codeintel: Wrap index commands in a firecracker VM (!13421) · Merge requests · Warren Gifford / sourcegraph

Warren Gifford requested to merge ef/firecracker into main Aug 27, 2020

Created by: efritz

Modify the docker commands so that they run in a firecracker VM instead, as described in RFC 199: User code execution in the auto-indexer.

Previously the indexer would clone the repo on the local disk, then run lsif-go/src upload in an lsif-go container running on the host. This PR changes the set of commands to instead spin up a fresh firecracker VM, then run the same set of docker commands inside the new VM, which is isolated from the host.

Closes https://github.com/sourcegraph/sourcegraph/issues/12708.

codeintel: Wrap index commands in a firecracker VM

Merge request reports