Volumes
Endor isolates the sandbox filesystem from the host for security and privacy reasons.
Sandboxes can get directories exposed from the host filesystem, so that they can act on certain data.
Mount volumes
Allow Host Filesystem Access
- 1
Start any service with the
--volumeflag. It has the form of<hostPath>:<sandboxPath>:Terminal window endor run alpine --volume .:/app - 2
Verify access to the filesystem:
๐ EndorLaunching the Alpine environmentโ Mission readyโญโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโฎโ Volumes: โโ - /home/<user>/my-project (host) -> /app (guest) โโฐโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโฏโ Connection established โข Ready in 1.9sโญโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโฎโ Alpine Connection Details โโ โโ Host: 127.0.0.1 โโ Ports: โโ - 2222 (host) <-> 2222 (guest) โโ Public network access: restricted โโฐโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโฏ - 3
Test filesystem access from within the sandbox:
Terminal window # Inside the sandboxls -la /app
You can mount many volumes in the same invocation, if you have the need to expose multiple directories inside the sandbox.
Common Use Cases
Mount volumes when you need to:
- Populate services: you can populate database instances with existing SQL files in your host filesystem.
- Access files in your host filesystem: reading files from your host filesystem enables you to pick what information is exposed to the sandbox.