Skip to content

consider moving the container management infra to an isolated service #196

Description

@lucasbalieiro

the recent investigation concluded that switching to Docker-in-Docker (--privileged) would not provide a meaningful security improvement over the current Docker socket approach.

As a future enhancement, we could explore an agent-based architecture where container lifecycle operations are delegated to a dedicated service exposing a limited API, rather than giving the backend direct Docker access.

for a broader context see: #149

Metadata

Metadata

Assignees

No one assigned

    Labels

    feature requestIdeas, that need to be validated in order to be tackled

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions