Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-57655

Can volumes-from be disabled for docker.image().inside() in a Jenkins pipeline?

      The Jenkins docker pipeline provides a very nice docker.image().inside() function. This will result in a docker run command like:

      docker run -t -d -u 1000:1000 -w /var/jenkins_home/workspace/my-job --volumes-from 30dfde62097dad7873b0c72da82f70252jefewfr72edb412c2e759303d10 -e ******** -e ******** -e ******** my-image:latest cat
      

      The `--volumes-from` parameter will provide the container with the same volumes as the main Jenkins container. So it will also expose the entire /var/jenkins_home directory.
      Sometimes I would like to execute commands in a container and only expose the current job workspace.

      Is it possible to disable/remove the `--volumes-from` parameter?

      I can add an extra `v ${WORKSPACE}:/workspace` myself as args, but I can't find a way to disable/remove the `-volumes-from` parameter.

       

      I also posted this on: https://stackoverflow.com/questions/56277847/can-volumes-from-be-disabled-for-docker-image-inside-in-a-jenkins-pipeline

          [JENKINS-57655] Can volumes-from be disabled for docker.image().inside() in a Jenkins pipeline?

          Jaeyoung Park added a comment -

          +1 

          This feature adding --volumes-from flag is only mentioned on here. https://jenkins.io/doc/book/pipeline/docker/#using-a-remote-docker-server

          When Jenkins detects that the agent is itself running inside a Docker container, it will automatically pass the --volumes-from argument to the inside container, ensuring that it can share a workspace with the agent.
          Additionally some versions of Docker Swarm do not support custom Registries.

           
          I hate "automatically" features. It's hard to find why did it happen. And hard to resolve it.
          In my case, I want to isolate "docker in docker" environment, but "--volumes-from jenkins" gives a mounted "/var/run/docker.sock".

           

          Jaeyoung Park added a comment - +1  This feature adding --volumes-from flag is only mentioned on here.  https://jenkins.io/doc/book/pipeline/docker/#using-a-remote-docker-server When Jenkins detects that the agent is itself running inside a Docker container, it will automatically pass the  --volumes-from  argument to the  inside  container, ensuring that it can share a workspace with the agent. Additionally some versions of Docker Swarm do not support custom Registries.   I hate "automatically" features. It's hard to find why did it happen. And hard to resolve it. In my case, I want to isolate "docker in docker" environment, but "--volumes-from jenkins" gives a mounted "/var/run/docker.sock".  

          Felipe Santos added a comment -

          pjo901018 I have the exact same problem in the exact same situation. I added a reference to the PR which introduced this feature.

          Felipe Santos added a comment - pjo901018 I have the exact same problem in the exact same situation. I added a reference to the PR which introduced this feature.

          Felipe Santos added a comment - - edited

          I was able to work around it but using a different socket on the Docker in Docker container, see: https://github.com/felipecrs/jenkins-agent-dind/pull/13.

          However, this seems to be a very hacky solution, I hope this issue gets fixed in the root which is the docker workflow plugin.

          Felipe Santos added a comment - - edited I was able to work around it but using a different socket on the Docker in Docker container, see: https://github.com/felipecrs/jenkins-agent-dind/pull/13. However, this seems to be a very hacky solution, I hope this issue gets fixed in the root which is the docker workflow plugin.

            Unassigned Unassigned
            pietervogelaar Pieter Vogelaar
            Votes:
            5 Vote for this issue
            Watchers:
            4 Start watching this issue

              Created:
              Updated: