jenkins docker plugin in pipeline use -u flag, how is possible to not using

喜夏-厌秋 提交于 2019-12-10 09:57:23

问题


I'm using jenkins version 2.89.1 with docker plugin. In a stage of declarative pipeline I launch a docker container with ansible 2.4.x installed in order to run some playbooks as follow:

     agent {
            docker {
                image 'myself/ansible:1.0.3'
                registryUrl 'https://my-artifactory-pro'
                registryCredentialsId 'my-credentials'
                args '-v /var/lib/jenkins/workspace/myworkspace:/tmp/' +
                        ' -v /var/lib/jenkins/.ssh:/root/.ssh'
            }
        }
    steps {

            echo 'Deploying Ansible Server via docker image'
            sh "ansible-playbook -i /tmp/my-inventories-path/ 
                 /my-playbooks/teardown.yaml "+
                 "--extra-vars 'platform=ec2 
                        aws_access_key=${AWS_ACCESS_KEY_ID} 
                        aws_secret_key=${AWS_SECRET_ACCESS_KEY} "+
                  " eip_bastion_host=${EIP_BASTION_HOST} 
                    eip_load_balancer=${EIP_LOAD_BALANCER} '"
    }

The pipeline manages to spin the docker container and tries to execute the ansible playbook, but I'm facing the following issue:

+ ansible-playbook -i /tmp/my-inventories/ /tmp/my-playbooks/teardown.yaml --extra-vars platform=ec2 aws_access_key=**** aws_secret_key=****  eip_bastion_host=X.X.X.X eip_load_balancer=X.X.X.X 
 [WARNING]: Unable to set correct type for configuration entry:
DEFAULT_LOCAL_TMP

PLAY [localhost] ***************************************************************

TASK [install_python_pip : Create pip folder] **********************************
An exception occurred during task execution. To see the full traceback, use -vvv. The error was: KeyError: 'getpwuid(): uid not found: 112'
fatal: [localhost]: FAILED! => {"msg": "Unexpected failure during module execution.", "stdout": ""}
    to retry, use: --limit @/tmp/my-playbooks/teardown.retry

PLAY RECAP *********************************************************************
localhost                  : ok=0    changed=0    unreachable=0    failed=1 

Looking at the Jenkins log I see that when it spins the docker container it launches in the following way:

docker run -t -d -u 112:116 -v /var/lib/jenkins/workspace/my-workspace --entrypoint cat myself/ansible:1.0.3

where the 112 is the jenkins uid and the 116 is the jenkins gid.

If I launch the same ansible playbook in the same container started manually without the -u flag it works properly.

Then is it possible to launch the container without that -u flag ??? And why is considered that the docker container should have the same uid & gid of the jenkins server ?

Thanks a lot in advance Marco


回答1:


By default, when the user is not specified, docker lauches the container with the user defined in the dockerfile which if not specified is root. You can try to force the default user by passing it:

args '-u root:root -v /var/lib/jenkins/workspace/myworkspace:/tmp/' +
                        ' -v /var/lib/jenkins/.ssh:/root/.ssh'


来源:https://stackoverflow.com/questions/47812815/jenkins-docker-plugin-in-pipeline-use-u-flag-how-is-possible-to-not-using

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!