diff --git a/changelogs/fragments/ansible-test-container-tmpfs.yml b/changelogs/fragments/ansible-test-container-tmpfs.yml new file mode 100644 index 00000000000..678cd0770df --- /dev/null +++ b/changelogs/fragments/ansible-test-container-tmpfs.yml @@ -0,0 +1,5 @@ +bugfixes: + - ansible-test - Test containers are now run with the ``--tmpfs`` option for ``/tmp``, ``/run`` and ``/run/lock``. + This allows use of containers built without the ``VOLUME`` instruction. + Additionally, containers with those volumes defined no longer create anonymous volumes for them. + This avoids leaving behind volumes on the container host after the container is stopped and deleted. diff --git a/test/lib/ansible_test/_internal/host_profiles.py b/test/lib/ansible_test/_internal/host_profiles.py index cb911aef8df..50b80193397 100644 --- a/test/lib/ansible_test/_internal/host_profiles.py +++ b/test/lib/ansible_test/_internal/host_profiles.py @@ -428,6 +428,15 @@ class DockerProfile(ControllerHostProfile[DockerConfig], SshTargetHostProfile[Do options = [ '--volume', '/sys/fs/cgroup:/sys/fs/cgroup:ro', f'--privileged={str(self.config.privileged).lower()}', + # These temporary mount points need to be created at run time. + # Previously they were handled by the VOLUME instruction during container image creation. + # However, that approach creates anonymous volumes when running the container, which are then left behind after the container is deleted. + # These options eliminate the need for the VOLUME instruction, and override it if they are present. + # The mount options used are those typically found on Linux systems. + # Of special note is the "exec" option for "/tmp", which is required by ansible-test for path injection of executables using temporary directories. + '--tmpfs', '/tmp:exec', + '--tmpfs', '/run:exec', + '--tmpfs', '/run/lock', # some systemd containers require a separate tmpfs here, such as Ubuntu 20.04 and Ubuntu 22.04 ] if self.config.memory: