Add support for tmpfs on the main container.

common/config.go

@@ -76,6 +76,7 @@ type DockerConfig struct {
 	AllowedServices        []string          `toml:"allowed_services,omitempty" json:"allowed_services" long:"allowed-services" env:"DOCKER_ALLOWED_SERVICES" description:"Whitelist allowed services"`
 	PullPolicy             DockerPullPolicy  `toml:"pull_policy,omitempty" json:"pull_policy" long:"pull-policy" env:"DOCKER_PULL_POLICY" description:"Image pull policy: never, if-not-present, always"`
 	ShmSize                int64             `toml:"shm_size,omitempty" json:"shm_size" long:"shm-size" env:"DOCKER_SHM_SIZE" description:"Shared memory size for docker images (in bytes)"`
+	Tmpfs                  map[string]string `toml:"services_tmpfs,omitempty" json:"tmpfs" long:"tmpfs" env:"DOCKER_TMPFS" description:"A toml table/json object with the format key=values. When set this will mount the specified path in the key as a tmpfs volume in the main container, using the options specified as key. For the supported options, see the documentation for the unix 'mount' command"`
 	ServicesTmpfs          map[string]string `toml:"services_tmpfs,omitempty" json:"services_tmpfs" long:"services-tmpfs" env:"DOCKER_SERVICES_TMPFS" description:"A toml table/json object with the format key=values. When set this will mount the specified path in the key as a tmpfs volume in all the service containers, using the options specified as key. For the supported options, see the documentation for the unix 'mount' command"`
 	SysCtls                DockerSysCtls     `toml:"sysctls,omitempty" json:"sysctls" long:"sysctls" env:"DOCKER_SYSCTLS" description:"Sysctl options, a toml table/json object of key=value. Value is expected to be a string."`
 }

docs/executors/docker.md

@@ -198,15 +198,19 @@ Secure variables are only passed to the build container.
 
 ## Mounting a directory in RAM
 
-You can mount a path inside all the services containers in RAM using tmpfs. This can speed up the time required to test if there is a lot of I/O related work, such as with databases.
-If you use the `services_tmpfs` option in the runner configuration, you c  an specify multiple paths, each with its own options. See the [docker reference](https://docs.docker.com/engine/reference/commandline/run/#mount-tmpfs-tmpfs) for details.
+You can mount a path in RAM using tmpfs. This can speed up the time required to test if there is a lot of I/O related work, such as with databases.
+If you use the `tmpfs` and `services_tmpfs` options in the runner configuration, you can specify multiple paths, each with its own options. See the [docker reference](https://docs.docker.com/engine/reference/commandline/run/#mount-tmpfs-tmpfs) for details.
 This is an example `config.toml` to mount the data directory for the official Mysql container in RAM.
 
 ```
 [runners.docker]
-  [runners.docker.services_tmpfs]
+  # For the main container
+  [runners.docker.tmpfs]
       "/var/lib/mysql" = "rw,noexec"
 
+  # For services
+  [runners.docker.services_tmpfs]
+      "/var/lib/mysql" = "rw,noexec"
 ```
 
 ## Build directory in service

executors/docker/executor_docker.go

@@ -785,6 +785,7 @@ func (s *executor) createContainer(containerType string, imageDefinition common.
 		LogConfig: container.LogConfig{
 			Type: "json-file",
 		},
+		Tmpfs:   s.Config.Docker.Tmpfs,
 		Sysctls: s.Config.Docker.SysCtls,
 	}
 

executors/docker/executor_docker_test.go

@@ -938,6 +938,19 @@ func TestDockerServicesTmpfsSetting(t *testing.T) {
 
 	testDockerConfigurationWithServiceContainer(t, dockerConfig, cce)
 }
+func TestDockerTmpfsSetting(t *testing.T) {
+	dockerConfig := &common.DockerConfig{
+		Tmpfs: map[string]string{
+			"/tmpfs": "rw,noexec",
+		},
+	}
+
+	cce := func(t *testing.T, config *container.Config, hostConfig *container.HostConfig) {
+		require.NotEmpty(t, hostConfig.Tmpfs)
+	}
+
+	testDockerConfigurationWithJobContainer(t, dockerConfig, cce)
+}
 func TestDockerUserNSSetting(t *testing.T) {
 	dockerConfig := &common.DockerConfig{
 		UsernsMode: "host",