我有一份执行 docker ps 命令的 jenkins 工作。它是一个管道脚本,如下所示:
node {
wrap([$class: 'BuildUser']) {
sh 'echo "The build user: "'
sh 'echo "${BUILD_USER}"'
}
stage 'run ps command'
sh "\$(docker ps)"
}
它打印:
+ echo 'The build user: '
The build user:
[Pipeline] sh
+ echo 'Anonymous'
Anonymous
[Pipeline] }
[Pipeline] // wrap
[Pipeline] stage (run ps command)
Using the ‘stage’ step without a block argument is deprecated
Entering stage run ps command
Proceeding
[Pipeline] sh
++ docker ps
Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Get http://%2Fvar%2Frun%2Fdocker.sock/v1.24/containers/json: dial unix /var/run/docker.sock: connect: permission denied
[Pipeline] }
[Pipeline] // node
[Pipeline] End of Pipeline
ERROR: script returned exit code 1
Finished: FAILURE
据我了解,jenkins 作业将始终以相同的操作系统用户身份运行,因此在本例中为“jenkinsuser”。我已经将此用户添加到 docker 组并多次重启 jenkins。
$> grep docker /etc/group
docker:x:497:jenkinsuser
$> ps -ef | grep jenkins
root 11177 978 0 15:48 ? 00:00:00 sshd: jenkinsuser [priv]
jenkinsuser 11180 11177 0 15:48 ? 00:00:00 sshd: jenkinsuser@pts/0
jenkinsuser 13276 1 0 2020 ? 1-19:07:35 java -jar jenkins.war
jenkinsuser 20929 11181 0 20:04 pts/0 00:00:00 grep --color=auto jenkins
有什么我遗漏的吗?
当我在linux盒子上时,我可以成功地做docker ps:
$> whoami
jenkinsuser
$> docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
但是当我作为 jenkins 管道构建工作的一部分这样做时,这不起作用!!为什么?!?