(PIND) ansible-builder fails to run inside the container with lgetxattr ... merged/.profile: invalid argument

[ssbarnea]

I spotted that on macos arm64 our test of using builder from within the built container fails with the error below.

I is happening only when the container with podman inside is executed under docker running container. If podman was used to run this container the build will work.

Working

podman run --rm  --device "/dev/fuse" -e NO_COLOR=1 -v $PWD:/workdir  --user=root --cap-add=CAP_MKNOD --cap-add=NET_ADMIN --cap-add=SYS_ADMIN --cap-add=SYS_RESOURCE --security-opt "apparmor=unconfined" --security-opt "label=disable"  --security-opt "seccomp=unconfined" --security-opt=unmask=/sys/fs/cgroup --userns=host  -it ghcr.io/ansible/community-ansible-dev-tools /bin/bash -c "cd /workdir && podman build -f context/Containerfile -t ansible-execution-env:latest context"

Not working

docker run --rm  --device "/dev/fuse" -e NO_COLOR=1 -v $PWD:/workdir  --user=root --privileged  -it ghcr.io/ansible/community-ansible-dev-tools /bin/bash -c "cd /workdir && podman build -f context/Containerfile -t ansible-execution-env:latest context"

bash-5.2# podman build -f /private/var/folders/32/1xrphgzd4xv777syxjtkpdw80000gn/T/pytest-of-ssbarnea/pytest-8/test_builder0/Containerfile -t ansible-execution-env:latest /private/var/folders/32/1xrphgzd4xv777syxjtkpdw80000gn/T/pytest-of-ssbarnea/pytest-8/test_builder0
[1/3] STEP 1/15: FROM quay.io/fedora/fedora-minimal:40 AS base
[1/3] STEP 2/15: USER root
--> Using cache c2ffedefa2e568f328f60f3057646cf4451ab5435de3872526bee1f88fe6ca3b
--> c2ffedefa2e5
[1/3] STEP 3/15: ENV PIP_BREAK_SYSTEM_PACKAGES=1
--> Using cache 0654b654c8d53fbc0e36f8d16fca7e51ad001e4eabe9cda1e652c88de29a63b8
--> 0654b654c8d5
[1/3] STEP 4/15: ARG EE_BASE_IMAGE
--> Using cache f5bfe7a23a68e35fd3974e8593b46e4324157dc7bb83e2a330797ec819ce9897
--> f5bfe7a23a68
[1/3] STEP 5/15: ARG PYCMD
--> Using cache d96af683dd6956c0d43f16b8b854919440c8667770951ecef1a72024091d5d44
--> d96af683dd69
[1/3] STEP 6/15: ARG PKGMGR_PRESERVE_CACHE
--> Using cache b07e1377475baad275881b7fd8b974d006d97022f6cb5e5385a144dd0253c974
--> b07e1377475b
[1/3] STEP 7/15: ARG ANSIBLE_GALAXY_CLI_COLLECTION_OPTS
--> Using cache 7095cbde425a58de3808ac8409f1307971974976d3e588ae91893280d468a675
--> 7095cbde425a
[1/3] STEP 8/15: ARG ANSIBLE_GALAXY_CLI_ROLE_OPTS
--> Using cache ef8b52f81a2f13d81446f0a374c9918afebc46b030eee961a60f0fb2133cc9f3
--> ef8b52f81a2f
[1/3] STEP 9/15: ARG ANSIBLE_INSTALL_REFS
--> Using cache b078d5612352b1cc77aafd2712b26c4d2b829fc96139192154d491f4409d9b0d
--> b078d5612352
[1/3] STEP 10/15: ARG PKGMGR
--> Using cache a3e3b8644a783ad002ce27f6ca3bd0209e51a55f4c5f0182256a31a3cb1d60e4
--> a3e3b8644a78
[1/3] STEP 11/15: COPY _build/scripts/ /output/scripts/
Error: committing container for step {Env:[EE_BASE_IMAGE=quay.io/fedora/fedora-minimal:40 PYCMD=/usr/bin/python3 PKGMGR_PRESERVE_CACHE= ANSIBLE_GALAXY_CLI_COLLECTION_OPTS= ANSIBLE_GALAXY_CLI_ROLE_OPTS= ANSIBLE_INSTALL_REFS=ansible-core ansible-runner PKGMGR=/usr/bin/dnf5 container=oci PIP_BREAK_SYSTEM_PACKAGES=1 PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin] Command:copy Args:[_build/scripts/ /output/scripts/] Flags:[] Attrs:map[] Message:COPY _build/scripts/ /output/scripts/ Heredocs:[] Original:COPY _build/scripts/ /output/scripts/}: copying layers and metadata for container "7c78051af033c1df320fea69ae442e680d681a6d24688e53bdad547b2b45a2c7": initializing source containers-storage:a3e3b8644a78-working-container: extracting layer "7782a301a5d4b097bbb377c5954106f4dab469d4cf76127cf95d3db6edc16ea3": lgetxattr /var/lib/containers/storage/overlay/c719f8462e43403157c9777acaf918f6317e5a45b53641e0750e7623007cc3e6/merged/.profile: invalid argument

[nalind]

What type of filesystem is being mounted at /var/lib/containers/storage in the container? Have you built with a higher-than-default --log-level to get more diagnostics about what's happening?