[JIRA] (JENKINS-59937) Container and Pod template runAsGroup and runAsUser default to root on config roundtrip

13 views
Skip to first unread message

kyle.cronin@adp.com (JIRA)

unread,
Oct 25, 2019, 12:09:05 PM10/25/19
to jenkinsc...@googlegroups.com
Kyle Cronin created an issue
 
Jenkins / Bug JENKINS-59937
Container and Pod template runAsGroup and runAsUser default to root on config roundtrip
Issue Type: Bug Bug
Assignee: Unassigned
Components: kubernetes-plugin
Created: 2019-10-25 16:08
Environment: kubernetes-plugin=1.20.2
Labels: kubernetes-plugin
Priority: Major Major
Reporter: Kyle Cronin

version 1.20.2 introduced runAsUser and runAsGroup properties but the config round trip defaults the value to 0 which is the root user. This is probably not what is intended and happens to breaks certain environments where the containers are expected to run with default user and group ids. This can be demonstrated with a simple test in KubernetesCloudTest.java

@Test
    public void defaultRoundTrip() throws Exception {
        KubernetesCloud cloud = new KubernetesCloud("kubernetes");
        ContainerTemplate ct = new ContainerTemplate("jnlp", "jenkins:jnlp");
        assertNull(ct.getRunAsUser());
        assertNull(ct.getRunAsGroup());
        PodTemplate pt = new PodTemplate("default", new ArrayList<>(), Arrays.asList(ct));
        cloud.addTemplate(pt);
        j.jenkins.clouds.add(cloud);
        j.jenkins.save();
        // roundtrip
        j.configRoundtrip();
        cloud = j.jenkins.clouds.get(KubernetesCloud.class);
        PodTemplate podTemplate = cloud.getTemplates().get(0);
        assertNull(podTemplate.getRunAsGroup());
        assertNull(podTemplate.getRunAsUser());
        ContainerTemplate containerTemplate = podTemplate.getContainers().get(0);
        assertNull(podTemplate.getRunAsUser());
        assertNull(containerTemplate.getRunAsUser());
    }
Add Comment Add Comment
 
This message was sent by Atlassian Jira (v7.13.6#713006-sha1:cc4451f)
Atlassian logo

kyle.cronin@adp.com (JIRA)

unread,
Oct 28, 2019, 5:02:03 PM10/28/19
to jenkinsc...@googlegroups.com
Kyle Cronin commented on Bug JENKINS-59937
 
Re: Container and Pod template runAsGroup and runAsUser default to root on config roundtrip

This appears to be the default behavior of Stapler for Long types.

kyle.cronin@adp.com (JIRA)

unread,
Oct 28, 2019, 5:23:02 PM10/28/19
to jenkinsc...@googlegroups.com
Kyle Cronin edited a comment on Bug JENKINS-59937
This appears to be the default behavior of Stapler for Long types. [~vlatombe] I can submit a fix for this, I just don't know how to make Stapler do the right thing. I tried looking at the stapler docs and code but nothing was really helpful, do you have any suggestions?

vincent@latombe.net (JIRA)

unread,
Oct 29, 2019, 5:15:29 AM10/29/19
to jenkinsc...@googlegroups.com

Hi Kyle Cronin I submitted a fix for this using String instead of Long for getter/setter. Not sure if changing default stapler behaviour is the right thing as others may rely on current behaviour.

vincent@latombe.net (JIRA)

unread,
Oct 30, 2019, 11:05:03 AM10/30/19
to jenkinsc...@googlegroups.com
Vincent Latombe assigned an issue to Vincent Latombe
 
Change By: Vincent Latombe
Assignee: Vincent Latombe

vincent@latombe.net (JIRA)

unread,
Oct 30, 2019, 11:05:04 AM10/30/19
to jenkinsc...@googlegroups.com
Vincent Latombe resolved as Fixed
Change By: Vincent Latombe
Status: Open Resolved
Resolution: Fixed
Released As: kubernetes-1.21.0
Reply all
Reply to author
Forward
0 new messages