I think I'm facing the same issue. My docker image requires some init code to run as root, which is achieved by an entrypoint. The last thing the entrypoint does is to drop privileges end execute CMD, pretty similar to what's done at https://github.com/cgwalters/dockerfiles/blob/master/fdev/entrypoint.sh. Now to get that to work with Jenkins, I need to tell it to run the container as the user root, ie:
agent {
docker {
label 'docker-slave'
image DOCKER_IMAGE_NAME
args '-u root"'
}
}
With that, the entrypoint runs successfully, however I noticed that my other stages are also run as root, which is not what I want. If my understanding of the Jenkins plugin is correct, the container is brought up with "docker run ... cat", then the various stages of my Jenkinsfile are run using "docker exec ...". If that's the case, then I agree 100% with the reporter of this issue: the container should be brought up as root, then the various exec command should run as the jenkins user. It seems that it would be the perfect fit for my use-case. |