-
Bug
-
Resolution: Not A Defect
-
Minor
-
None
-
Jenkins 2.73.1, Kubernetes Plugin 1.0, Kubernetes 1.7.4
Attempting to execute sh command within container step fails when the image user is not root.
Replicate by running pipeline:
podTemplate(name: 'my-pod', label: 'my-pod', containers: [ containerTemplate(name: 'kubectl-cmd', image: 'wernight/kubectl:1.6.4', ttyEnabled: true, command: 'cat', args:null)]) { node('my-pod') { stage('Test command') { container('kubectl-cmd') { sh 'whoami' } } } }
`sh 'whoami'` does not successfully run, and the job fails with message: "ERROR: script returned exit code -2 "
The image being run is here.
I created a modified version of the image where simply "User kubectl" is removed. The job then runs as expected.
- duplicates
-
JENKINS-47827 Support passing a user/uid into containerTemplate
-
- Resolved
-
- is related to
-
-
- Closed
-
-
JENKINS-46055 "dir" fails to use existing directory owned by root
-
- Open
-
[JENKINS-47389] sh step within container step does not work when user is non-root
| Attachment | New: job-debug-logs.txt [ 40005 ] |
Attached debug log for what I believe are relevant entries during job execution.
Note, there may be some noise from other concurrent jobs running.
Lionel Orellana
made changes -
| Comment |
[ I see the same thing running on Openshift 3.6, Jenkins 2.90, Kuberneter Plugin 1.1. The issue has something to do with JNLP4. If I change the jnlp container image to jenkins/jnlp-slave:2.62-alpine and enable JNLP2 in Jenkins it works. ] |
J Knurek
made changes -
| Link |
New:
This issue is related to |
J Knurek
made changes -
| Link | New: This issue is related to JENKINS-46055 [ JENKINS-46055 ] |
so this is the error, can you try making your image user be uid 1000 ?
[non-root-container] Running shell script
sh: can't create /home/jenkins/workspace/non-root-container@tmp/durable-bf906406/jenkins-log.txt: Permission denied
sh: can't create /home/jenkins/workspace/non-root-container@tmp/durable-bf906406/jenkins-result.txt.tmp: Permission denied
mv: can't rename '/home/jenkins/workspace/non-root-container@tmp/durable-bf906406/jenkins-result.txt.tmp': No such file or directory
touch: /home/jenkins/workspace/non-root-container@tmp/durable-bf906406/jenkins-log.txt: Permission denied
touch: /home/jenkins/workspace/non-root-container@tmp/durable-bf906406/jenkins-log.txt: Permission denied
touch: /home/jenkins/workspace/non-root-container@tmp/durable-bf906406/jenkins-log.txt: Permission denied
touch: /home/jenkins/workspace/non-root-container@tmp/durable-bf906406/jenkins-log.txt: Permission denied
touch: /home/jenkins/workspace/non-root-container@tmp/durable-bf906406/jenkins-log.txt: Permission denied
touch: /home/jenkins/workspace/non-root-container@tmp/durable-bf906406/jenkins-log.txt: Permission denied
touch: /home/jenkins/workspace/non-root-container@tmp/durable-bf906406/jenkins-log.txt: Permission denied
process apparently never started in /home/jenkins/workspace/non-root-container@tmp/durable-bf906406
| Assignee | Original: Carlos Sanchez [ csanchez ] |
csanchez I'm running into this issue as well; I'd be more then happy to help fix the issue if you can point to the right place in the Kubernetes-plugin code;
debug logs please ? https://github.com/jenkinsci/kubernetes-plugin#debugging