From 70b898ea1a9feac7a433df9c21d23c8ade868bde Mon Sep 17 00:00:00 2001
From: divialth <65872926+divialth@users.noreply.github.com>
Date: Wed, 8 Jul 2020 13:54:31 +0200
Subject: [PATCH] check privileged image whitelist in service section

Signed-off-by: divialth <65872926+divialth@users.noreply.github.com>
---
 engine/compiler/compiler.go | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/engine/compiler/compiler.go b/engine/compiler/compiler.go
index 81782d8..5963529 100644
--- a/engine/compiler/compiler.go
+++ b/engine/compiler/compiler.go
@@ -274,6 +274,10 @@ func (c *Compiler) Compile(ctx context.Context, args runtime.CompilerArgs) runti
 		if !src.When.Match(match) {
 			dst.RunPolicy = runtime.RunNever
 		}
+
+		if c.isPrivileged(src) {
+			dst.Privileged = true
+		}
 	}
 
 	// create steps