0

I am running Jenkins within a Docker container on a remote server. In one of my pipelines I am using a Yocto build container to build a image. In this case I have to change the user, because Bitbake does not allow building with root privileges. Unfortunately when I am switching users Jenkins gets stuck during the build stage:

[Pipeline] {
[Pipeline] sh (hide)
process apparently never started in /home/jenkins/workspace/<project>/durable-01a92f6b
(running Jenkins temporarily with Dorg.jenkinsci.plugins.durabletask.BourneShellScript.LAUNCH_DIAGNOSTICS=true might make the problem clearer)
[Pipeline] }

My pipeline looks something like this

pipeline {
agent {
    docker {
        image '<image>/yocto:dunfell'
        args '-u jenkins'
    }
}
stages {
    stage('Build Image') {
        steps {
            sh label: '', script: '''#!/bin/bash
            source /home/jenkins/yocto/setup-env
            bitbake core-image-minimal
            '''
        }
    }
}
}

The user jenkins is available within the Docker container running Jenkins and within the container performing the Yocto build.

Any ideas on resolving this problem? Thanks!

Edit: I solved this issue by using a workaround. I removed args '-u jenkins' and the container starts using root. In the script I call the commands which requires no root privileges with

sudo --user=<other-user> /bin/bash -c "<command>"

It works but changing the user beforehand would be preferred.

GeorgUr
  • 61
  • 6
  • `source` is not a standard Bourne shell command. Unless Jenkins is writing out that script and executing it as-is, you'll potentially get an error around that (`sh -c '...'` or `sh temp_script.sh` both might not run bash). Do you mean `. yocto/setup-env` instead? Does the suggested Jenkins diagnostic option give you any clearer output? – David Maze Oct 11 '22 at 11:14

1 Answers1

0

For short story, removing args '-u jenkins' should address your issue.

For long story, In following cases, jenkin automatically extends -u <agent's current user> to start container, and you can only use -u root to override it. Using -u <non-root user> will get pipeline stuck.

Case 1. use docker for pipeline/stage agent

agent {
    docker {
        image '<image>/yocto:dunfell'
        args '-u jenkins' // you can only use root here, 
                          // using other user, jenkins get stuck.
        
    }
}

Case 2. use docker.inside() to start container

docker.image('python:3')
      .inside('-u root') // only root user is allowed.
{
   sh '<put cmd executed in container here>'
}
yong
  • 13,357
  • 1
  • 16
  • 27