Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-57369

Docker build-args incorrectly rejected and successful build marked failed

    • docker-workflow 1.19

      Combination of two issues here.

      1. According to Docker's docs, running docker build --build-arg VARIABLE should be equivalent to docker build --build-arg VARIABLE=${VARIABLE}. However, the Docker Pipeline plugin throws an exception if this usage is passed to docker.build in a pipeline. (See attached Jenkinsfile and log).
      2. As shown in the log, these arguments are passed to the Docker client and the image builds fine. Only after this has happened is the exception logged and the build is marked as failed, despite the successful Docker build.

      A workaround would be to just use --build-arg SSH_KEY="${env.SSH_KEY}", but as this would result in the private key being printed to the build logs I'm not really happy with that approach.

        1. buildlog
          2 kB
        2. Jenkinsfile
          0.5 kB

          [JENKINS-57369] Docker build-args incorrectly rejected and successful build marked failed

          Jack Peterson added a comment -

          I'm going to +1 this issue as a totally annoying problem here as I'm working on using Jenkins Dockerfiles that depend on an upstream private image as well as a private-key needing to be passed in in order to perform git clones of private repositories as part of a dependency management step in the primary Dockerfile. I too don't like how the credentials get displayed willy-nilly as soon as they become multiline parameters.

           

          pipeline {
              agent none
          ...
          
             environment {
                  GITHUB_SSH_PRIVATE_KEY=credentials('github_ssh_key')
                  DOCKER_REGISTRY_CREDENTIALS=credentials('dockerhub')
              }
          ...
              stages {
                  stage("run unit tests") {
                      agent {
                         dockerfile {
                             filename "Dockerfile"
                             additionalBuildArgs "--build-arg SSH_PRIVATE_KEY=\"${env.GITHUB_SSH_PRIVATE_KEY}\""
                             registryCredentialsId 'dockerhub'
                         }
                     }
                     steps {
                         sh '//commands run here'
                     }
          

           

           

           

           

          Jack Peterson added a comment - I'm going to +1 this issue as a totally annoying problem here as I'm working on using Jenkins Dockerfiles that depend on an upstream private image as well as a private-key needing to be passed in in order to perform git clones of private repositories as part of a dependency management step in the primary Dockerfile. I too don't like how the credentials get displayed willy-nilly as soon as they become multiline parameters.   pipeline { agent none ... environment { GITHUB_SSH_PRIVATE_KEY=credentials( 'github_ssh_key' ) DOCKER_REGISTRY_CREDENTIALS=credentials( 'dockerhub' ) } ... stages { stage( "run unit tests" ) { agent { dockerfile { filename "Dockerfile" additionalBuildArgs "--build-arg SSH_PRIVATE_KEY=\" ${env.GITHUB_SSH_PRIVATE_KEY}\"" registryCredentialsId 'dockerhub' } } steps { sh ' //commands run here' }        

          Peter Niederlag added a comment - Here is a PR that fixes the problem: https://github.com/jenkinsci/docker-workflow-plugin/pull/178

          Eli Treuherz added a comment -

          Thanks for working on this jugglefish. I've submitted some comments on the PR

          Eli Treuherz added a comment - Thanks for working on this jugglefish . I've submitted some comments on the PR

          Thx for your feedback treuherz I tried to reply yor comments in code. It seems IsMapWithSize is not available without further work (hamcrest 1.3 limit?). I'd suggest to keep changes on the tests in line with all tests in the class.

          It'd be very great if someone with insight could check on handling the value on the argMap https://github.com/jenkinsci/docker-workflow-plugin/pull/178#pullrequestreview-256220189

          Peter Niederlag added a comment - Thx for your feedback treuherz I tried to reply yor comments in code. It seems IsMapWithSize is not available without further work (hamcrest 1.3 limit?). I'd suggest to keep changes on the tests in line with all tests in the class. It'd be very great if someone with insight could check on handling the value on the argMap https://github.com/jenkinsci/docker-workflow-plugin/pull/178#pullrequestreview-256220189

          Devin Nusbaum added a comment -

          A fix for this issue was just released in Docker Pipeline plugin version 1.19. From the release notes: 

          Deprecate the dockerFingerprintFrom and dockerFingerprintRun steps and stop calling them during docker.build and image.run. Fixes various issues with Dockerfile parsing and parsing arguments to docker build.

          Devin Nusbaum added a comment - A fix for this issue was just released in Docker Pipeline plugin version 1.19. From the release notes:  Deprecate the  dockerFingerprintFrom  and  dockerFingerprintRun  steps and stop calling them during  docker.build  and  image.run . Fixes various issues with Dockerfile parsing and parsing arguments to  docker build .

            Unassigned Unassigned
            treuherz Eli Treuherz
            Votes:
            2 Vote for this issue
            Watchers:
            4 Start watching this issue

              Created:
              Updated:
              Resolved: