I am fairly new to macOS and I am trying to run a shell script through Jenkins for a maven project.
I just don't know how to give/change permission so that Jenkins can even change a directory.
Command I am trying to run:
#!/bin/bash
export JAVA_HOME=$(/usr/libexec/java_home)
export M2_HOME=/usr/local/apache-maven/apache-maven-3.5.3
export PATH=$PATH:/usr/local/apache-maven/apache-maven-3.5.3/bin
cd /Users/User1/Documents/QA_Automation/Selenium/workspace/TestProject
mvn clean install -Dtest=IOSTDMobileTest -Dwebtest.browser=Chrome
Output I am getting:
Building in workspace /Users/Shared/Jenkins/Home/workspace/Test job 2
[Test job 2] $ /bin/bash
/Users/Shared/Jenkins/tmp/jenkins1874710180338230332.sh
/Users/Shared/Jenkins/tmp/jenkins1874710180338230332.sh: line 7: cd:
/Users/User1/Documents/QA_Automation/Selenium/workspace/TestProject:Permission denied
I had the same problem with the next task:
cd /home/allex/NetBeansProjects/HelloWorld/
pwd
javac HelloWorld.java
java HelloWorld
When I executed it I got the "Permission errors like you" but in my interactive CLI I didn't have problem to access to the directory. Then I realized that the user who execute the command in Jenkins is "jenkins" who didn't have rights access to that directory by executing this command:
ls -ld /home/allex/
drwxr-x---. 87 allex allex 4096 Nov 19 08:57 /home/allex/
As you can see the user jenkins has no permissions over that directory. Then what I did was add the user jenkins to the group allex with the next command:
usermod -a -G allex jenkins
And that was all. It's working.
Related
I'm getting:
[[1;31mERROR[m] Failed to execute goal [32morg.apache.maven.plugins:maven-compiler-plugin:3.1:compile[m [1m(default-compile)[m on project [36mtest[m: [1;31mError while storing the mojo status[m: /var/lib/jenkins/workspace/e2e-tests/target/maven-status/maven-compiler-plugin/compile/default-compile/inputFiles.lst (Permission denied) -> [1m[Help 1][m
in an "Execute Shell" script (mvn test) in a Jenkins job.
I see that the /var/lib/jenkins/workspace folder has "drwxr-x--- 3 jenkins jenkins" permission. If I get it right, only jenkins user can write in this folder. However if I put "who" in the shell script, I see that the job is executed as root (even though in /etc/default/jenkins I see JENKINS_USER=jenkins).
To resolve the 'permission denied' problem I did:
chmod -R 777 /var/lib/jenkins/workspace
Is this the proper solution? Is it normal for the job to be run as root and not jenkins?
Thanks,
Dinko
I reverted the permissions on the /var/lib/jenkins/workspace back to drwxr-x---, rebooted the Jenkins host and restarted the job. No "Permission Denied" error was logged anymore.
Rebooting the host did solve the issue.
I use the command "#jhipster ci-cd" to generate the file .gitlab-ci.yml for pushing on Gitlab and deploy to Heroku.
But the maven compile is failed for "./mvnw: Permission denied"
Checking out a5400e45 as master...
Skipping Git submodules setup
Checking cache for master...
FATAL: file does not exist
Failed to extract cache
$ export MAVEN_USER_HOME=`pwd`/.maven
$ ./mvnw com.github.eirslett:frontend-maven-plugin:install-node-and-npm -DnodeVersion=v10.13.0 -DnpmVersion=6.4.1 -Dmaven.repo.local=$MAVEN_USER_HOME
/bin/bash: line 73: ./mvnw: Permission denied
ERROR: Job failed: exit code 1
i don't know why the permission is denied.
I use windows 10 for create jhipster project.
In your .gitlab-ci.yml file put:
image: openjdk:8
[ ... ]
before_script:
- chmod +x mvnw
- export MAVEN_USER_HOME=`pwd`/.maven
- ./mvnw com.github.eirslett:frontend-maven-plugin:install-node-and-npm -DnodeVersion=v10.13.0 -DnpmVersion=6.4.1 -Dmaven.repo.local=$MAVEN_USER_HOME
- ./mvnw com.github.eirslett:frontend-maven-plugin:npm -Dmaven.repo.local=$MAVEN_USER_HOME
TL;DR;
Run the following command in you local machine under you project folder:
git update-index --chmod=+x mvnw
Make sure that the script chmod +x mvnw is removed from your .gitlab-ci.yml file.
Push the changes and then everything will works fine.
I have tried the solution mentioned in the other answer which is run chmod +x mvnw in before_script part but it does not work because the chmod is not permitted.
This problem has been dicussed in the jhipster generator github repository here. Go through the page then you'll find the solution.
I am using ruby:2.5.1-alpine for my application's container image. When I run make release locally, which runs the following commands:
docker-compose build --pull release
docker-compose up --abort-on-container-exit test
The test stage runs the migrations, linter and specs. It runs without an issues. When I run the same exact command on CodeBuild which is using a aws/codebuild/ruby:2.5.1 as the host environment I get the following error:
Running RuboCop...
Inspecting 82 files
.................................................................................W
Offenses:
bin/console:1:1: W: Lint/ScriptPermission: Script file console doesn't have execute permission.
I checked the git permissions and everything looks kosher:
edit [...master ] git ls-tree HEAD bin/
100755 blob ad9a02fe6ed489beb105295de771cab5fa87a6af bin/console
100755 blob 9d87e9579b9c16c42d65301e8540888e044ba25d bin/run
100755 blob cf5febb7c6dd34aebdb862792fa147d06a9c5764 bin/setup
edit [...master ]
I added a debug statement to see what the permissions are at the time of the tests running and here is where it diverges.
Locally I get:
test_1_4d039799a73c | File permissions for bin/console are
#<File::Stat ino=10432530, **mode=0100755**, nlink=1, uid=1000, gid=1000,...>
And On the CodeBuild server I get:
File permissions for bin/console are
#<File::Stat ino=525319, **mode=0100666**, nlink=1, uid=0, gid=0, ...>
As I pasted the above I also noticed that the UID and the GID are different. So it looks like the permissions are not being set correctly:
RUN addgroup -g 1000 app && adduser -u 1000 -G app -D app
RUN chown -R app:app $APP_ROOT
WORKDIR $APP_ROOT
This was part of the issue:
https://forums.docker.com/t/not-able-to-change-permissions-for-files-and-folders-created-on-mounted-volumes/45769
After removing the volume for the stage that runs on CodeBuild the mid and gig are correct but the permissions themselves are still off.
·[36mcodebuild_1 |·[0m File permissions for bin/console are
#<File::Stat ino=2755035, mode=0100666, nlink=1, uid=1000, gid=1000...>
Not sure how to go about debugging this.
I am trying to nest a shell script into a Jenkins job but the script will infinitely get stuck when using the bash git clone command.
It doesn't even send me an error. I suspect the script is asking for a password when coming to the git clone command.
Jenkins Job Configuration :
#!/bin/sh
set -x
whoami #returns 'jenkins'
sudo -u root ./my_script.sh
my_script.sh
whoami #returns ROOT
sudo git clone 'https://myusername:mypassword#my.forge.fr/project/my-project.git' -b "master" --verbose
What have I tried so far
I edited my sudoers and added jenkins ALL=NOPASSWD: ALL
I intentionnaly wrote wrong credential in the git clone command, and I get an error remote: HTTP Basic: Access denied
With a terminal, I went in my workspace project, switched to jenkins user and ran sudo ./my_script.sh and it worked fine, no password asked.
It also work fine when ran under root user ( not a surprise )
Does anyone know how I can get my job to make this command pass ?
Edit
I am on Mac OS
I finally solved it, it did come from a credential, but not the one I thought of. The problem came from Keychain Access. Also I appologize, I did not specified I was on Mac, I thought it wasn't relevant here since I was using bash.
When running the script under the Jenkins user, it worked fine as I was using sudo, but when I tried to run directly the sudo git clone 'https://myusername:mypassword#my.forge.fr/project/my-project.git' -b "master" --verbose I got an error :
I couldn't find the error message in english, but basically it says "unable to find a Keychain to store..." and the answers "cancel" and "reset my default keychain"
From there I :
Created a new Keychain called jenkins-dev in the Keychain manager
I copied it from /Users/myuser/Library/Keychains to /Users/Shared/Jenkins/Library/Keychains under myuser
Then I ran security unlock-keychain /Users/Shared/Jenkins/Library/Keychains/jenkins-dev.keychain-db under jenkins user
finally security default-keychain /Users/Shared/Jenkins/Library/Keychains/jenkins-dev.keychain-db under jenkins user
I ran once more the git clone ... command line under jenkins user, and then it found the keychain, stored the access and my Jenkins script wasn't stuck anymore
Hope this can help
Do you have a key in ~/.ssh/id_rsa.pub in that machine?
I have few shell commands that needs to be executed when a build is getting ready. In Jenkins, I have created a Freestyle project with execute shell options as:
#!/bin/sh
cd /path to kafka folder
bin/zookeeper-server-start.sh config/zookeeper.properties &
bin/kafka-server-start.sh config/server.properties &
cd /path to elasticsearch
bin/elasticsearch
I am able to execute this shell commands from a local file but not through Jenkins.
Here is the Console output I am seeing in Jenkins:
/Users/Shared/Jenkins/tmp/hudson2342342342342357656.sh: line 2: cd: /path to kafka folder: Not a directory
Build step 'Execute shell' marked build as failure
Finished: FAILURE
Any help on how I can fix this? Thanks.
It is a permission issue. Please check your Jenkins user has enough permission to run this shell commands
The best way to find out what's wrong (e.g. permissions issue; folder doesn't exist; etc), do this:
Log into the slave node that is executing this job (if there is none defined, it's probably the Jenkins server itself ("master")
If on "master": become the user that Jenkins runs as (most likely 'jenkins'): sudo su - jenkins (if you have sudo/root access), or su - jenkins (if you know jenkins's password)
If the job runs on another slave, find out as which user the Jenkins server connects. Become that user on the slave node.
cd /path/to/workspace (you can find the job's workspace by looking at the console of a job run)
Now run your commands from a shell as they are in the build step - it may become more apparent on why they fail.