Instructions for using untrusted workers

[sfc-gh-mmizera]

Hey,

Is it possible to get some kind of guidance how should I configure my workers to support untrusted workloads?

I've seen in the code a concept of such a worker that potentially could fuzz untrusted code and don't put any GCP account at risk in case of a malicious code owner that's being fuzzed.

I've tried various attempts with TRUSTED_HOST / UNTRUSTED_WORKER env combos, but non of them have worked for me.

Is there any place where I could see how it should be configured?

[sfc-gh-mmizera]

don't close please

[github-actions]

This issue has not had any activity for 60 days and will be automatically closed in two weeks

[sfc-gh-mmizera]

don't close please

[jonathanmetzman]

We have two APIs for doing this. One was only really appropriate for oss-fuzz (where project trusts itself). The other is still kind of unstable, and I wouldn't recommend it excpet for some small workloads. Look around for uworker/tworker. No documentation :-(