–env=DRONE_TLS_AUTOCERT=true
–env=DRONE_USER_CREATE=username:zhanwenzhuo-github,admin:true
–publish=80:80
–publish=443:443
–restart=always
–detach=true
–name=drone
drone/drone:1.0.0-rc.4