时间戳

首页 > 解决方案 > Bitnami Jenkins VM:为什么管道在第二次运行时尝试签出 git repo 时缺少权限?

git - Bitnami Jenkins VM:为什么管道在第二次运行时尝试签出 git repo 时缺少权限?

问题描述

这是我在这里的第一个问题,所以请记住。=)

我在本地机器上使用 Bitnami Jenkins VM 来玩 Jenkins,稍后我想在我的公司介绍它。

我通过 Jenkinsfile 在 repo 中设置了一个管道,如下所示:

pipeline {
    agent {
        docker {
            image 'apmyp1990/lamp'
            args '-u root'
        }
    }
    stages {
        stage('Build') {
            steps {
                sh 'service mysql start'
                sh 'mysql -u root -proot -e "DROP DATABASE IF EXISTS text_db; CREATE DATABASE test_db;"'
                sh 'mysql -u root -proot -e "show databases;"'
                sh 'mysql -u root -proot -e "use test_db; source database/2018-06-26.sql;"'
                sh 'composer update'
                sh 'nightwatch'
            }
        }
    }
}

我第一次运行此管道时无法启动 docker,但我只是将用户tomcat(jenkins 与此用户一起运行)添加到 docker 组。在第一次运行期间,一切都很好(尽管没有开始守夜——但这不是问题)。当我再次尝试运行此管道时,出现以下错误:

Started by user admin
Obtained jenkinsfile from git https://bitbucket.org/{PROJECTNAME}.git
Running in Durability level: MAX_SURVIVABILITY
[Pipeline] node
Running on Jenkins in /opt/bitnami/apps/jenkins/jenkins_home/workspace/{Project}
[Pipeline] {
[Pipeline] stage
[Pipeline] { (Declarative: Checkout SCM)
[Pipeline] checkout
 > /opt/bitnami/git/bin/git rev-parse --is-inside-work-tree # timeout=10
Fetching changes from the remote Git repository
 > /opt/bitnami/git/bin/git config remote.origin.url https://bitbucket.org/{PROJECTNAME}.git # timeout=10
Fetching upstream changes from https://bitbucket.org/{PROJECTNAME}.git
 > /opt/bitnami/git/bin/git --version # timeout=10
using GIT_ASKPASS to set credentials Arturs Bitbucket Account
 > /opt/bitnami/git/bin/git fetch --tags --progress https://bitbucket.org/{PROJECTNAME}.git +refs/heads/*:refs/remotes/origin/*
 > /opt/bitnami/git/bin/git rev-parse refs/remotes/origin/master^{commit} # timeout=10
 > /opt/bitnami/git/bin/git rev-parse refs/remotes/origin/origin/master^{commit} # timeout=10
Checking out Revision a9acc7b417f410ad4b3b8b73aeb905e7ace7df2b (refs/remotes/origin/master)
 > /opt/bitnami/git/bin/git config core.sparsecheckout # timeout=10
 > /opt/bitnami/git/bin/git checkout -f a9acc7b417f410ad4b3b8b73aeb905e7ace7df2b
[Pipeline] }
[Pipeline] // stage
[Pipeline] }
[Pipeline] // node
[Pipeline] End of Pipeline
hudson.plugins.git.GitException: Command "/opt/bitnami/git/bin/git checkout -f a9acc7b417f410ad4b3b8b73aeb905e7ace7df2b" returned status code 1:
stdout: 
stderr: error: unable to unlink old 'web/typo3conf/ext/dce/Classes/Components/BackendView/SimpleBackendView.php': Permission denied
error: unable to unlink old 'web/typo3conf/ext/dce/Classes/Components/DceContainer/Container.php': Permission denied
{much more of permission denied errors}

Previous HEAD position was 606c9db lamp:latest
HEAD is now at a9acc7b add root user

    at org.jenkinsci.plugins.gitclient.CliGitAPIImpl.launchCommandIn(CliGitAPIImpl.java:2002)
    at org.jenkinsci.plugins.gitclient.CliGitAPIImpl.access$800(CliGitAPIImpl.java:72)
    at org.jenkinsci.plugins.gitclient.CliGitAPIImpl$9.execute(CliGitAPIImpl.java:2301)
Caused: hudson.plugins.git.GitException: Could not checkout a9acc7b417f410ad4b3b8b73aeb905e7ace7df2b
    at org.jenkinsci.plugins.gitclient.CliGitAPIImpl$9.execute(CliGitAPIImpl.java:2325)
    at hudson.plugins.git.GitSCM.checkout(GitSCM.java:1236)
    at org.jenkinsci.plugins.workflow.steps.scm.SCMStep.checkout(SCMStep.java:113)
    at org.jenkinsci.plugins.workflow.steps.scm.SCMStep$StepExecutionImpl.run(SCMStep.java:85)
    at org.jenkinsci.plugins.workflow.steps.scm.SCMStep$StepExecutionImpl.run(SCMStep.java:75)
    at org.jenkinsci.plugins.workflow.steps.AbstractSynchronousNonBlockingStepExecution$1$1.call(AbstractSynchronousNonBlockingStepExecution.java:47)
    at hudson.security.ACL.impersonate(ACL.java:290)
    at org.jenkinsci.plugins.workflow.steps.AbstractSynchronousNonBlockingStepExecution$1.run(AbstractSynchronousNonBlockingStepExecution.java:44)
    at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
    at java.util.concurrent.FutureTask.run(FutureTask.java:266)
    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
    at java.lang.Thread.run(Thread.java:748)
Finished: FAILURE

然后我通过 bash 检查了权限(请参阅链接图片,因为我无法从 debian bash 复制): 我的项目的根目录

网络目录

为了使管道正常运行,我缺少什么?我不明白为什么 Jenkins 的权限有问题 - jenkins 正在使用用户 tomcat 运行,所以一切都应该没问题吗?

编辑:

我发布了错误的 jenkinsfile,它应该args '-u root'在代理部分有命令(见上文)。我现在发现使用此命令运行管道会导致错误。但是当我不使用此命令时,由于缺少权限,我无法启动 mysql 服务器。第一次启动管道(新创建的管道)没有args '-u root', 无法启动 mysql 服务器,但下次使用 args 命令运行管道不会产生任何错误。有人给点建议吗?

先感谢您!

标签: gitjenkinsjenkins-pipeline

解决方案

推荐阅读