Closed cidrblock closed 2 weeks ago
Note the failure in this test run: opening file /sys/fs/cgroup/cgroup.subtree_control for writing: Read-only file system https://github.com/ansible/ansible-dev-tools/actions/runs/10930266208/job/30342982168?pr=377
opening file /sys/fs/cgroup/cgroup.subtree_control for writing: Read-only file system
This is why unmask=/sys/fs/cgroup is added after the initial addition of the EE test which works for podman.
unmask=/sys/fs/cgroup
For docker based on: https://github.com/moby/moby/issues/42275#issuecomment-1616442602 --privileged was added (not ideal, but few options)
--privileged
On macOS/intel/podman desktop the following errors were found: Error: crun: mknod /dev/null: Operation not permitted: OCI permission denied
Error: crun: mknod /dev/null: Operation not permitted: OCI permission denied
the following was added to resolve this error:
--cap-add=mknod (docker gets this by default)
--cap-add=mknod
this allowed all tests to pass on macOS/intel/podman desktop
277.32s call tests/integration/test_container.py::test_builder 6.21s call tests/integration/test_container.py::test_nav_playbook 4.99s call tests/integration/test_container.py::test_nav_collections 3.56s call tests/integration/test_container.py::test_navigator_simple_c_in_c 3.18s call tests/integration/test_container.py::test_nav_collection 2.77s call tests/integration/test_container.py::test_navigator_simple 2.58s call tests/integration/test_container.py::test_podman 1.23s call tests/integration/test_container.py::test_nav_images 1.15s setup tests/integration/test_container.py::test_nav_collections 0.78s setup tests/integration/test_container.py::test_nav_playbook ======================================= 34 passed, 1 warning in 310.65s (0:05:10) =======================================
Additional changes necessary for Windows user include the addition of "--cap-add=NET_ADMIN", to avoid bpf query: Operation failed errors when building an EE
"--cap-add=NET_ADMIN",
bpf query: Operation failed
Note the failure in this test run:
opening file /sys/fs/cgroup/cgroup.subtree_control for writing: Read-only file systemhttps://github.com/ansible/ansible-dev-tools/actions/runs/10930266208/job/30342982168?pr=377This is why
unmask=/sys/fs/cgroupis added after the initial addition of the EE test which works for podman.For docker based on: https://github.com/moby/moby/issues/42275#issuecomment-1616442602
--privilegedwas added (not ideal, but few options)On macOS/intel/podman desktop the following errors were found:
Error: crun: mknod /dev/null: Operation not permitted: OCI permission deniedthe following was added to resolve this error:
--cap-add=mknod(docker gets this by default)this allowed all tests to pass on macOS/intel/podman desktop
Additional changes necessary for Windows user include the addition of
"--cap-add=NET_ADMIN",to avoidbpf query: Operation failederrors when building an EE