-
Bug
-
Resolution: Fixed
-
Major
-
kubernetes-plugin=1.20.2
-
-
kubernetes-1.21.0
version 1.20.2 introduced runAsUser and runAsGroup properties but the config round trip defaults the value to 0 which is the root user. This is probably not what is intended and happens to breaks certain environments where the containers are expected to run with default user and group ids. This can be demonstrated with a simple test in KubernetesCloudTest.java
@Test
public void defaultRoundTrip() throws Exception {
KubernetesCloud cloud = new KubernetesCloud("kubernetes");
ContainerTemplate ct = new ContainerTemplate("jnlp", "jenkins:jnlp");
assertNull(ct.getRunAsUser());
assertNull(ct.getRunAsGroup());
PodTemplate pt = new PodTemplate("default", new ArrayList<>(), Arrays.asList(ct));
cloud.addTemplate(pt);
j.jenkins.clouds.add(cloud);
j.jenkins.save();
// roundtrip
j.configRoundtrip();
cloud = j.jenkins.clouds.get(KubernetesCloud.class);
PodTemplate podTemplate = cloud.getTemplates().get(0);
assertNull(podTemplate.getRunAsGroup());
assertNull(podTemplate.getRunAsUser());
ContainerTemplate containerTemplate = podTemplate.getContainers().get(0);
assertNull(podTemplate.getRunAsUser());
assertNull(containerTemplate.getRunAsUser());
}
- is caused by
-
JENKINS-47827 Support passing a user/uid into containerTemplate
-
- Resolved
-
- links to
[JENKINS-59937] Container and Pod template runAsGroup and runAsUser default to root on config roundtrip
Hi kylecronin I submitted a fix for this using String instead of Long for getter/setter. Not sure if changing default stapler behaviour is the right thing as others may rely on current behaviour.
This appears to be the default behavior of Stapler for Long types. vlatombe I can submit a fix for this, I just don't know how to make Stapler do the right thing. I tried looking at the stapler docs and code but nothing was really helpful, do you have any suggestions?