Introduction

Factory-default container images for Ansible testing. Just SSH and Python - nothing else.

Purpose

Minimal base images for testing Ansible roles with Molecule. Each container provides:

• Python 3 - For Ansible
• OpenSSH - Key-based authentication
• systemd - For service management
• Factory defaults - Stock OS configuration, updated packages

Core Philosophy

Keep it minimal. These are deliberately bare-bones containers designed for reliable Ansible role testing. No extras, no customizations, just stock OS configurations.

Available Images

Three distributions are provided:

Image	Base Distribution	Package Manager	Python Version
debian-ssh:12	Debian 12 (Bookworm)	apt	3.11+
rocky-ssh:9	Rocky Linux 9.x	dnf/yum	3.9+
ubuntu-ssh:24	Ubuntu 24.04 LTS	apt	3.12+

Pull from Registry

# GitHub Container Registry
podman pull ghcr.io/jackaltx/testing-containers/debian-ssh:12
podman pull ghcr.io/jackaltx/testing-containers/rocky-ssh:9
podman pull ghcr.io/jackaltx/testing-containers/ubuntu-ssh:24

What's Included

Each container includes only essential components:

Core Packages

• python3 - Ansible runtime requirement
• openssh-server - SSH access for Ansible
• systemd - Service management for role testing
• sudo - Privilege escalation
• pip - Python package management

Utilities

Minimal utilities for debugging and basic operations:

• vim - Text editor
• wget - File downloads
• git - Version control (for fetching roles)
• tmux - Terminal multiplexing
• iproute2 - Network utilities

User Configuration

• Username: jackaltx
• Authentication: SSH key-based only (no password)
• Sudo: Passwordless (NOPASSWD: ALL)
• Home Directory: /home/jackaltx
• Shell: /bin/bash

What's NOT Included

By design, these containers do NOT include:

• Configuration management tools (beyond what's needed for testing)
• Monitoring agents
• Application-specific software
• Custom configurations
• Additional users
• Unnecessary system services

Use Cases

Primary: Molecule Testing

Test Ansible roles across multiple distributions:

# molecule/default/molecule.yml
platforms:
  - name: debian-instance
    image: ghcr.io/jackaltx/testing-containers/debian-ssh:12
    privileged: true
    volumes:
      - /sys/fs/cgroup:/sys/fs/cgroup:rw
    command: /sbin/init

  - name: rocky-instance
    image: ghcr.io/jackaltx/testing-containers/rocky-ssh:9
    privileged: true
    volumes:
      - /sys/fs/cgroup:/sys/fs/cgroup:rw
    command: /sbin/init

Secondary: Manual Testing

Quick container for ad-hoc Ansible testing:

# Start container
podman run -d \
    --name ansible_test \
    --privileged \
    -v /sys/fs/cgroup:/sys/fs/cgroup:rw \
    -p 2222:22 \
    ghcr.io/jackaltx/testing-containers/debian-ssh:12 \
    /sbin/init

# Test with Ansible
ansible -i localhost:2222, all -m ping

Tertiary: CI/CD Testing

Use in GitHub Actions or GitLab CI for automated role testing:

# .github/workflows/test.yml
jobs:
  test:
    runs-on: ubuntu-latest
    strategy:
      matrix:
        distro: [debian-ssh:12, rocky-ssh:9, ubuntu-ssh:24]

    steps:
      - uses: actions/checkout@v3

      - name: Test with Molecule
        run: |
          export TEST_IMAGE=ghcr.io/jackaltx/testing-containers/${{ matrix.distro }}
          molecule test

Design Goals

1. Predictability: Stock OS configurations ensure consistent, reproducible testing
2. Minimalism: Only essential packages to reduce attack surface and image size
3. Multi-distribution: Test across major Linux distributions with one interface
4. CI-Ready: Fast pull times, small sizes, quick startup
5. SSH-First: Standard SSH access just like real infrastructure

Why Not Other Images?

vs Official Distribution Images

Official images (debian:12, rockylinux:9) lack SSH and systemd, requiring manual setup for each test.

vs Molecule Docker Images

Molecule's Docker driver images are deprecated and don't support newer distributions well.

vs Custom Images

Building custom images for each project duplicates effort and creates inconsistencies.

Project Status

• Status: Active, production-ready
• Registry: GitHub Container Registry (ghcr.io)
• Updates: Images rebuilt with OS security updates monthly
• License: MIT
• Repository: github.com/jackaltx/testing-containers

Quick Links

• Pull Commands: See Container Images
• Molecule Integration: See Molecule Usage
• Build Instructions: See Building Images
• Troubleshooting: See Common Issues

Security Note

These images are designed for testing environments only. The jackaltx user has passwordless sudo access, making these containers unsuitable for production use.