Details
-
Suggestion
-
Resolution: Unresolved
-
None
-
None
-
1
-
Description
Currently, using the Docker Runner also bind-mounts the working directory (so you can easily access output artifacts from the agent host after the Docker container has exited). However, if the image you are using with the runner does not specify its own user those files are all created with UID 0 (root) which can make cleanup more complicated, as the Bamboo agent does not run as root but as its own privileged user.
What would be nice is if by default, the Docker Runner used the `--user` flag when launching the container to set the UID/GID to match the parent process, so if my agent is running as a user 'bamboo' with UID 1000 then all the files created in that bind mount have corresponding permissions.
I'm not sure if there would ever be a case where someone would want to disable this functionality (so that the user specified in the Dockerfile was always used regardless of the UID/GID of the Bamboo agent). I can't think of one off the top of my head.
Attachments
Issue Links
- mentioned in
-
Page Loading...