The CI job has no access to codepack and pnpm.
The user used to run cmd is podman. this user does not have access to codepack and pnpm.
But if i mnualy start a container, i am connected as root user and i can run pnpm.
Gitlab CI not authorize non-root user on Kubernetes pods for jobs.
Running on runner-a6ggycboa-project-7-concurrent-0-2gob635t via gitlab-gitlab-runner-6dbfd695c6-fhwq8...
Getting source from Git repository
00:09
Fetching changes with git depth set to 50...
Initialized empty Git repository in /my_custom_dir/ubbleai/core/.git/
Created fresh repository.
Checking out e14b5cdf as detached HEAD (ref is refs/merge-requests/9049/head)...
Skipping Git submodules setup
Restoring cache
00:00
Checking cache for 0_pnpm-lock-db917d[15](https://gitlab.ubble.ai/ubbleai/core/-/jobs/517690#L15)dc551e7186f9566bc1bc5326a34699ee-6-non_protected...
WARNING: file does not exist
Failed to extract cache
Downloading artifacts
00:01
Downloading artifacts for nx:metadata (5[17](https://gitlab.ubble.ai/ubbleai/core/-/jobs/517690#L17)668)...
Downloading artifacts from coordinator... ok host=gitlab.ubble.ai id=517668 responseStatus=200 OK token=glcbt-64
Downloading artifacts for trivy-check (517672)...
Downloading artifacts from coordinator... ok host=gitlab.ubble.ai id=517672 responseStatus=[20](https://gitlab.ubble.ai/ubbleai/core/-/jobs/517690#L20)0 OK token=glcbt-64
Executing "step_script" stage of the job script
00:01
$ podman login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
Login Succeeded!
$ podman login -u $CI_DEPENDENCY_PROXY_USER -p $CI_DEPENDENCY_PROXY_PASSWORD $CI_SERVER_HOST
Login Succeeded!
$ pnpm nx show projects --affected --base=$NX_BASE --head=$NX_HEAD
/scripts-7-517690/step_script: line [25](https://gitlab.ubble.ai/ubbleai/core/-/jobs/517690#L25)6: pnpm: command not found
Cleaning up project directory and file based variables
00:01
ERROR: Job failed: command terminated with exit code 1
The CI job has no access to
codepack
andpnpm
. The user used to run cmd ispodman
. this user does not have access tocodepack
andpnpm
. But if i mnualy start a container, i am connected asroot
user and i can run pnpm.Gitlab CI not authorize non-root user on Kubernetes pods for jobs.
CI job definition:
CI job logs: