mirror of
https://github.com/rcourtman/Pulse.git
synced 2026-02-18 00:17:39 +01:00
8dc5c4758e
Implements comprehensive security hardening for pulse-sensor-proxy: - Privilege drop from root to unprivileged user (UID 995) - Hash-chained tamper-evident audit logging with remote forwarding - Per-UID rate limiting (0.2 QPS, burst 2) with concurrency caps - Enhanced command validation with 10+ attack pattern tests - Fuzz testing (7M+ executions, 0 crashes) - SSH hardening, AppArmor/seccomp profiles, operational runbooks All 27 Phase 1 tasks complete. Ready for production deployment.
10 lines
223 B
Bash
Executable File
10 lines
223 B
Bash
Executable File
#!/usr/bin/env bash
|
|
set -euo pipefail
|
|
|
|
# Simple wrapper that enables BuildKit and forwards all arguments.
|
|
# To skip building multi-arch agents set BUILD_AGENT=0 before invoking.
|
|
|
|
export DOCKER_BUILDKIT=1
|
|
|
|
docker build "$@"
|