Jenkins docker pipeline not passing exit codes

Question

we had some issues with jenkins docker stages, where they needed to be run with root permissions (args root:root). At this time, I'm not 100% recalling why they made this decision, but I couldn't get around it a few months ago.

The issue we mainly ran into with root:root was that jenkins couldn't clean up after itself, as the docker filesystem was owned by root user.

So, I created created some mascarade commands in my global groovy library

def container_init (myUserId) {
    sh( returnStdout: true, script: """/usr/sbin/useradd -u ${myUserId} dummy;""").trim()
}
def command (input) {
    sh( returnStdout: true, script: """su dummy -c '${input}';""").trim()
}

The problem now is that some of these docker_mask.command() are not passing exit code from failed e2e tests or even failed terraform deployments. Some are passing and positively exciting, but it's inconsistent.

Anything I can do to get positive exits?

Answer 1

tldr

the exit code youre wanting/expecting is getting swallowed by the su command.

long version

Basically, your exit code will always be 0 because you were successfully able to switch to the dummy user.

the "quick and dirty" way around this problem is to do something like

su dummy -c '${input}; exit $?'

which should bubble up the exit code you were expecting.

relavent:

• How to get the return value of a script called with su

caveat:

I'm assuming you're attempting to work around some of the challenges described here: https://github.com/jenkinsci/docker-workflow-plugin/pull/57

My unsolicited $0.02 is there are many pitfalls/"footguns" around this approach and adding the shenanigans that Jenkins and Docker introduce doesn't help. Relying on just the exit codes will be unpredictable, hard to debug, or nearly impossible to cancel jobs cleanly (at least in my experience 🥲) so plz be cautious with whatever solution you find.