-
Bug
-
Resolution: Unresolved
-
Minor
-
Jenkins: 2.375.3
OS: Linux - 5.10.0-19-amd64
Java: 11.0.18 - Eclipse Adoptium (OpenJDK 64-Bit Server VM)
---
kubernetes:3927.v04b_e3630225d
kubernetes-client-api:6.4.1-215.v2ed17097a_8e9
kubernetes-credentials:0.10.0
steps to reproduce:
- add new kubernetes , add a new pod template in settings-configure clouds
- set yaml field in the new pod template
- start a new pipeline, to see if the yaml is merged into the provisioned pod.
yaml field:
apiVersion: "v1" kind: "Pod" metadata: namespace: "qaci" spec: containers: - name: jnlp volumeMounts: - name: ssl-certs mountPath: /etc/ssl/certs readOnly: true volumes: - name: ssl-certs hostPath: path: /etc/ssl/certs
pipeline:
pipeline{
agent {
kubernetes {
inheritFrom "test"
yaml """
apiVersion: v1
kind: Pod
spec:
containers:
- name: python
image: docker.io/library/python:3.10
tty: true
resources:
limits:
cpu: 1
memory: 1Gi
requests:
cpu: 100m
memory: 128M
"""
}
}
stages{
stage('test') {
steps {
echo "hello"
}
}
}
}
expect:
jnlp container should have an extra mount named `ssl-certs`
actual:
jnlp container does not have an extra mount named `ssl-certs`, only workspace mount is present.
Agent pipeline-test-temp-branch-12-s4tms-g0lz4-lj9cw is provisioned from template pipeline-test_temp-branch_12-s4tms-g0lz4 --- apiVersion: "v1" kind: "Pod" metadata: annotations: buildUrl: "http://jenkins:8080/job/pipeline-test/job/temp-branch/12/" runUrl: "job/pipeline-test/job/temp-branch/12/" labels: jenkins: "slave" jenkins/label-digest: "0debecf5fa832b5f8b5e3dee52ddb51ad00b504c" jenkins/label: "pipeline-test_temp-branch_12-s4tms" name: "pipeline-test-temp-branch-12-s4tms-g0lz4-lj9cw" namespace: "qaci" spec: containers: - image: "docker.io/library/python:3.10" name: "python" resources: limits: cpu: "1" memory: "1Gi" requests: cpu: "100m" memory: "128M" tty: true volumeMounts: - mountPath: "/home/jenkins/agent" name: "workspace-volume" readOnly: false - env: - name: "JENKINS_SECRET" value: "********" - name: "JENKINS_TUNNEL" value: "jenkins-agent:50000" - name: "JENKINS_AGENT_NAME" value: "pipeline-test-temp-branch-12-s4tms-g0lz4-lj9cw" - name: "JENKINS_NAME" value: "pipeline-test-temp-branch-12-s4tms-g0lz4-lj9cw" - name: "JENKINS_AGENT_WORKDIR" value: "/home/jenkins/agent" - name: "JENKINS_URL" value: "http://jenkins:8080/" image: "jenkins/inbound-agent:3107.v665000b_51092-5" name: "jnlp" resources: requests: memory: "256Mi" cpu: "100m" volumeMounts: - mountPath: "/home/jenkins/agent" name: "workspace-volume" readOnly: false hostNetwork: false nodeSelector: kubernetes.io/os: "linux" restartPolicy: "Never" volumes: - emptyDir: medium: "" name: "workspace-volume"
extra volumeMounts is useful when injecting ca into the agent container, many service would require a ca mounted or installed, mounting it using hostPath would be a very convenient solution.
[JENKINS-71168] Failed to set mounts and volumeMounts of jnlp container using yaml field in podtemplate
| Description |
Original:
steps to reproduce:
# add new kubernetes , add a new pod template in settings-configure clouds # set yaml field in the new pod template # start a new pipeline, to see if the yaml is merged into the provisioned pod. yaml field: {code:java} apiVersion: "v1" kind: "Pod" metadata: namespace: "qaci" spec: containers: - name: jnlp volumeMounts: - name: ssl-certs mountPath: /etc/ssl/certs readOnly: true volumes: - name: ssl-certs hostPath: path: /etc/ssl/certs{code} pipeline: {code:java} pipeline{ agent { kubernetes { inheritFrom "test" yaml """ apiVersion: v1 kind: Pod spec: containers: - name: python image: docker.io/library/python:3.10 tty: true resources: limits: cpu: 1 memory: 1Gi requests: cpu: 100m memory: 128M """ } } stages{ stage('test') { steps { echo "hello" } } } } {code} expect: jnlp container should have an extra mount named `ssl-certs` actual: jnlp container does not have an extra mount named `ssl-certs`, only workspace mount is present. {code:java} Agent pipeline-test-temp-branch-12-s4tms-g0lz4-lj9cw is provisioned from template pipeline-test_temp-branch_12-s4tms-g0lz4 --- apiVersion: "v1" kind: "Pod" metadata: annotations: buildUrl: "http://jenkins:8080/job/pipeline-test/job/temp-branch/12/" runUrl: "job/pipeline-test/job/temp-branch/12/" labels: jenkins: "slave" jenkins/label-digest: "0debecf5fa832b5f8b5e3dee52ddb51ad00b504c" jenkins/label: "pipeline-test_temp-branch_12-s4tms" name: "pipeline-test-temp-branch-12-s4tms-g0lz4-lj9cw" namespace: "qaci" spec: containers: - image: "docker.io/library/python:3.10" name: "python" resources: limits: cpu: "1" memory: "1Gi" requests: cpu: "100m" memory: "128M" tty: true volumeMounts: - mountPath: "/home/jenkins/agent" name: "workspace-volume" readOnly: false - env: - name: "JENKINS_SECRET" value: "********" - name: "JENKINS_TUNNEL" value: "jenkins-agent:50000" - name: "JENKINS_AGENT_NAME" value: "pipeline-test-temp-branch-12-s4tms-g0lz4-lj9cw" - name: "JENKINS_NAME" value: "pipeline-test-temp-branch-12-s4tms-g0lz4-lj9cw" - name: "JENKINS_AGENT_WORKDIR" value: "/home/jenkins/agent" - name: "JENKINS_URL" value: "http://jenkins:8080/" image: "jenkins/inbound-agent:3107.v665000b_51092-5" name: "jnlp" resources: requests: memory: "256Mi" cpu: "100m" volumeMounts: - mountPath: "/home/jenkins/agent" name: "workspace-volume" readOnly: false hostNetwork: false nodeSelector: kubernetes.io/os: "linux" restartPolicy: "Never" volumes: - emptyDir: medium: "" name: "workspace-volume" {code} extra volumeMounts is useful when injecting ca into the agent container, many service would require a ca mounted or installed, mounting it using hostPath would be a very convinient solution. |
New:
steps to reproduce:
# add new kubernetes , add a new pod template in settings-configure clouds # set yaml field in the new pod template # start a new pipeline, to see if the yaml is merged into the provisioned pod. yaml field: {code:java} apiVersion: "v1" kind: "Pod" metadata: namespace: "qaci" spec: containers: - name: jnlp volumeMounts: - name: ssl-certs mountPath: /etc/ssl/certs readOnly: true volumes: - name: ssl-certs hostPath: path: /etc/ssl/certs{code} pipeline: {code:java} pipeline{ agent { kubernetes { inheritFrom "test" yaml """ apiVersion: v1 kind: Pod spec: containers: - name: python image: docker.io/library/python:3.10 tty: true resources: limits: cpu: 1 memory: 1Gi requests: cpu: 100m memory: 128M """ } } stages{ stage('test') { steps { echo "hello" } } } } {code} expect: jnlp container should have an extra mount named `ssl-certs` actual: jnlp container does not have an extra mount named `ssl-certs`, only workspace mount is present. {code:java} Agent pipeline-test-temp-branch-12-s4tms-g0lz4-lj9cw is provisioned from template pipeline-test_temp-branch_12-s4tms-g0lz4 --- apiVersion: "v1" kind: "Pod" metadata: annotations: buildUrl: "http://jenkins:8080/job/pipeline-test/job/temp-branch/12/" runUrl: "job/pipeline-test/job/temp-branch/12/" labels: jenkins: "slave" jenkins/label-digest: "0debecf5fa832b5f8b5e3dee52ddb51ad00b504c" jenkins/label: "pipeline-test_temp-branch_12-s4tms" name: "pipeline-test-temp-branch-12-s4tms-g0lz4-lj9cw" namespace: "qaci" spec: containers: - image: "docker.io/library/python:3.10" name: "python" resources: limits: cpu: "1" memory: "1Gi" requests: cpu: "100m" memory: "128M" tty: true volumeMounts: - mountPath: "/home/jenkins/agent" name: "workspace-volume" readOnly: false - env: - name: "JENKINS_SECRET" value: "********" - name: "JENKINS_TUNNEL" value: "jenkins-agent:50000" - name: "JENKINS_AGENT_NAME" value: "pipeline-test-temp-branch-12-s4tms-g0lz4-lj9cw" - name: "JENKINS_NAME" value: "pipeline-test-temp-branch-12-s4tms-g0lz4-lj9cw" - name: "JENKINS_AGENT_WORKDIR" value: "/home/jenkins/agent" - name: "JENKINS_URL" value: "http://jenkins:8080/" image: "jenkins/inbound-agent:3107.v665000b_51092-5" name: "jnlp" resources: requests: memory: "256Mi" cpu: "100m" volumeMounts: - mountPath: "/home/jenkins/agent" name: "workspace-volume" readOnly: false hostNetwork: false nodeSelector: kubernetes.io/os: "linux" restartPolicy: "Never" volumes: - emptyDir: medium: "" name: "workspace-volume" {code} extra volumeMounts is useful when injecting ca into the agent container, many service would require a ca mounted or installed, mounting it using hostPath would be a very convenient solution. |