Hello, there's a new release of HICA, system & API for wiring container applications back to host based on runtime label introspection. Overall goal of the project is to execute containerized applications closest-to-native execution as possible. There are firefox, jq and signify example applications. NVIDIA & ATI GPU users can try the opengl example. Release 0.5 has seen many additions since the last 0.3-alpha release: * First release published as pip package * Two new injectors * Tty injector for when the process needs input * Command aliases allowing one to specify complex command aliases via labels, see the signify image for example * All example images ported to Fedora 23 base * Except for test-descriptions which is based on busybox * More conservative subprocess usage in introspect_runtime injector * DRI injector bugfix for NVIDIA devices * Documentation update The command aliases are especially nifty, ever wanted to generate a ECC key-pair, sign a binary with it and later verify? $ mkdir ~/.signify/ $ docker-hica signify create-key ~/.signify/docker-hica $ docker-hica signify sign docker-hica.sig ~/.signify/docker-hica.sec docker-hica $ docker-hica signify verify docker-hica.sig ~/.signify/docker-hica.pub docker-hica Signature Verified Some observations from the above execution: * keys are stored in my on-host home directory * signature file 'docker-hica.sig' was created in my on-host cwd * the signed/verified binary 'docker-hica' is in my on-host cwd ... oh, and: $ getenforce Enforcing How cool is that? :) https://github.com/shaded-enmity/docker-hica Pavel, -- Pavel Odvody <podvody redhat com> Software Engineer - EMEA ENG Developer Experience 5EC1 95C1 8E08 5BD9 9BBF 9241 3AFA 3A66 024F F68D Red Hat Czech s.r.o., Purkyňova 99/71, 612 45, Brno
Attachment:
signature.asc
Description: This is a digitally signed message part