1

Currently I'm trying to run a container inside jenkins, to make calls to an aws ecr to find the latest image. To do this I need to set aws configure parameters, however I am at a loss why this doesn't work as the container is running as root as the USER command hasn't been defined.

However whenever I run the container I receive the following message

+ docker inspect -f . mikesir87/aws-cli
.
[Pipeline] withDockerContainer
Jenkins does not seem to be running inside a container
$ docker run -t -d -u 112:114 -w /var/lib/jenkins/workspace/xxxx@2 -v /var/lib/jenkins/workspace/xxxx@2:/var/lib/jenkins/workspace/xxxx@2:rw,z -v /var/lib/jenkins/workspace/xxxx@2@tmp:/var/lib/jenkins/workspace/xxxx@2@tmp:rw,z -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** mikesir87/aws-cli cat
$ docker top de3435a8a54f6afa42f8136a57ec67b2720c655328f1aadc0addeb412a92240f -eo pid,comm
[Pipeline] {
[Pipeline] script
[Pipeline] {
[Pipeline] sh
+ pwd
/var/lib/jenkins/workspace/xxxx@2
[Pipeline] sh
+ aws configure set aws_access_key_id key
[Errno 13] Permission denied: '/.aws'

What I don't understand is if I try and launch this container from bash I don't get this permission denied error. See below for jenkinsfile

        stage('Check Container Version')
        {
            agent
            {
                docker { image 'mikesir87/aws-cli' }
            }
            steps
            {
                script
                {
                    sh '''pwd'''
                    sh ''' aws configure set aws_access_key_id key'''

                }
            }
        }

The container was grabbed from docker hub and below is the dockerfile

FROM python:alpine

ARG CLI_VERSION=1.18.37

RUN apk -uv add --no-cache groff jq less && \
    pip install --no-cache-dir awscli==$CLI_VERSION

WORKDIR /aws

CMD sh
Improve this question

1 Answer 1

Reset to default
3

The container is not actually running with the root user inside when executed as a Docker agent in Jenkins Pipeline. You can notice in the Pipeline output above that:

docker run -t -d -u 112:114 ...

Since you want to work around the permissions issue with running the container with the root user inside, you can modify the agent arguments to allow this:

agent {
  docker { image 'mikesir87/aws-cli'
           args '-u root:root' 
  }
}

and then your container user should have the permissions necessary for the AWS configure.

Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

Cheers Matt just noticed it myself aswell = facepalm. But least someone else who see this problem won't hit the same problem.
@ION I had a really similar problem myself months ago, so you are certainly not alone, and it was why Ii recognized what was going on.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.