[JENKINS-42695] Wrong UID in docker

Type: Bug
Resolution: Not A Defect
Priority: Minor
Component/s: docker-workflow-plugin
Labels:
None
Environment:
CentOS Linux release 7.3.1611 (Core)
Jenkins ver. 2.49
Docker version 17.03.0-ce, build 60ccb22
Docker Pipeline 1.10

Similar Issues:
Powered by SuggestiMate

Show

In this case, docker run container with "docker run -t -d -u 1001:1001" where 1001 its user Jenkins in host system, but into container his dont know who is 1001. I think we must mount /etc/passwd in container -v /etc/passwd:/etc/passwd:ro but this way insecure.

pipeline

node {
    stage "Container Prep"
    // do the thing in the container
    docker.image('maven:3.3.3-jdk-8').inside {
        stage 'Checkout'
        git url: 'https://github.com/damnhandy/Handy-URI-Templates.git'
        stage 'Build'
        //sh "./mvnw clean install"
        sh "whoami"
        sh "id"
        sh "cat /etc/passwd"
        
    }
}

output

[Pipeline] node
Running on jenkins-slave-2 in /var/jenkins_home/workspace/docker-test
[Pipeline] {
[Pipeline] stage (Container Prep)
Using the 'stage' step without a block argument is deprecated
Entering stage Container Prep
Proceeding
[Pipeline] sh
[docker-test] Running shell script
+ docker inspect -f . maven:3.3.3-jdk-8
.
[Pipeline] withDockerContainer
$ docker run -t -d -u 1001:1001 -w /var/jenkins_home/workspace/docker-test -v /var/jenkins_home/workspace/docker-test:/var/jenkins_home/workspace/docker-test:rw -v /var/jenkins_home/workspace/docker-test@tmp:/var/jenkins_home/workspace/docker-test@tmp:rw -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** --entrypoint cat maven:3.3.3-jdk-8
[Pipeline] {
[Pipeline] stage (Checkout)
Using the 'stage' step without a block argument is deprecated
Entering stage Checkout
Proceeding
[Pipeline] git
 > git rev-parse --is-inside-work-tree # timeout=10
Fetching changes from the remote Git repository
 > git config remote.origin.url https://github.com/damnhandy/Handy-URI-Templates.git # timeout=10
Fetching upstream changes from https://github.com/damnhandy/Handy-URI-Templates.git
 > git --version # timeout=10
 > git fetch --tags --progress https://github.com/damnhandy/Handy-URI-Templates.git +refs/heads/*:refs/remotes/origin/*
 > git rev-parse refs/remotes/origin/master^{commit} # timeout=10
 > git rev-parse refs/remotes/origin/origin/master^{commit} # timeout=10
Checking out Revision 9380caff2d46132c7e7a484c6aba02ac976642d0 (refs/remotes/origin/master)
 > git config core.sparsecheckout # timeout=10
 > git checkout -f 9380caff2d46132c7e7a484c6aba02ac976642d0
 > git branch -a -v --no-abbrev # timeout=10
 > git branch -D master # timeout=10
 > git checkout -b master 9380caff2d46132c7e7a484c6aba02ac976642d0
 > git rev-list 9380caff2d46132c7e7a484c6aba02ac976642d0 # timeout=10
[Pipeline] stage (Build)
Using the 'stage' step without a block argument is deprecated
Entering stage Build
Proceeding
[Pipeline] sh
[docker-test] Running shell script
+ whoami
whoami: cannot find name for user ID 1001
[Pipeline] }
$ docker stop --time=1 7855fa17acd5dd71b5649be5d1e28b6d0c990953c58e044e469d779e86917842
$ docker rm -f 7855fa17acd5dd71b5649be5d1e28b6d0c990953c58e044e469d779e86917842
[Pipeline] // withDockerContainer
[Pipeline] }
[Pipeline] // node
[Pipeline] End of Pipeline
ERROR: script returned exit code 1
Finished: FAILURE

Same in docker: https://github.com/docker/docker/issues/22323

relates to

JENKINS-38438 image.inside { ... } does not create full configured user account

Open

Who Care created issue - 2017-03-12 09:49

Who Care made changes - 2017-03-12 10:23

Priority

Original: Major [ 3 ]

New: Minor [ 4 ]

Mike Kobit added a comment - 2017-04-19 22:59

Seems related to https://issues.jenkins-ci.org/browse/JENKINS-38438

Mike Kobit added a comment - 2017-04-19 22:59 Seems related to https://issues.jenkins-ci.org/browse/JENKINS-38438

Jesse Glick made changes - 2017-05-08 17:08

Status

Original: Open [ 1 ]

New: In Progress [ 3 ]

Jesse Glick made changes - 2017-05-08 17:08

Status

Original: In Progress [ 3 ]

New: Open [ 1 ]

Jesse Glick made changes - 2017-05-08 17:08

Link

New: This issue relates to JENKINS-38438 [ JENKINS-38438 ]

Jesse Glick added a comment - 2017-05-08 17:08

The whoami command is not expected to work in this context.

Jesse Glick added a comment - 2017-05-08 17:08 The whoami command is not expected to work in this context.

Jesse Glick made changes - 2017-05-08 17:08

Resolution		New: Not A Defect [ 7 ]
Status	Original: Open [ 1 ]	New: Resolved [ 5 ]

Assignee:: Unassigned

Reporter:: Who Care

Votes:: 0 Vote for this issue

Watchers:: 4 Start watching this issue

Created:: 2017-03-12 09:49

Updated:: 2017-05-08 17:08

Resolved:: 2017-05-08 17:08

Jenkins

Details

Description

Attachments

Issue Links

Activity

Collapse comment: Mike Kobit added a comment - 2017-04-19 22:59

Expand comment: Mike Kobit added a comment - 2017-04-19 22:59

Collapse comment: Jesse Glick added a comment - 2017-05-08 17:08

Expand comment: Jesse Glick added a comment - 2017-05-08 17:08

People

Dates