-
Type:
Bug
-
Resolution: Fixed
-
Priority:
Minor
-
Component/s: kubernetes-plugin
-
None
use case:
pipeline
podTemplate(label: 'jenkpod', containers: [ containerTemplate(name: 'golang', image: 'golang:1.8', ttyEnabled: true, command: 'cat') ], volumes: [ secretVolume(secretName: 'jenkins-key-secret', mountPath: '/root/.ssh') ]) { node ('jenkpod') { container('golang') { stage('Pre-Build') { sh 'ls -al /root/.ssh' sh 'ssh -vT -i /root/.ssh/ssh-publickey -o "StrictHostKeyChecking=no" git@github.com' } } } }
snippet of generated yaml
- apiVersion: v1
kind: Pod
metadata:
spec:
containers:
- command:
- cat
env:
- name: JENKINS_LOCATION_URL
value: http://
- name: HOME
value: /home/jenkins
image: golang:1.8
name: golang
tty: true
volumeMounts:
- mountPath: /root/.ssh
name: volume-0
- mountPath: /home/jenkins
name: workspace-volume
- mountPath: /var/run/secrets/kubernetes.io/serviceaccount
name: default-token
readOnly: true
workingDir: /home/jenkins
volumes:
- name: volume-0
secret:
defaultMode: 420
secretName: jenkins-key-secret
- emptyDir: {}
name: workspace-volume
- name: default-token
secret:
defaultMode: 420
secretName: default-token
NOTE: at the moment, I think becuase of this bug, the keys are also too open, and so I need to run this before using the key:
sh 'find /root/.ssh -type f -exec chmod 400 {} \;'
- is duplicated by
-
JENKINS-49641 Add Secret files permissions
-
- Resolved
-
- is related to
-
-
- Resolved
-
