jenkins docker插件在管道中使用-u标志,怎么可能不使用 [英] jenkins docker plugin in pipeline use -u flag, how is possible to not using
问题描述
我正在使用带有docker插件的jenkins 2.89.1版本. 在声明性管道的阶段,我启动安装了ansible 2.4.x的docker容器,以运行一些剧本,如下所示:
I'm using jenkins version 2.89.1 with docker plugin. In a stage of declarative pipeline I launch a docker container with ansible 2.4.x installed in order to run some playbooks as follow:
agent {
docker {
image 'myself/ansible:1.0.3'
registryUrl 'https://my-artifactory-pro'
registryCredentialsId 'my-credentials'
args '-v /var/lib/jenkins/workspace/myworkspace:/tmp/' +
' -v /var/lib/jenkins/.ssh:/root/.ssh'
}
}
steps {
echo 'Deploying Ansible Server via docker image'
sh "ansible-playbook -i /tmp/my-inventories-path/
/my-playbooks/teardown.yaml "+
"--extra-vars 'platform=ec2
aws_access_key=${AWS_ACCESS_KEY_ID}
aws_secret_key=${AWS_SECRET_ACCESS_KEY} "+
" eip_bastion_host=${EIP_BASTION_HOST}
eip_load_balancer=${EIP_LOAD_BALANCER} '"
}
管道设法旋转docker容器并尝试执行ansible剧本,但我面临以下问题:
The pipeline manages to spin the docker container and tries to execute the ansible playbook, but I'm facing the following issue:
+ ansible-playbook -i /tmp/my-inventories/ /tmp/my-playbooks/teardown.yaml --extra-vars platform=ec2 aws_access_key=**** aws_secret_key=**** eip_bastion_host=X.X.X.X eip_load_balancer=X.X.X.X
[WARNING]: Unable to set correct type for configuration entry:
DEFAULT_LOCAL_TMP
PLAY [localhost] ***************************************************************
TASK [install_python_pip : Create pip folder] **********************************
An exception occurred during task execution. To see the full traceback, use -vvv. The error was: KeyError: 'getpwuid(): uid not found: 112'
fatal: [localhost]: FAILED! => {"msg": "Unexpected failure during module execution.", "stdout": ""}
to retry, use: --limit @/tmp/my-playbooks/teardown.retry
PLAY RECAP *********************************************************************
localhost : ok=0 changed=0 unreachable=0 failed=1
看看Jenkins日志,我看到它旋转docker容器时会以以下方式启动:
Looking at the Jenkins log I see that when it spins the docker container it launches in the following way:
docker run -t -d -u 112:116 -v /var/lib/jenkins/workspace/my-workspace --entrypoint cat myself/ansible:1.0.3
其中112是jenkins uid,而116是jenkins gid.
where the 112 is the jenkins uid and the 116 is the jenkins gid.
如果我在没有-u标志的情况下手动启动的同一容器中启动了同一个可播放的剧本,则它正常工作.
If I launch the same ansible playbook in the same container started manually without the -u flag it works properly.
然后可以 在没有该-u标志的情况下启动容器 ??? 以及为什么认为Docker容器应具有相同的uid& jenkins服务器的gid?
Then is it possible to launch the container without that -u flag ??? And why is considered that the docker container should have the same uid & gid of the jenkins server ?
非常感谢 马可
推荐答案
默认情况下,如果未指定用户,则docker将使用dockerfile中定义的用户启动容器,如果未指定,则为root. 您可以尝试通过传递默认用户来强制它:
By default, when the user is not specified, docker lauches the container with the user defined in the dockerfile which if not specified is root. You can try to force the default user by passing it:
args '-u root:root -v /var/lib/jenkins/workspace/myworkspace:/tmp/' +
' -v /var/lib/jenkins/.ssh:/root/.ssh'
这篇关于jenkins docker插件在管道中使用-u标志,怎么可能不使用的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
