Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Question]: Why does the Initialize Containers step always mount the workspace in the container? #5005

Open
2 of 4 tasks
BasJ93 opened this issue Sep 27, 2024 · 3 comments
Open
2 of 4 tasks

[Question]: Why does the Initialize Containers step always mount the workspace in the container? #5005

BasJ93 opened this issue Sep 27, 2024 · 3 comments
Labels
Area: Agent

Comments

@BasJ93
Copy link

BasJ93 commented Sep 27, 2024

Describe your question

As the use of running a stage within a container is described as a way to always have a clean environment, it feels weird that multiple host folders are automatically mounted in the container. I would expect to just get a running container, and still need to do the checkout step within the container for example.

Based on this snippet of Agent code, it would not appear so:

if (container.ImageOS != PlatformUtil.OS.Windows)
            {
                string workspace = executionContext.Variables.Get(Constants.Variables.Pipeline.Workspace);
                workspace = container.TranslateContainerPathForImageOS(PlatformUtil.HostOS, container.TranslateToContainerPath(workspace));
                string mountWorkspace = container.TranslateToHostPath(workspace);
                executionContext.Debug($"Workspace: {workspace}");
                executionContext.Debug($"Mount Workspace: {mountWorkspace}");
                container.MountVolumes.Add(new MountVolume(mountWorkspace, workspace, readOnly: container.isReadOnlyVolume(Constants.DefaultContainerMounts.Work)));

                container.MountVolumes.Add(new MountVolume(HostContext.GetDirectory(WellKnownDirectory.Temp), container.TranslateToContainerPath(HostContext.GetDirectory(WellKnownDirectory.Temp))));
                container.MountVolumes.Add(new MountVolume(HostContext.GetDirectory(WellKnownDirectory.Tasks), container.TranslateToContainerPath(HostContext.GetDirectory(WellKnownDirectory.Tasks)),
                    readOnly: container.isReadOnlyVolume(Constants.DefaultContainerMounts.Tasks)));
            }

Currently, this is problematic for our application of containerized stages, as the stage suddenly contains test dlls (and application code) from a different stage, which we do not want.

Have we missed a knob/argument/feature flag that allows us to disable this behavior?

Versions

Azure Devops 3.243.1 on Ubuntu 20.04 LTS

Environment type (Please select at least one enviroment where you face this issue)

  • Self-Hosted
  • Microsoft Hosted
  • VMSS Pool
  • Container

Azure DevOps Server type

dev.azure.com (formerly visualstudio.com)

Operation system

Ubuntu 20.04

Version controll system

Git with external repo

Azure DevOps Server Version (if applicable)

3.243.1
@ivanduplenskikh
Copy link
Contributor

@BasJ93, сould you please provide more details on your request?
Are you asking for a way to configure a stage that operates within a container without needing a _work directory for your source files?

I recommend implementing a workaround to remove unnecessary sources at the end of your stage, or you could use the checkout task with the option clean: true.

@BasJ93
Copy link
Author

BasJ93 commented Sep 30, 2024
edited
Loading

Are you asking for a way to configure a stage that operates within a container without needing a _work directory for your source files?

No, I'm looking for a way where the _work directory of the host is not mapped in to the container. Allowing me to just download an artifact to use within the container.

Our use case (that we wish to get working) is running unit tests in an isolated container environment, so that we run a specific set of tests that require data placed in our custom image.

Due to the workspace being mapped in to the container, we end up running more tests than we need, because the other tests in the project are also detected. We would very much like to not have to clean the workspace of the host, as our repository is quite large and would then require a full clone again.

In conclusion: is it possible to configure the agent to not mount the _work directory in to the container, and just create an empty _w within the container to place data from artifacts?

@ivanduplenskikh Any comment?

@ivanduplenskikh
Copy link
Contributor

@BasJ93, apologies for the delay in getting back to you.

I have been gathering the necessary details related to your question.

The _work directory's mapping is by design behavior. You can refer to this documentation https://github.com/microsoft/azure-pipelines-agent/blob/master/docs/jobdirectories.md for a better understanding of why the _work directory is needed to keep working files and folders.

Currently, there are no mechanisms in place to prevent this folder from being mounted in a container.

However, you might find a workaround by either deleting unnecessary files in a prior step or by setting up a separate agent dedicated to testing.
This agent could download your artifact and conduct the required tests in an isolated environment.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Area: Agent
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@BasJ93 @ivanduplenskikh