1.4 KiB
Plugins
Plugins are Docker containers, executed during your build process. Plugins are downloaded automatically, on-demand as they are encountered in your .drone.yml file.
See the plugin marketplace for a full catalog of official plugins.
Security
For security reasons you must whitelist plugins. The default whitelist includes the official Drone plugins hosted in the Docker registry. Customize your whitelist by setting the PLUGIN_FILTER environment variable. This is a space-separated list and includes glob matching capabilities.
Whitelist official Drone plugins
PLUGIN_FILTER=plugins/*
Whitelist official Drone plugins and registry user octocat
PLUGIN_FILTER=plugins/* octocat/*
Additionally, some plugins may require to be execute as a "privileged" container.
This mode is most common for plugins that are attempting to run docker in docker type behaviors (for example the plugins/docker requires this mode).
Drone will ship will a default pattern that will allow selected official Drone plugins to run in an privileged mode.
This whitelist can be customized by setting the ESCALATE_FILTER environment variable.
This is a space-separated list and includes glob matching capabilities.
ESCALATE_FILTER=plugins/drone-docker plugins/drone-ecr plugins/drone-gcr