使用sudo运行jenkins管道代理 [英] run jenkins pipeline agent with sudo
问题描述
我有一个在Docker容器中运行的Jenkins服务器,并且可以访问主机系统的docker,到目前为止,它运行良好.现在,我想建立一个管道来测试Docker容器中的脚本.
I have an Jenkins Server running in an docker container and have access to docker an the host system, so far it is working well. Now I want to set up a pipeline testing an script inside an docker container.
Jenkinsfile:
pipeline {
agent { docker 'nginx:1.11' }
stages {
stage('build') {
steps {
sh 'nginx -t'
}
}
}
}
错误消息:
> + docker pull nginx:1.11
>
> Warning: failed to get default registry endpoint from daemon (Got
> permission denied while trying to connect to the Docker daemon socket
> at unix:///var/run/docker.sock: Get
> http://%2Fvar%2Frun%2Fdocker.sock/v1.29/info: dial unix
> /var/run/docker.sock: connect: permission denied). Using system
> default: https://index.docker.io/v1/
>
> Got permission denied while trying to connect to the Docker daemon
> socket at unix:///var/run/docker.sock: Post
> http://%2Fvar%2Frun%2Fdocker.sock/v1.29/images/create?fromImage=nginx&tag=1.11:
> dial unix /var/run/docker.sock: connect: permission denied
>
> script returned exit code 1
我的问题是詹金斯需要使用sudo运行docker命令,但是怎么说用sudo运行该命令的代理?
My problem is that jenkins needs to run the docker command with sudo, but how to say the agent running the command with sudo?
推荐答案
我也遇到了同样的问题.在分析控制台日志之后,我发现原因是Docker Jenkins插件使用特定选项 -u 107:112 :
I have faced the same issue. After analysing the console log, I have found that the reason is that the Docker Jenkins Plugin starts a new container with a specific option -u 107:112:
...
docker run -t -d -u 107:112 ...
...
尝试了许多选项后,例如:将jenkins
添加到sudo组(由于容器中不存在jenkins
用户,因此不起作用),将USER root
添加到Dockerfile
中,...但是都不添加做到这一点.
After trying many options such as: add jenkins
to sudo group (it did not work because jenkins
user does not exist in container), add USER root
into Dockerfile
, ... but none of them do the trick.
最后,我找到了一个使用 docker agent 中的 args 覆盖 -u 选项的解决方案.这是我的 Jenkinsfile :
Finally I have found a solution that is using args in docker agent to overwrite the -u option. This is my Jenkinsfile:
pipeline {
agent {
docker {
image 'ubuntu'
args '-u root:sudo -v $HOME/workspace/myproject:/myproject'
}
}
stages {
stage("setup_env") {
steps {
sh 'apt-get update -y'
sh 'apt-get install -y git build-essential gcc cmake make'
}
}
stage("install_dependencies") {
steps {
sh 'apt-get install -y libxml2-dev'
}
}
stage("compile_dpi") {
steps {
sh 'cd /myproject && make clean && make -j4'
}
}
stage("install_dpi") {
steps {
sh 'cd /myproject && make install'
}
}
stage("test") {
steps {
sh 'do some test here'
}
}
}
post {
success {
echo 'Do something when it is successful'
bitbucketStatusNotify(buildState: 'SUCCESSFUL')
}
failure {
echo 'Do something when it is failed'
bitbucketStatusNotify(buildState: 'FAILED')
}
}
}
这里可能存在安全问题,但就我而言,这不是问题.
There's maybe a security issue here but it is not the problem in my case.
这篇关于使用sudo运行jenkins管道代理的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!