Reputation: 727
I want to run jenkins on docker and change the user access so could read the SSH key and access git. Here is sample of the dockerfile
FROM jenkins/jenkins:lts
USER root
COPY --chown=jenkins:jenkins id_rsa $JENKINS_HOME/.ssh/id_rsa
COPY --chown=jenkins:jenkins id_rsa.pub $JENKINS_HOME/.ssh/id_rsa.pub
RUN /bin/bash -c 'ls -la $JENKINS_HOME/.ssh; chmod 600 -R $JENKINS_HOME/.ssh; ls -la $JENKINS_HOME/.ssh'
The output upon build is a success, access has been changed!
Step 3/3 : RUN /bin/bash -c 'ls -la $JENKINS_HOME/.ssh; chmod 600 -R $JENKINS_HOME/.ssh; ls -la $JENKINS_HOME/.ssh'
---> Running in 137d1a4f9f6d
total 16
drwxr-xr-x 2 jenkins jenkins 4096 Jan 8 04:11 .
drwxr-xr-x 3 jenkins jenkins 4096 Jan 8 04:11 ..
-rwxr-xr-x 1 jenkins jenkins 1843 Jan 2 02:33 id_rsa
-rwxr-xr-x 1 jenkins jenkins 413 Jan 2 02:33 id_rsa.pub
total 16
drw------- 2 jenkins jenkins 4096 Jan 8 04:11 .
drwxr-xr-x 3 jenkins jenkins 4096 Jan 8 04:11 ..
-rw------- 1 jenkins jenkins 1843 Jan 2 02:33 id_rsa
-rw------- 1 jenkins jenkins 413 Jan 2 02:33 id_rsa.pub
Removing intermediate container 137d1a4f9f6d
---> 7d6334d2b044
However when I go inside the /bin/bash
the access is set to default, the chmod was not working
jenkins@f49048ec8c88:/$ ls -al /var/jenkins_home/.ssh/
total 16
drwxr-xr-x 2 jenkins jenkins 4096 Jan 8 04:25 .
drwxr-xr-x 16 jenkins jenkins 4096 Jan 8 04:26 ..
-rwxr-xr-x 1 jenkins jenkins 1843 Jan 2 02:33 id_rsa
-rwxr-xr-x 1 jenkins jenkins 413 Jan 2 02:33 id_rsa.pub
any idea why the behavior is this way?
Upvotes: 1
Views: 815
Reputation: 11243
This happened because $JENKINS_HOME
is defined as VOLUME
in jenkins:lts
base image. You can workaround this in any of the 3 ways
You can fix the permissions on host machine before building and it should work.
You can use multi stage build, change the permission and copy files from first stage
FROM jenkins/jenkins:lts as base
USER root
COPY --chown=jenkins:jenkins id_rsa /tmp/ssh_keys/
COPY --chown=jenkins:jenkins id_rsa.pub /tmp/ssh_keys/
RUN chmod 600 -R /tmp/ssh_keys
FROM jenkins/jenkins:lts
USER root
COPY --chown=jenkins:jenkins --from=base /tmp/ssh_keys $JENKINS_HOME/.ssh
Upvotes: 3
Reputation: 168
Because the command /bin/bash is just for that session. If you want it to be permanent, put it inside .profile.
Upvotes: 0