Skip to content

Volume Mounts for Local Runs #2940

New issue
New issue
Open
Open
Volume Mounts for Local Runs#2940
@lkingland

Description

@lkingland
lkingland
opened on Jul 22, 2025

Currently, runtime volumes defined in func.yaml are ignored when running functions locally with func run.

We should update pkg/docker/runner.go -> newHostConfig() to configure volumes in addition to the ports it currently defines.

  1. ConfigMap → Local .func/run/configmaps/<name> directory
  2. Secret → Local .func/run/secrets/<name> directory
  3. EmptyDir → Docker tmpfs or anonymous volume
  4. PersistentVolumeClaim → Named Docker volume or local directory

Additionally, we could consider adding a new volume type specifically for local development:

volumes:
  - hostPath: /local/path
    path: /container/path

Implementation Notes:

There should be warnings when defined resources are note available locally, but not fail.

Should disallow mapping of directories outside of .func for security (example risk: user downloads a malicious function, runs it locally, accessing sensitive areas of the FS and exfiltrating via the funciton source implementation)

Current Workarounds

  1. Use the "host" builder (loses container isolation)
  2. Run func build then manually docker run -v local:container image
  3. Deploy to a test cluster for volume testing

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions