Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-57655

Can volumes-from be disabled for docker.image().inside() in a Jenkins pipeline?

    Details

    • Similar Issues:

      Description

      The Jenkins docker pipeline provides a very nice docker.image().inside() function. This will result in a docker run command like:

      docker run -t -d -u 1000:1000 -w /var/jenkins_home/workspace/my-job --volumes-from 30dfde62097dad7873b0c72da82f70252jefewfr72edb412c2e759303d10 -e ******** -e ******** -e ******** my-image:latest cat
      

      The `--volumes-from` parameter will provide the container with the same volumes as the main Jenkins container. So it will also expose the entire /var/jenkins_home directory.
      Sometimes I would like to execute commands in a container and only expose the current job workspace.

      Is it possible to disable/remove the `--volumes-from` parameter?

      I can add an extra `v ${WORKSPACE}:/workspace` myself as args, but I can't find a way to disable/remove the `-volumes-from` parameter.

       

      I also posted this on: https://stackoverflow.com/questions/56277847/can-volumes-from-be-disabled-for-docker-image-inside-in-a-jenkins-pipeline

        Attachments

          Issue Links

            Activity

            Hide
            pjo901018 Jaeyoung Park added a comment -

            +1 

            This feature adding --volumes-from flag is only mentioned on here. https://jenkins.io/doc/book/pipeline/docker/#using-a-remote-docker-server

            When Jenkins detects that the agent is itself running inside a Docker container, it will automatically pass the --volumes-from argument to the inside container, ensuring that it can share a workspace with the agent.
            Additionally some versions of Docker Swarm do not support custom Registries.

             
            I hate "automatically" features. It's hard to find why did it happen. And hard to resolve it.
            In my case, I want to isolate "docker in docker" environment, but "--volumes-from jenkins" gives a mounted "/var/run/docker.sock".

             

            Show
            pjo901018 Jaeyoung Park added a comment - +1  This feature adding --volumes-from flag is only mentioned on here.  https://jenkins.io/doc/book/pipeline/docker/#using-a-remote-docker-server When Jenkins detects that the agent is itself running inside a Docker container, it will automatically pass the  --volumes-from  argument to the  inside  container, ensuring that it can share a workspace with the agent. Additionally some versions of Docker Swarm do not support custom Registries.   I hate "automatically" features. It's hard to find why did it happen. And hard to resolve it. In my case, I want to isolate "docker in docker" environment, but "--volumes-from jenkins" gives a mounted "/var/run/docker.sock".  
            Hide
            felipecassiors Felipe Santos added a comment -

            Jaeyoung Park I have the exact same problem in the exact same situation. I added a reference to the PR which introduced this feature.

            Show
            felipecassiors Felipe Santos added a comment - Jaeyoung Park I have the exact same problem in the exact same situation. I added a reference to the PR which introduced this feature.
            Hide
            felipecassiors Felipe Santos added a comment - - edited

            I was able to work around it but using a different socket on the Docker in Docker container, see: https://github.com/felipecrs/jenkins-agent-dind/pull/13.

            However, this seems to be a very hacky solution, I hope this issue gets fixed in the root which is the docker workflow plugin.

            Show
            felipecassiors Felipe Santos added a comment - - edited I was able to work around it but using a different socket on the Docker in Docker container, see: https://github.com/felipecrs/jenkins-agent-dind/pull/13. However, this seems to be a very hacky solution, I hope this issue gets fixed in the root which is the docker workflow plugin.

              People

              • Assignee:
                Unassigned
                Reporter:
                pietervogelaar Pieter Vogelaar
              • Votes:
                4 Vote for this issue
                Watchers:
                4 Start watching this issue

                Dates

                • Created:
                  Updated: