When trying to build a container inside of a jenkins-slave on a k8s-cluster I get the following error:
nsenter: cannot change root filesystem propagation: Permission denied
I'm also not sure what the 'securityannotations' in the readme mean. When I set these annotations (under the container-template in Jenkins) the slave never spins up
DockerFile for slave:
# Jenkins Base Slave Image. Latest is NOT used to prevent updates from breaking this Image
FROM jenkins/jnlp-slave:4.0.1-1
# Many of the commands in this file will not run as the Jenkins user. Thus, we switch to the Root-User here
USER root
# Versions of Tooling to Download
ENV NODE_VERSION=12.x
# Version 12.16.1 is the latest LTS-version at this time
# Get base dependencies
RUN apt-get update && \
apt-get install -y curl
# Get the Node Install
RUN curl -sL https://deb.nodesource.com/setup_${NODE_VERSION} | bash
# Install Node and npm
RUN apt-get update && \
apt-get install -y nodejs
# Install apt-transport-https for Yarn repository
RUN apt-get install apt-transport-https -y
# Add Yarn repository
RUN curl -sS https://dl.yarnpkg.com/debian/pubkey.gpg | apt-key add - && \
echo "deb https://dl.yarnpkg.com/debian/ stable main" | tee /etc/apt/sources.list.d/yarn.list
# Install Yarn
RUN apt-get update && \
apt-get install -y yarn
# Install dependencies for IMG
RUN apt-get update -y && \
apt-get install -y uidmap && \
apt-get install -y seccomp
# Add GenuineTools IMG (for executing Docker commands)
RUN export IMG_SHA256="41aa98ab28be55ba3d383cb4e8f86dceac6d6e92102ee4410a6b43514f4da1fa" && \
curl -fSL "https://github.com/genuinetools/img/releases/download/v0.5.7/img-linux-amd64" -o "/usr/local/bin/img" && \
echo "${IMG_SHA256} /usr/local/bin/img" | sha256sum -c - && \
chmod a+x "/usr/local/bin/img"
# Set User to Jenkins
USER jenkins
ENV USER jenkins
In my slave (Jenkinsfile) I'm trying to run:
sh "img build -t dockerregistry:5000/${name}:latest ." (I'm running a private registry within the same namespace
When trying to build a container inside of a jenkins-slave on a k8s-cluster I get the following error:
nsenter: cannot change root filesystem propagation: Permission denied
I'm also not sure what the 'securityannotations' in the readme mean. When I set these annotations (under the container-template in Jenkins) the slave never spins up
DockerFile for slave:
In my slave (Jenkinsfile) I'm trying to run:
sh "img build -t dockerregistry:5000/${name}:latest ."
(I'm running a private registry within the same namespace