rootless-docker through jenkins pipeline - jenkins-pipeline

I am running docker as rootless using the Jenkins pipeline. I have written a pipeline for the same.
But when pipeline executes
export DOCKER_HOST=unix:///run/user/${USERID}/docker.sock
this command it is not working through Jenkins.
I have tried with export this to file and execute but still not working.
when I run env command it is not shown there.
Jenkins Pipeline code
dir("/home/operateadmin/workspace"){
def USERID = '''$( id |grep uid | awk -F '[ ]' '{print $1}' | awk -F '[(]' '{print $1}'| awk -F '[=]' '{print $2}')'''
sh '''#!/bin/bash
source /etc/environment
sudo apt-get install -y uidmap
export DOCKER_HOST=unix:///run/user/$USERID/docker.sock
curl -fsSL https://get.docker.com/rootless | sh
systemctl --user status docker
systemctl --user start docker
'''
}
}
I need to execute
export DOCKER_HOST=unix:///run/user/$USERID/docker.sock
this command using jenkins.

I did not understand the question. But I see you are still messing around with rootless-docker. Good luck.
... by the way, what's wrong with podman?

Related

Automating password change inside a Docker container

I need to use a bash script:
Launch the container
Generate a password
Enter the container
Run the 'cd /' command
Change the password using htpasswd to the generated one
I tried it like this:
docker restart c1
a = date +%s | sha256sum | base64 | head -c 32 ; echo
docker exec -u 0 -it c1 bash 'echo cd /'
htpasswd user.passwd webdav a
And so:
docker restart c1
docker exec -u 0 -it c1 bash
cd /
a = date +%s | sha256sum | base64 | head -c 32 ; echo
htpasswd user.passwd webdav a
With the first option , I get:
bash: echo cd /: No such file or directory
With the second one, it enters the container and does nothing
I will be grateful for any help
I tried many variations of the script, which did not help me
You do not need Docker or debugging tools like docker exec just to generate an htpasswd file.
htpasswd is part of the Apache distribution, and you should be able to install it on your host system using your OS package manager. Since it just manipulates a credential file it doesn't need the actual server.
# On the host system, without using Docker at all
sudo apt-get update && apt-get install apache2-utils
# Make sure to wrap the password-generating command in `$()`
a=$(date +%s | sha256sum | base64 | head -c 32)
# Make sure to use a variable reference `$a`
htpasswd user.passwd webdav "$a"
This gives you a user.passwd file on your local system. Now when you launch your container, you can bind-mount the file into the container:
docker run -d -p 80:80 ... \
-v "$PWD/user.passwd:/usr/local/apache2/conf/user.passwd" \
httpd
The container will be immediately ready to use. If you delete and recreate this container, you do not need to repeat the manual setup step. If you need to launch multiple copies of the container, they can all have the same credentials file without doing manual steps.

Shell script works from command line but not from cron

I am using https://stackoverflow.com/a/42955871/308851 and it works from command line but not from cron. I even tried running the script with env -i but it stubbornly works.
#!/bin/bash
filename=$(date '+%Y-%m-%d').gz
docker exec -t elastic_db.1.$(docker service ps -f 'name=elastic_db.1' elastic_db -q --no-trunc | head -n1) mysqldump example |gzip -9 > /container/$filename
docker exec -t elastic_drupal.1.$(docker service ps -f 'name=elastic_drupal.1' elastic_drupal -q --no-trunc |head -n1) rclone --config /etc/rclone.conf move /app/$filename example:example/dump/
This compresses a 0 byte file when ran from cron but works just fine otherwise. What am I doing wrong?
Gordon Davisson's comment is correct: changing docker to /usr/bin/docker worked.

How to docker-compose run in windows?

How to use this command in windows 10 familly :
docker-compose run api composer install --no-interaction
Example:
docker-compose run api composer install --no-interaction
- Interactive mode is not yet supported on Windows.
Please pass the -d flag when using `docker-compose run`.
Is it possible ?
Do you have an example ?
The interactive mode support for docker-compose on Windows is tracked by issue 2836 which proposes some alternatives:
Use bash from within the container:
docker exec -it MY_CONTAINER bash
Use a docker-compose-run script by Rodrigo Baron:
Script ( put the function in ~/.zshrc or ~/.bashrc in a Windows git bash shell for instance):
#!/bin/bash
function docker-compose-run() {
if [ "$1" = "-f" ] || [ "$1" = "--file" ] ; then
docker exec -i $(docker-compose -f $2 ps $3 |grep -m 1 $3 | cut -d ' ' -f1) "${#:4}"
else
docker exec -i $(docker-compose ps $1 | grep -m 1 $1 | cut -d ' ' -f1) "${#:2}"
fi
}
docker-compose-run "$#"
Usage:
usage:
docker-compose-run web rspec
# or:
docker-compose-run -f docker-compose.development.yml web rspec
Simpler alternative is to use option -d and to get logs
docker-compose run -rm <service> <command>
is replaced by:
docker-compose-run <service> <command>
For this to work, add this snippet in your ~/.bashrc :
docker-compose-run() {
CONTAINER_NAME=$(docker-compose run -d $#)
docker logs -f $CONTAINER_NAME
docker rm $CONTAINER_NAME
}

Bash script to get into a running container and then run another bash script from that container

I have a shell script which runs as follows :
image_id=$(docker ps -a | grep postgres | awk -F' ' '{print $1}')
full_id=$(docker ps -a --no-trunc -q | grep $image_id)
docker exec -i -t $full_id bash
When I run this from the base linux OS, I expect to actually enter the postgres container which is a running container. But the issue is that the shell script hangs on 3rd line during ' docker exec' step.
My end goal is using the bash script, enter a running postgres container and run another bash script inside that container.
However the same command when I run it from command line, it works fine and gets me into the postgres container.
Please help, I have spent hours and hours to solve this but no progress.
Thanks again
Your setup is a bit more complex than it needs to be.
Docker ps can filter containers directly with the --filter= option
docker ps --no-trunc --quiet --filter="ancestor=postgres"
You can also --name containers when you run them which will be less fraught with danger than the script you are attempting
docker run --detach --name postgres_whatever postgres
docker exec -ti postgres_whatever bash
I'm not sure that your script is hanging as opposed to sitting there waiting for input. Try running a command directly
Using naming
exec_test.sh
#!/usr/bin/env bash
docker exec postgres_whatever echo "I have run the test"
When run
$ ./exec_test.sh
I have run the test
Without naming
exec_filter_test.sh
#!/usr/bin/env bash
id=$(docker ps --no-trunc --quiet --filter="ancestor=postgres")
[ -z "$id" ] && echo "no id" && exit 1
docker exec "${id}" echo "I have run the test"
When run
$ ./exec_filter_test.sh
I have run the test

SSH to server, Sudo su - then run commands in bash [duplicate]

This question already has answers here:
Pass commands as input to another command (su, ssh, sh, etc)
(3 answers)
Closed 6 years ago.
I have the following
#!/bin/bash
USER='scott'
PASS='tiger'
ssh -t $USER#server006.web.com "sudo su - http"
This Works, but I was trying to get it to run a script afterwards, and if I do, using -c or <
The script does a grep like this:
grep -i "Exception:" /opt/local/server/logs/exceptions.log | grep -e "|*-*-*:*:*,*|" | tail -1 | awk -F'|' '{print $2}' >> log.log
This also works fine on it's own, but I need to be http to do it.
I cannot SCP the output of the script back to server001 either, so I'm stuck here,
Any ideas would be relay appreciated.
Ben
Try
ssh -t $USER#server006.web.com 'sudo -u http grep -i "Exception:" /opt/local/server/logs/exceptions.log | grep -e "|*-*-*:*:*,*|" | tail -1 | awk -F"|" "{print $2}" >> log.log'
Sudo already runs the command as a different user to there's no need to su again.
Only reason to do sudo su is to have a fast way to start a new shell with another user.
You probably want sudo -u instead of sudo su -:
ssh -t $USER#server006.web.com sudo -u http script
Guess I'm late to the party.
My solution:
ssh -t $USER#server006.web.com "sudo cat /etc/shadow"
and replace cat /etc/shadow with your desired program.

Resources