Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-57369

Docker build-args incorrectly rejected and successful build marked failed

    Details

    • Similar Issues:
    • Released As:
      docker-workflow 1.19

      Description

      Combination of two issues here.

      1. According to Docker's docs, running docker build --build-arg VARIABLE should be equivalent to docker build --build-arg VARIABLE=${VARIABLE}. However, the Docker Pipeline plugin throws an exception if this usage is passed to docker.build in a pipeline. (See attached Jenkinsfile and log).
      2. As shown in the log, these arguments are passed to the Docker client and the image builds fine. Only after this has happened is the exception logged and the build is marked as failed, despite the successful Docker build.

      A workaround would be to just use --build-arg SSH_KEY="${env.SSH_KEY}", but as this would result in the private key being printed to the build logs I'm not really happy with that approach.

        Attachments

        1. buildlog
          2 kB
        2. Jenkinsfile
          0.5 kB

          Activity

          Hide
          jackdpeterson Jack Peterson added a comment -

          I'm going to +1 this issue as a totally annoying problem here as I'm working on using Jenkins Dockerfiles that depend on an upstream private image as well as a private-key needing to be passed in in order to perform git clones of private repositories as part of a dependency management step in the primary Dockerfile. I too don't like how the credentials get displayed willy-nilly as soon as they become multiline parameters.

           

          pipeline {
              agent none
          ...
          
             environment {
                  GITHUB_SSH_PRIVATE_KEY=credentials('github_ssh_key')
                  DOCKER_REGISTRY_CREDENTIALS=credentials('dockerhub')
              }
          ...
              stages {
                  stage("run unit tests") {
                      agent {
                         dockerfile {
                             filename "Dockerfile"
                             additionalBuildArgs "--build-arg SSH_PRIVATE_KEY=\"${env.GITHUB_SSH_PRIVATE_KEY}\""
                             registryCredentialsId 'dockerhub'
                         }
                     }
                     steps {
                         sh '//commands run here'
                     }
          

           

           

           

           

          Show
          jackdpeterson Jack Peterson added a comment - I'm going to +1 this issue as a totally annoying problem here as I'm working on using Jenkins Dockerfiles that depend on an upstream private image as well as a private-key needing to be passed in in order to perform git clones of private repositories as part of a dependency management step in the primary Dockerfile. I too don't like how the credentials get displayed willy-nilly as soon as they become multiline parameters.   pipeline { agent none ... environment { GITHUB_SSH_PRIVATE_KEY=credentials( 'github_ssh_key' ) DOCKER_REGISTRY_CREDENTIALS=credentials( 'dockerhub' ) } ... stages { stage( "run unit tests" ) { agent { dockerfile { filename "Dockerfile" additionalBuildArgs "--build-arg SSH_PRIVATE_KEY=\" ${env.GITHUB_SSH_PRIVATE_KEY}\"" registryCredentialsId 'dockerhub' } } steps { sh ' //commands run here' }        
          Hide
          jugglefish Peter Niederlag added a comment -
          Show
          jugglefish Peter Niederlag added a comment - Here is a PR that fixes the problem: https://github.com/jenkinsci/docker-workflow-plugin/pull/178
          Hide
          treuherz Eli Treuherz added a comment -

          Thanks for working on this Peter Niederlag. I've submitted some comments on the PR

          Show
          treuherz Eli Treuherz added a comment - Thanks for working on this Peter Niederlag . I've submitted some comments on the PR
          Hide
          jugglefish Peter Niederlag added a comment -

          Thx for your feedback Eli Treuherz I tried to reply yor comments in code. It seems IsMapWithSize is not available without further work (hamcrest 1.3 limit?). I'd suggest to keep changes on the tests in line with all tests in the class.

          It'd be very great if someone with insight could check on handling the value on the argMap https://github.com/jenkinsci/docker-workflow-plugin/pull/178#pullrequestreview-256220189

          Show
          jugglefish Peter Niederlag added a comment - Thx for your feedback Eli Treuherz I tried to reply yor comments in code. It seems IsMapWithSize is not available without further work (hamcrest 1.3 limit?). I'd suggest to keep changes on the tests in line with all tests in the class. It'd be very great if someone with insight could check on handling the value on the argMap https://github.com/jenkinsci/docker-workflow-plugin/pull/178#pullrequestreview-256220189
          Hide
          dnusbaum Devin Nusbaum added a comment -

          A fix for this issue was just released in Docker Pipeline plugin version 1.19. From the release notes: 

          Deprecate the dockerFingerprintFrom and dockerFingerprintRun steps and stop calling them during docker.build and image.run. Fixes various issues with Dockerfile parsing and parsing arguments to docker build.

          Show
          dnusbaum Devin Nusbaum added a comment - A fix for this issue was just released in Docker Pipeline plugin version 1.19. From the release notes:  Deprecate the  dockerFingerprintFrom  and  dockerFingerprintRun  steps and stop calling them during  docker.build  and  image.run . Fixes various issues with Dockerfile parsing and parsing arguments to  docker build .

            People

            • Assignee:
              Unassigned
              Reporter:
              treuherz Eli Treuherz
            • Votes:
              2 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: