don’t force user when container starts #25
Conversation
ndeloof
changed the title
-user option was introduced into docker-exec in 1.7.0
|
@reviewbybees |
|
This pull request originates from a CloudBees employee. At CloudBees, we require that all pull requests be reviewed by other CloudBees employees before we seek to have the change accepted. If you want to learn more about our process please see this explanation. |
|
Thank you for this pull request! Please check this document for how the Jenkins project handles pull requests. |
| argb.add("run", "-t", "-d", "-u", user); | ||
| argb.add("run", "-t", "-d"); | ||
| if (user != null) { | ||
| argb.add("-u", user); |
There was a problem hiding this comment.
Could just delete this parameter, assuming there is no other use.
|
I think if I read this correctly, it won't pose an issue for docker.inside because the Decorator is still fetching the current UID (needed for the workspace mounting). However there are options to run without a supplied user id. There's some complexity in the groovy that invokes these though, which I don't 100% follow. @ndeloof is this accurate? |
|
Is this addressing JENKINS-34289? |
|
assuming JENKINS-34289 is about entrypoint running some commands the forced user can't execute, this indeed would solve it. |
|
Yeah, I think that was only part of the issue... because I worked around it by creating the correct user/group in the container before running it. |
If you can
|
|
sounds good, i'll likely start working on this tomorrow. |
|
+1 for this. If I may, what's the status of it? |
|
This would be really handy. +1 |
|
Superseded by #60 I suppose. |
|
#57 I meant of course. |
container may have been designed to start some services used during the build which won't support arbitrary user:group set by jenkins.
-useroption was introduced into docker-exec in 1.7.0