Develop Reference

Jenkins does not run docker container as agent

I am new to Jenkins. Sorry if my question is basic.
I am trying to use Jenkins inside a container using the following command:
docker run --name jenkins --privileged -u root -d -p 8080:8080 -p 50000:50000 -v /var/run/docker.sock:/var/run/docker.sock:Z -v $(which docker):/usr/bin/docker -v jenkins_home:/var/jenkins_home jenkins/jenkins:lts
and after initializing Jenkins by its web page on localhost:8080, I installed docker pipeline and docker plugin plugins and restarted container. Then I created a multibranch pipeline and used my repositories to pull code from. The jenkins file in my repo:
pipeline {
agent {
docker {
image 'python'
}
}
stages {
stage('build') {
steps {
sh 'python --version'
}
}
}
}
However, at first, it didn't work due to some permission problems with docker. I noticed that docker socket inside the container had a uid and gid of nobody. Then I tried to change docker permission in my host machine to 666. Then, it no longer had the permission problem. But, still it doesn't run python --version command inside the container. I have also to add --entrypoint= as args inside jenkins file, -it entrypoint=/bin/bash, -u root. But none of them worked. Here are the logs of jenkins:
Started by user sobhan
07:20:29 Connecting to https://api.github.com using sobhansaf/******
Obtained Jenkinsfile from 2bd22bad5bfca8114cd9d98cc4f56b3915dd012e
[Pipeline] Start of Pipeline
[Pipeline] node
Running on Jenkins in /var/jenkins_home/workspace/mypipe_main
[Pipeline] {
[Pipeline] stage
[Pipeline] { (Declarative: Checkout SCM)
[Pipeline] checkout
The recommended git tool is: NONE
using credential cd26ef85-7736-498b-9629-813934e651fb
> git rev-parse --resolve-git-dir /var/jenkins_home/workspace/mypipe_main/.git # timeout=10
Fetching changes from the remote Git repository
> git config remote.origin.url https://github.com/sobhansaf/circlecitest.git # timeout=10
Fetching without tags
Fetching upstream changes from https://github.com/sobhansaf/circlecitest.git
> git --version # timeout=10
> git --version # 'git version 2.30.2'
using GIT_ASKPASS to set credentials
> git fetch --no-tags --force --progress -- https://github.com/sobhansaf/circlecitest.git +refs/heads/main:refs/remotes/origin/main # timeout=10
Checking out Revision 2bd22bad5bfca8114cd9d98cc4f56b3915dd012e (main)
> git config core.sparsecheckout # timeout=10
> git checkout -f 2bd22bad5bfca8114cd9d98cc4f56b3915dd012e # timeout=10
Commit message: "Update Jenkinsfile"
> git rev-list --no-walk eb8007c2dd9171cf306a04b75cdc48b9cb0da32e # timeout=10
[Pipeline] }
[Pipeline] // stage
[Pipeline] withEnv
[Pipeline] {
[Pipeline] isUnix
[Pipeline] withEnv
[Pipeline] {
[Pipeline] sh
+ docker inspect -f . python
.
[Pipeline] }
[Pipeline] // withEnv
[Pipeline] withDockerContainer
Jenkins seems to be running inside container ccd4d26ae72e22da420697318327033c77e8ff720034a8573a384d6ba442ca4b
but /var/jenkins_home/workspace/mypipe_main could not be found among []
but /var/jenkins_home/workspace/mypipe_main#tmp could not be found among []
$ docker run -t -d -u 0:0 -w /var/jenkins_home/workspace/mypipe_main -v /var/jenkins_home/workspace/mypipe_main:/var/jenkins_home/workspace/mypipe_main:rw,z -v /var/jenkins_home/workspace/mypipe_main#tmp:/var/jenkins_home/workspace/mypipe_main#tmp:rw,z -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** python cat
$ docker top 453918fd912510c869adad2cd3f9fb422108484c7af3ca02a91c42eea9b77b66 -eo pid,comm
[Pipeline] {
[Pipeline] stage
[Pipeline] { (build)
[Pipeline] sh
process apparently never started in /var/jenkins_home/workspace/mypipe_main#tmp/durable-ef6dc772
(running Jenkins temporarily with -Dorg.jenkinsci.plugins.durabletask.BourneShellScript.LAUNCH_DIAGNOSTICS=true might make the problem clearer)
[Pipeline] }
[Pipeline] // stage
[Pipeline] }
$ docker stop --time=1 453918fd912510c869adad2cd3f9fb422108484c7af3ca02a91c42eea9b77b66
$ docker rm -f 453918fd912510c869adad2cd3f9fb422108484c7af3ca02a91c42eea9b77b66
[Pipeline] // withDockerContainer
[Pipeline] }
[Pipeline] // withEnv
[Pipeline] }
[Pipeline] // node
[Pipeline] End of Pipeline
ERROR: script returned exit code -2
GitHub has been notified of this commit’s build result
Finished: FAILURE
also it is worth mentioning that, after creating a container by Jenkins, when I check container, its command is always a cat command. Could you please help me realize what is wrong?

Jenkins' stash not working in step run with Dockerfile agent

I have been struggling with getting the Jenkins' declared pipeline to stash the results of steps that run under a Dockerfile agent. After a variety of Dockerfile / stash configurations, it continues to fail. Hopefully, someone can identify my error.
Below is the stripped-down version of the Jenkins file, which fails in the same way as the original.
Jenkinsfile:
pipeline {
agent {
label 'Docker-enabled'
}
stages {
stage('Build') {
agent {
dockerfile {
filename 'cicd/docker/light.Dockerfile'
label 'Docker-enabled'
args '--user root'
}
}
steps {
script {
sh """
echo "hello" > /hi.txt
chmod 666 /hi.txt
chown jenkins:jenkins /hi.txt
"""
dir("/") {
stash name: "TARGET", includes: "hi.txt"
}
}
}
}
stage('Test'){
steps {
script {
echo "test"
}
}
}
}
}
And the dockerfile it references based on the dotnet/sdk:5.0-alpine base image.
FROM mcr.microsoft.com/dotnet/sdk:5.0-alpine
RUN adduser -D -g GECOS -u 1341 jenkins jenkins
Output snippet from a run, with the failure message at the bottom ERROR: No files included in stash ‘TARGET’
> /usr/local/bin/git rev-parse --resolve-git-dir /app/jenkins/workspace/DevOps-Pipeline-Demos/CDMMS-test/.git # timeout=10
> /usr/local/bin/git config remote.origin.url https://github.com/CenturyLink/CDMMS-dotnet-core # timeout=10
Fetching upstream changes from https://github.com/CenturyLink/CDMMS-dotnet-core
> /usr/local/bin/git --version # timeout=10
> git --version # 'git version 2.9.5'
using GIT_ASKPASS to set credentials GitHub Creds superseding SCMAUTO
> /usr/local/bin/git fetch --tags --progress -- https://github.com/CenturyLink/CDMMS-dotnet-core +refs/heads/*:refs/remotes/origin/* # timeout=10
> /usr/local/bin/git rev-parse refs/remotes/origin/jenkins-integration3^{commit} # timeout=10
> /usr/local/bin/git config core.sparsecheckout # timeout=10
> /usr/local/bin/git checkout -f 0a76f8dae13c65b68110443a94491f51c57998ae # timeout=10
+ docker build -t 5eed65047d1b89e50cde2aa993e9999fedc2f078 -f cicd/docker/light.Dockerfile .
Sending build context to Docker daemon 22.94MB
Step 1/2 : FROM mcr.microsoft.com/dotnet/sdk:5.0-alpine
---> ea61adf98d30
Step 2/2 : RUN adduser -D -g GECOS -u 1341 jenkins jenkins
---> Using cache
---> ba336af25d41
Successfully built ba336af25d41
Successfully tagged 5eed65047d1b89e50cde2aa993e9999fedc2f078:latest
[Pipeline] isUnix
[Pipeline] sh
+ docker inspect -f . 5eed65047d1b89e50cde2aa993e9999fedc2f078
.
[Pipeline] withDockerContainer
jenkinsndodc14-prod does not seem to be running inside a container
$ docker run -t -d -u 1341:1341 --user root -w /app/jenkins/workspace/DevOps-Pipeline-Demos/CDMMS-test -v /app/jenkins/workspace/DevOps-Pipeline-Demos/CDMMS-test:/app/jenkins/workspace/DevOps-Pipeline-Demos/CDMMS-test:rw,z -v /app/jenkins/workspace/DevOps-Pipeline-Demos/CDMMS-test#tmp:/app/jenkins/workspace/DevOps-Pipeline-Demos/CDMMS-test#tmp:rw,z -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** 5eed65047d1b89e50cde2aa993e9999fedc2f078 cat
$ docker top 56a906f34d15b532bba7682788eda7778936f344d5a4f355f1641bf5dc160ef1 -eo pid,comm
[Pipeline] {
[Pipeline] script
[Pipeline] {
[Pipeline] sh
+ echo hello
+ chmod 666 /hi.txt
+ chown jenkins:jenkins /hi.txt
+ ls -lsa /hi.txt
4 -rw-rw-rw- 1 jenkins jenkins 6 Apr 21 16:26 /hi.txt
+ cat /hi.txt
hello
[Pipeline] dir
Running in /
[Pipeline] {
[Pipeline] stash
[Pipeline] }
[Pipeline] // dir
[Pipeline] }
[Pipeline] // script
[Pipeline] }
$ docker stop --time=1 56a906f34d15b532bba7682788eda7778936f344d5a4f355f1641bf5dc160ef1
$ docker rm -f 56a906f34d15b532bba7682788eda7778936f344d5a4f355f1641bf5dc160ef1
[Pipeline] // withDockerContainer
[Pipeline] }
[Pipeline] // withEnv
[Pipeline] }
[Pipeline] // node
[Pipeline] }
[Pipeline] // stage
[Pipeline] stage
[Pipeline] { (Test)
Stage "Test" skipped due to earlier failure(s)
[Pipeline] }
[Pipeline] // stage
[Pipeline] }
[Pipeline] // withEnv
[Pipeline] }
[Pipeline] // node
[Pipeline] End of Pipeline
ERROR: No files included in stash ‘TARGET’
Finished: FAILURE
REST API
Jenkins 2.263.2
I know it is something simple about using a Dockerfile agent, but I cannot figure out what it is, so any help would be appreciated.
Thank you in advance.

I changed the output from the root directory to a subdirectory of root in the Docker container, making it so the output is written to /out/hi.txt. Next, I added a volume mount to the Dockerfile args parameter, args '--user root -v /tmp:/out'. Finally, I modified the stash command to load the file from the /tmp directory, which is shared with the /out directory inside the container.
Once these changes were made, the stash command could find the file in the /tmp directory and save it off for later steps.
...
agent {
dockerfile {
filename 'cicd/docker/light.Dockerfile'
label 'Docker-enabled'
args '--user root -v /tmp:/out'
}
}
steps {
script {
sh """
mkdir /out
echo "hello" > /out/hi.txt
chmod 666 /out/hi.txt
chown jenkins:jenkins /out/hi.txt
"""
dir("/tmp") {
stash name: "TARGET", includes: "**"
}
}
}
}
...

Using docker agent inside a docker-swarm slave that is running inside Docker as well

We have a Jenkins file that looks as follow
pipeline {
agent {
node {
label 'slave-test'
}
}
stages {
stage ('test docker run') {
agent {
docker {
image 'node:14.4.0-slim'
args '-u root -v /var/run/docker.sock:/var/run/docker.sock'
reuseNode true
}
}
steps {
sh 'PUPPETEER_SKIP_CHROMIUM_DOWNLOAD=true npm ci'
sh 'npm run test:ci'
sh 'npm run patternlab:build'
}
}
}
The node labelled as slave-test is a docker-swarm client running as a docker image based on debian-buster. Inside this slave we want to start the image node:14.4.0-slim to run some tests and package some frontend-stuff.
We use reuseNode = true to use the same workspace as agent in the beginning of the pipeline. But Jenkins tells us :
[Pipeline] {
[Pipeline] stage
[Pipeline] { (test docker run)
[Pipeline] getContext
[Pipeline] isUnix
[Pipeline] sh
13:24:07 + docker inspect -f . node:14.4.0-slim
13:24:07 .
[Pipeline] withDockerContainer
13:24:07 hofladen-slave01-20d7912d seems to be running inside container 23d34522985b2e7ec99327337cd2b20bee22018562886c9930a4ba777cda11ca
13:24:07 but /home/****/workspace/ttern-library_feature_BWEBHM-262#2 could not be found among [/var/run/docker.sock]
13:24:07 but /home/****/workspace/ttern-library_feature_BWEBHM-262#2#tmp could not be found among [/var/run/docker.sock]
13:24:07 $ docker run -t -d -u 10000:10000 -u root -v /var/run/docker.sock:/var/run/docker.sock -w /home/****/workspace/ttern-library_feature_BWEBHM-262#2 -v /home/****/workspace/ttern-library_feature_BWEBHM-262#2:/home/****/workspace/ttern-library_feature_BWEBHM-262#2:rw,z -v /home/****/workspace/ttern-library_feature_BWEBHM-262#2#tmp:/home/****/workspace/ttern-library_feature_BWEBHM-262#2#tmp:rw,z -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** node:14.4.0-slim cat
13:24:08 $ docker top 0759f74d1c2676d68a32edab9775b2ca3c518fa2e4e673af856a87e9da514683 -eo pid,comm
[Pipeline] {
[Pipeline] sh
13:29:15 process apparently never started in /home/****/workspace/ttern-library_feature_BWEBHM-262#2#tmp/durable-504ce105
13:29:15 (running Jenkins temporarily with -Dorg.****ci.plugins.durabletask.BourneShellScript.LAUNCH_DIAGNOSTICS=true might make the problem clearer)
[Pipeline] }
13:29:15 $ docker stop --time=1 0759f74d1c2676d68a32edab9775b2ca3c518fa2e4e673af856a87e9da514683
13:29:17 $ docker rm -f 0759f74d1c2676d68a32edab9775b2ca3c518fa2e4e673af856a87e9da514683
[Pipeline] // withDockerContainer
[Pipeline] }
[Pipeline] // stage
[Pipeline] stage
[Pipeline] { (Cancel running builds if exist)
Stage "Cancel running builds if exist" skipped due to earlier failure(s)
We need to run these commands all in the same Jenkins Workspace in order to perform the later steps.
Does anybody have an Idea how to achive this. We know that the pipeline runs fine if the pipeline is not running on an agent that is on a standalone machine.

Fixed by starting jenkins slave as container with a volume to share data and allow access to /var/run/docker.sock
#!/bin/bash
volume_name=myfinevolume-slave01-workspace
docker volume create ${volume_name}
docker run -d --name jenkins-agent-for-myfineproject \
-v /var/run/docker.sock:/var/run/docker.sock:rw \
--mount source=${volume_name},target=/home/jenkins/workspace \
--memory=8G \
--memory-swap=16G \
--restart unless-stopped \
myfineregsitry.domain.lala/acme/jenkins-swarm-client:3.17.0_buster

Jenkins pipeline alpine agent "apk update ERROR: Unable to lock database: Permission denied"

I'm using Alpine docker image as a Jenkins pipeline agent but I keep getting permission denied error while running apk update or apk add package. I seeing similar error for Ubuntu images also while running apt update or apt install
Here's my Jenkinsfile:
pipeline {
agent none
stages {
stage('Initialization') {
agent any
steps {
checkout scm
}
}
stage('Git Clone') {
agent { docker { image 'alpine:3.12.0' } }
steps {
sh '''
apk update;
apk add --no-cache git;
apk add --no-cache openssh;
git -v;
'''
}
}
}
}
and here's the Jenkins output:
+ docker inspect -f . alpine:3.12.0
WARNING: Error loading config file: /root/.docker/config.json: stat /root/.docker/config.json: permission denied
.
[Pipeline] withDockerContainer
Jenkins does not seem to be running inside a container
$ docker run -t -d -u 1001:0 -w "/opt/bitnami/jenkins/jenkins_home/workspace/Deploy Glosfy Frontend" -v "/opt/bitnami/jenkins/jenkins_home/workspace/Deploy Glosfy Frontend:/opt/bitnami/jenkins/jenkins_home/workspace/Deploy Glosfy Frontend:rw,z" -v "/opt/bitnami/jenkins/jenkins_home/workspace/Deploy Glosfy Frontend#tmp:/opt/bitnami/jenkins/jenkins_home/workspace/Deploy Glosfy Frontend#tmp:rw,z" -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** alpine:3.12.0 cat
$ docker top 166c9ace17a4eb6aef0af0bbc04902ee4a358212be7f029550fb39a921e305aa -eo pid,comm
[Pipeline] {
[Pipeline] sh
+ apk update
ERROR: Unable to lock database: Permission denied
ERROR: Failed to open apk database: Permission denied
[Pipeline] }
$ docker stop --time=1 166c9ace17a4eb6aef0af0bbc04902ee4a358212be7f029550fb39a921e305aa
$ docker rm -f 166c9ace17a4eb6aef0af0bbc04902ee4a358212be7f029550fb39a921e305aa
[Pipeline] // withDockerContainer
[Pipeline] }
[Pipeline] // withEnv
[Pipeline] }
[Pipeline] // node
[Pipeline] }
[Pipeline] // stage
[Pipeline] End of Pipeline
ERROR: script returned exit code 99
Finished: FAILURE
Can someone help me figure out the issue?

Please modify the docker tag from Jenkins pipeline like this:
docker {
image 'alpine:3.12.0'
args '-u root:root'
}

I believe the problem is that Jenkins is running the container with a non-root user, hence the Permission denied error.
Try changing your pipeline like so:
agent {
docker {
image 'alpine:3.12.0'
args '-u root'
}
}
See this answer.

Unable to run sh steps inside docker agent: script.sh Not Found

When trying to run the following declarative pipeline:
pipeline {
agent { docker 'alpine' }
stages {
stage('Test') {
steps {
sh('printenv')
}
}
}
}
I get the error:
[Pipeline] {
[Pipeline] stage
[Pipeline] { (Declarative: Agent Setup)
[Pipeline] sh
[TmpTest] Running shell script
+ docker pull alpine
Using default tag: latest
latest: Pulling from library/alpine
Digest: sha256:1072e499f3f655a032e88542330cf75b02e7bdf673278f701d7ba61629ee3ebe
Status: Image is up to date for alpine:latest
[Pipeline] }
[Pipeline] // stage
[Pipeline] sh
[TmpTest] Running shell script
+ docker inspect -f . alpine
.
[Pipeline] withDockerContainer
Jenkins does not seem to be running inside a container
$ docker run -t -d -u 107:113 -w /var/lib/jenkins/workspace/TmpTest -v /var/lib/jenkins/workspace/TmpTest:/var/lib/jenkins/workspace/TmpTest:rw,z -v /var/lib/jenkins/workspace/TmpTest#tmp:/var/lib/jenkins/workspace/TmpTest#tmp:rw,z -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** --entrypoint cat alpine
[Pipeline] {
[Pipeline] stage
[Pipeline] { (Provision Server)
[Pipeline] sh
[TmpTest] Running shell script
sh: /var/lib/jenkins/workspace/TmpTest#tmp/durable-1abfbc69/script.sh: not found
[Pipeline] }
[Pipeline] // stage
[Pipeline] }
$ docker stop --time=1 db551b51404ba6305f68f9086320634eeea3d515be134e5e55b51c3c9f1eb568
$ docker rm -f db551b51404ba6305f68f9086320634eeea3d515be134e5e55b51c3c9f1eb568
[Pipeline] // withDockerContainer
[Pipeline] }
[Pipeline] // node
[Pipeline] End of Pipeline
ERROR: script returned exit code 127
Finished: FAILURE
When monitoring the pipelines #tmp directory whilst its running I can see script.sh created for a short period. I am unable to tell if it has been created, or already deleted, when the pipeline tries to execute it in the running container.
some system details
Jenkins running as a single node system which has docker installed.
Jenkins v2.60.1
(all plugins fully updated)
docker --version
Docker version 17.06.0-ce, build 02c1d87

Have the same setup (single Jenkins 2.73.1 host on an EC2 instance, not inside a container, with Docker 17.09.0-ce) and the same behavior, with both declarative and scripted pipeline.
It tries to run the script on the host itself if you specify
sh 'sh ./yourscript.sh'
or
sh './yourscript.sh'
instead of sh 'script.sh'