|
|
|
|
|
|
by jpeeler
5 days ago
|
|
|
I'm currently using herde[1] to handle/supervise multiple agents (with some patches I need to try to upstream) along with Nono[2] for sandboxing. This sandboxing approach avoids use of a microVM, which lets me use tooling I already have installed inside the sandbox. The downside is getting all the policies correct as it seems every project needs some new type of access, though Nono does try to make policy writing easy. I've been considering switching my approach to using a microVM through microsandbox[3]. The pro of this approach is you can essentially skip the policies and rely on the security of the VM boundary. The negative is that now you've lost all your installed tools, so you need to either provision at runtime or build something (like an image) beforehand to match your dev environment. I still don't know which is less maintenance. And while I think herde is pretty well thought out, I do think about something that works outside the terminal may be nicer. [1] https://github.com/ogulcancelik/herdr [2] https://github.com/always-further/nono [3] https://github.com/superradcompany/microsandbox |
|
|
What do you think could be nicer with a native app? More mouse or visual interactions? Modern design and gui?