Uploaded image for project: 'Bamboo Data Center'
  1. Bamboo Data Center
  2. BAM-20581

Docker Runner should inherit UID/GID from agent by default

    XMLWordPrintable

Details

    • Suggestion
    • Resolution: Unresolved
    • None
    • Docker Runner
    • None
    • 1

    • Our product teams collect and evaluate feedback from a number of different sources. To learn more about how we use customer feedback in the planning process, check out our new feature policy.

    Description

      Currently, using the Docker Runner also bind-mounts the working directory (so you can easily access output artifacts from the agent host after the Docker container has exited). However, if the image you are using with the runner does not specify its own user those files are all created with UID 0 (root) which can make cleanup more complicated, as the Bamboo agent does not run as root but as its own privileged user.

      What would be nice is if by default, the Docker Runner used the `--user` flag when launching the container to set the UID/GID to match the parent process, so if my agent is running as a user 'bamboo' with UID 1000 then all the files created in that bind mount have corresponding permissions.

      I'm not sure if there would ever be a case where someone would want to disable this functionality (so that the user specified in the Dockerfile was always used regardless of the UID/GID of the Bamboo agent). I can't think of one off the top of my head.

      Attachments

        Issue Links

          mentioned in

          Page Loading...

          Activity

            People

              Unassigned Unassigned
              56f9d9cad6ec Thorn Golden
              Votes:
              30 Vote for this issue
              Watchers:
              7 Start watching this issue

              Dates

                Created:
                Updated: