Failed to set mounts and volumeMounts of jnlp container using yaml field in podtemplate

XMLWordPrintable

    • Type: Bug
    • Resolution: Unresolved
    • Priority: Minor
    • Component/s: kubernetes-plugin
    • Environment:
      Jenkins: 2.375.3
      OS: Linux - 5.10.0-19-amd64
      Java: 11.0.18 - Eclipse Adoptium (OpenJDK 64-Bit Server VM)
      ---
      kubernetes:3927.v04b_e3630225d
      kubernetes-client-api:6.4.1-215.v2ed17097a_8e9
      kubernetes-credentials:0.10.0

      steps to reproduce:

      1. add new kubernetes , add a new pod template in settings-configure clouds
      2. set yaml field in the new pod template
      3. start a new pipeline, to see if the yaml is merged into the provisioned pod.

       

      yaml field:

      apiVersion: "v1"
kind: "Pod"
metadata:
  namespace: "qaci"
spec:
  containers:
  - name: jnlp
    volumeMounts:
    - name: ssl-certs
      mountPath: /etc/ssl/certs
      readOnly: true
  volumes:
  - name: ssl-certs
    hostPath:
      path: /etc/ssl/certs

      pipeline:

      pipeline{
  agent {
    kubernetes {
      inheritFrom "test"
      yaml """
apiVersion: v1
kind: Pod
spec:
  containers:
    - name: python
      image: docker.io/library/python:3.10
      tty: true
      resources:
        limits:
          cpu: 1
          memory: 1Gi
        requests:
          cpu: 100m
          memory: 128M
      """
    }
  }
  stages{
    stage('test') {
      steps {
        echo "hello"
      }
    }
  }
}

      expect:

      jnlp container should have an extra mount named `ssl-certs`

       

      actual:

      jnlp container does not have an extra mount named `ssl-certs`, only workspace mount is present.

       

      Agent pipeline-test-temp-branch-12-s4tms-g0lz4-lj9cw is provisioned from template pipeline-test_temp-branch_12-s4tms-g0lz4
---
apiVersion: "v1"
kind: "Pod"
metadata:
  annotations:
    buildUrl: "http://jenkins:8080/job/pipeline-test/job/temp-branch/12/"
    runUrl: "job/pipeline-test/job/temp-branch/12/"
  labels:
    jenkins: "slave"
    jenkins/label-digest: "0debecf5fa832b5f8b5e3dee52ddb51ad00b504c"
    jenkins/label: "pipeline-test_temp-branch_12-s4tms"
  name: "pipeline-test-temp-branch-12-s4tms-g0lz4-lj9cw"
  namespace: "qaci"
spec:
  containers:
  - image: "docker.io/library/python:3.10"
    name: "python"
    resources:
      limits:
        cpu: "1"
        memory: "1Gi"
      requests:
        cpu: "100m"
        memory: "128M"
    tty: true
    volumeMounts:
    - mountPath: "/home/jenkins/agent"
      name: "workspace-volume"
      readOnly: false
  - env:
    - name: "JENKINS_SECRET"
      value: "********"
    - name: "JENKINS_TUNNEL"
      value: "jenkins-agent:50000"
    - name: "JENKINS_AGENT_NAME"
      value: "pipeline-test-temp-branch-12-s4tms-g0lz4-lj9cw"
    - name: "JENKINS_NAME"
      value: "pipeline-test-temp-branch-12-s4tms-g0lz4-lj9cw"
    - name: "JENKINS_AGENT_WORKDIR"
      value: "/home/jenkins/agent"
    - name: "JENKINS_URL"
      value: "http://jenkins:8080/"
    image: "jenkins/inbound-agent:3107.v665000b_51092-5"
    name: "jnlp"
    resources:
      requests:
        memory: "256Mi"
        cpu: "100m"
    volumeMounts:
    - mountPath: "/home/jenkins/agent"
      name: "workspace-volume"
      readOnly: false
  hostNetwork: false
  nodeSelector:
    kubernetes.io/os: "linux"
  restartPolicy: "Never"
  volumes:
  - emptyDir:
      medium: ""
    name: "workspace-volume"

      extra volumeMounts is useful when injecting ca into the agent container, many service would require a ca mounted or installed, mounting it using hostPath would be a very convenient solution.

            Assignee:
            Unassigned
            Reporter:
            Leo Quote
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated: