Using this image may leads to security vulnerability such as REMOTE CODE EXECUTION on server which runs this container, please check all twice, before allowing unauthenticated users to access it.
Ideas on security improvement are welcome in comments and github
sudo docker run --read-only --tmpfs /run --tmpfs /tmp --restart=on-failure -e API_TOKEN=<slack api token> -e WORKERS=<workers number> --name KESB -d semoro/kesb:latest
--read-only --tmpfs /run --tmpfs /tmp
User code will run inside container, to prevent host filesystem destruction you MUST use this option, and MUST NOT mount anything to this container
Slack API token, you can get one on Custom Integrations For Your Team
Also you can choose bot name there, I'd prefer
Size of workers pool, it defines count of parallel executing scripts
Execution timeout in milliseconds, if code running for more than it process will be killed, if for some reason bot unable to kill process it will exits with code
1 to allow docker make clean-up, that's why
--restart=on-failure are used in example command
End user info
Channel admin should
to a channel
To use bot you should mention it
@kotlinc in your Slack message, also message must contains code blocks.