glenux/docmachine-cli
glenux/docmachine-cli
1
0
Fork 0
Code Issues 16 Pull requests Projects 1 Releases Packages 1 Wiki Activity

Ensure container run commands clean up after success #26

New issue
Open
opened 2025-11-19 20:50:52 +00:00 by glenux · 0 comments
glenux commented 2025-11-19 20:50:52 +00:00
Owner
Copy link

Summary

  • Ensure DocMachine::Container::Run#run_command cleans up containers even when the command exits successfully.
  • Align CLI auto-clean defaults with enforced cleanup logic so success-path leaks disappear.

Current behavior

Audit AUDIT-2025-015 shows run_command only calls cleanup_container from exception handlers. When process.wait returns status 0 and the user did not pass an explicit --keep-container, the method exits without touching the container. Containers linger on disk until a manual docker rm or podman rm occurs.

Desired behavior

  • After process.wait, trigger cleanup_container whenever the configuration indicates auto-clean (default) or when the container still exists.
  • Ensure success-path cleanup mirrors the failure-path behavior, logging what was removed for operator awareness.
  • Add specs covering both success and failure flows to verify cleanup happens whenever auto-clean is enabled.

Technical notes

  • Restructure run_command to share an ensure block or explicit helper that runs after the status check, without swallowing real errors.
  • Reuse the opt-out flag introduced in task 11aa03 so users can keep containers intentionally while still avoiding accidental leaks.
  • Touch src/container/run.cr and related specs to keep documentation consistent with the new lifecycle guarantees.

Local task: 11aa05

## Summary - Ensure `DocMachine::Container::Run#run_command` cleans up containers even when the command exits successfully. - Align CLI auto-clean defaults with enforced cleanup logic so success-path leaks disappear. ## Current behavior Audit AUDIT-2025-015 shows `run_command` only calls `cleanup_container` from exception handlers. When `process.wait` returns status 0 and the user did not pass an explicit `--keep-container`, the method exits without touching the container. Containers linger on disk until a manual `docker rm` or `podman rm` occurs. ## Desired behavior - After `process.wait`, trigger `cleanup_container` whenever the configuration indicates auto-clean (default) or when the container still exists. - Ensure success-path cleanup mirrors the failure-path behavior, logging what was removed for operator awareness. - Add specs covering both success and failure flows to verify cleanup happens whenever auto-clean is enabled. ## Technical notes - Restructure `run_command` to share an `ensure` block or explicit helper that runs after the status check, without swallowing real errors. - Reuse the opt-out flag introduced in task 11aa03 so users can keep containers intentionally while still avoiding accidental leaks. - Touch `src/container/run.cr` and related specs to keep documentation consistent with the new lifecycle guarantees. Local task: 11aa05
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
develop
feature/2025-03-18-add-support-for-podman
master
v1.1.0
v1.0.5
v1.0.4
v1.0.3
v1.0.2
Labels
Clear labels   
bug

Something is not working

  
duplicate

This issue or pull request already exists

  
enhancement

New feature

  
help wanted

Need some help

  
invalid

Something is wrong

  
question

More information is needed

  
wontfix

This won't be fixed

No labels
bug
duplicate
enhancement
help wanted
invalid
question
wontfix
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: glenux/docmachine-cli#26
No description provided.
Delete branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?