[JIRA] (JENKINS-60343) java.nio.file.AccessDeniedException for specific workingDir during NodeProvision by kubernetes yaml syntax
Title: Message Title
Marslo Jiao updated an issue
Jenkins / JENKINS-60343
java.nio.file.AccessDeniedException for specific workingDir during NodeProvision by kubernetes yaml syntax
Change By:
Marslo Jiao
The docker images is using the specific user/group and home. The exact same Docker image works in {{containerTemplate}}, but will failed in {{Yaml syntax:}} {noformat}// Dockerfile...ARG user=devopsARG group=${user}ARG uid=1000ARG gid=${uid}ENV HOME=/home/${user}...{noformat} h3. Jenkinsfile for {{containerTemplate}}: {noformat}podTemplate(cloud: ' DevOps My Kubernetes', containers: [ containerTemplate(name: 'jnlp',image: 'my.artifactory.com/my-jnlp:1.0',ttyEnabled: true,privileged: false,alwaysPullImage: false,workingDir: '/home/devops',resourceRequestCpu: '256m',resourceLimitCpu: '512m',resourceRequestMemory: '512Mi',resourceLimitMemory: '1024Mi' )]) { node(POD_LABEL) {stage ('info') { echo 'yes!' sh """idwhoamiecho ${WORKSPACE}realpath ${WORKSPACE} """} }}{noformat}h3. Jenkinfile for {{Yaml syntax}}:{noformat}podTemplate( cloud: ' DevOps My Kubernetes', showRawYaml: true, namespace: 'devops-ci', yaml: """apiVersion: v1kind: Podspec: containers: - name: jnlpimage: 'my.artifactory.com/my-jnlp:1.0'workingDir: '/home/devops'resources: limits:memory: "1024Mi"cpu: "512m" requests:memory: "512Mi"cpu: "256m" """) { node(POD_LABEL) { container('jnlp') {stage('Run shell') { sh """idwhoamiecho ${WORKSPACE}realpath ${WORKSPACE} """} }}}{noformat}h3. Results:{{containerTemplate}} works perfect by specific {color:#00875a}{{workingDir}}{color}: {noformat}[Pipeline] Start of Pipeline[Pipeline] podTemplate[Pipeline] {[Pipeline] nodeStill waiting to schedule task‘Jenkins’ doesn’t have label ‘container-test_6-95vj1’Agent container-test-6-95vj1-rbxr4-lrlqc is provisioned from template Kubernetes Pod Template---apiVersion: "v1"kind: "Pod"metadata: annotations:buildUrl: "http://my-jenkins.my-ci.svc.cluster.local:8080/job/container-test/6/" labels:jenkins: "slave"jenkins/container-test_6-95vj1: "true" name: "container-test-6-95vj1-rbxr4-lrlqc"spec: containers: - env:- name: "JENKINS_SECRET" value: ""- name: "JENKINS_TUNNEL" value: "my-jenkins.my-ci.svc.cluster.local:5"- name: "JENKINS_AGENT_NAME" value: "container-test-6-95vj1-rbxr4-lrlqc"- name: "JENKINS_NAME" value: "container-test-6-95vj1-rbxr4-lrlqc"- name: "JENKINS_AGENT_WORKDIR" value: "/home/devops"- name: "JENKINS_URL" value: "http://my-jenkins.my-ci.svc.cluster.local:8080/"image: "my.artifactory.com/my-jnlp:1.0"imagePullPolicy: "IfNotPresent"name: "jnlp"resources: limits:memory: "1024Mi"cpu: "512m" requests:memory: "512Mi"cpu: "256m"securityCo
[JIRA] (JENKINS-60343) java.nio.file.AccessDeniedException for specific workingDir during NodeProvision by kubernetes yaml syntax
Title: Message Title
Marslo Jiao updated an issue
Jenkins / JENKINS-60343
java.nio.file.AccessDeniedException for specific workingDir during NodeProvision by kubernetes yaml syntax
Change By:
Marslo Jiao
The docker images is using the specific user/group and home. The exact same Docker image works in {{containerTemplate}}, but will failed in {{Yaml syntax:}} {noformat}// Dockerfile...ARG user=devopsARG group=${user}ARG uid=1000ARG gid=${uid}ENV HOME=/home/${user}...{noformat} h3. Jenkinsfile for {{containerTemplate}}: {noformat}podTemplate(cloud: 'DevOps Kubernetes', containers: [ containerTemplate(name: 'jnlp',image: 'my.artifactory.com/my-jnlp:1.0',ttyEnabled: true,privileged: false,alwaysPullImage: false,workingDir: '/home/devops',resourceRequestCpu: '256m',resourceLimitCpu: '512m',resourceRequestMemory: '512Mi',resourceLimitMemory: '1024Mi' )]) { node(POD_LABEL) {stage ('info') { echo 'yes!' sh """idwhoamiecho ${WORKSPACE}realpath ${WORKSPACE} """} }}{noformat}h3. Jenkinfile for {{Yaml syntax}}:{noformat}podTemplate( cloud: 'DevOps Kubernetes', showRawYaml: true, namespace: ' wukong devops -ci', yaml: """apiVersion: v1kind: Podspec: containers: - name: jnlpimage: 'my.artifactory.com/my-jnlp:1.0'workingDir: '/home/devops'resources: limits:memory: "1024Mi"cpu: "512m" requests:memory: "512Mi"cpu: "256m" """) { node(POD_LABEL) { container('jnlp') {stage('Run shell') { sh """idwhoamiecho ${WORKSPACE}realpath ${WORKSPACE} """} }}}{noformat}h3. Results:{{containerTemplate}} works perfect by specific {color:#00875a}{{workingDir}}{color}: {noformat}[Pipeline] Start of Pipeline[Pipeline] podTemplate[Pipeline] {[Pipeline] nodeStill waiting to schedule task‘Jenkins’ doesn’t have label ‘container-test_6-95vj1’Agent container-test-6-95vj1-rbxr4-lrlqc is provisioned from template Kubernetes Pod Template---apiVersion: "v1"kind: "Pod"metadata: annotations:buildUrl: "http://my-jenkins.my-ci.svc.cluster.local:8080/job/container-test/6/" labels:jenkins: "slave"jenkins/container-test_6-95vj1: "true" name: "container-test-6-95vj1-rbxr4-lrlqc"spec: containers: - env:- name: "JENKINS_SECRET" value: ""- name: "JENKINS_TUNNEL" value: "my-jenkins.my-ci.svc.cluster.local:5"- name: "JENKINS_AGENT_NAME" value: "container-test-6-95vj1-rbxr4-lrlqc"- name: "JENKINS_NAME" value: "container-test-6-95vj1-rbxr4-lrlqc"- name: "JENKINS_AGENT_WORKDIR" value: "/home/devops"- name: "JENKINS_URL" value: "http://my-jenkins.my-ci.svc.cluster.local:8080/"image: "my.artifactory.com/my-jnlp:1.0"imagePullPolicy: "IfNotPresent"name: "jnlp"resources: limits:memory: "1024Mi"cpu: "512m" requests:memory: "512Mi"cpu: "256m"securityCon
[JIRA] (JENKINS-60343) java.nio.file.AccessDeniedException for specific workingDir during NodeProvision by kubernetes yaml syntax
Title: Message Title
Marslo Jiao updated an issue
Jenkins / JENKINS-60343
java.nio.file.AccessDeniedException for specific workingDir during NodeProvision by kubernetes yaml syntax
Change By:
Marslo Jiao
The docker images is using the specific user/group and home. The exact same Docker image works in {{containerTemplate}}, but will failed in {{Yaml syntax:}} {noformat}// Dockerfile...ARG user=devopsARG group=${user}ARG uid=1000ARG gid=${uid}ENV HOME=/home/${user}...{noformat} h3. Using Jenkinsfile for {{containerTemplate}}: {noformat}podTemplate(cloud: 'DevOps Kubernetes', containers: [ containerTemplate(name: 'jnlp',image: 'my.artifactory.com/my-jnlp:1.0',ttyEnabled: true,privileged: false,alwaysPullImage: false,workingDir: '/home/devops',resourceRequestCpu: '256m',resourceLimitCpu: '512m',resourceRequestMemory: '512Mi',resourceLimitMemory: '1024Mi' )]) { node(POD_LABEL) {stage ('info') { echo 'yes!' sh """idwhoamiecho ${WORKSPACE}realpath ${WORKSPACE} """} }}{noformat} h3. The Jenkinfile for {{Yaml syntax}}: {noformat}podTemplate( cloud: 'DevOps Kubernetes', showRawYaml: true, namespace: 'wukong-ci', yaml: """apiVersion: v1kind: Podspec: containers: - name: jnlpimage: 'my.artifactory.com/my-jnlp:1.0'workingDir: '/home/devops'resources: limits:memory: "1024Mi"cpu: "512m" requests:memory: "512Mi"cpu: "256m" """) { node(POD_LABEL) { container('jnlp') {stage('Run shell') { sh """idwhoamiecho ${WORKSPACE}realpath ${WORKSPACE} """} }}}{noformat} h3. results Results :{{containerTemplate }} works perfect by specific {color:# FF 00875a }{{workingDir}}{color}: {noformat}[Pipeline] Start of Pipeline[Pipeline] podTemplate[Pipeline] {[Pipeline] nodeStill waiting to schedule task‘Jenkins’ doesn’t have label ‘container-test_6-95vj1’Agent container-test-6-95vj1-rbxr4-lrlqc is provisioned from template Kubernetes Pod Template---apiVersion: "v1"kind: "Pod"metadata: annotations:buildUrl: "http://my-jenkins.my-ci.svc.cluster.local:8080/job/container-test/6/" labels:jenkins: "slave"jenkins/container-test_6-95vj1: "true" name: "container-test-6-95vj1-rbxr4-lrlqc"spec: containers: - env:- name: "JENKINS_SECRET" value: ""- name: "JENKINS_TUNNEL" value: "my-jenkins.my-ci.svc.cluster.local:5"- name: "JENKINS_AGENT_NAME" value: "container-test-6-95vj1-rbxr4-lrlqc"- name: "JENKINS_NAME" value: "container-test-6-95vj1-rbxr4-lrlqc"- name: "JENKINS_AGENT_WORKDIR" value: "/home/devops"- name: "JENKINS_URL" value: "http://my-jenkins.my-ci.svc.cluster.local:8080/"image: "my.artifactory.com/my-jnlp:1.0"imagePullPolicy: "IfNotPresent"name: "jnlp"resources: limits:memory: "1024Mi"cpu: "512m" requests:
[JIRA] (JENKINS-60343) java.nio.file.AccessDeniedException for specific workingDir during NodeProvision by kubernetes yaml syntax
Title: Message Title Marslo Jiao moved an issue Jenkins / JENKINS-60343 java.nio.file.AccessDeniedException for specific workingDir during NodeProvision by kubernetes yaml syntax Change By: Marslo Jiao Project: Infrastructure Jenkins Key: INFRA JENKINS - 2370 60343 Workflow: classic default workflow JNJira + In-Review Component/s: kubernetes-plugin Component/s: docker Add Comment This message was sent by Atlassian Jira (v7.13.6#713006-sha1:cc4451f)
