Details
-
Bug
-
Resolution: Fixed
-
Medium
Description
Summary
With Docker image logged as non-root, the build is unable to get the host's fingerprint which had fetch in the Pipelines Settings.
Tried to run "cat ~/.ssh/known_hosts" in the build and the known_host file is empty
Ran "cat /opt/atlassian/pipelines/agent/data/known_hosts" and getting "cat: /opt/atlassian/pipelines/agent/data/known_hosts: Permission denied" error.
Example:
Build image - Dockerfile:
#!python FROM node:argon RUN apt-get update RUN apt-get -y dist-upgrade RUN apt-get install --no-install-recommends -y -q sudo curl python build-essential git ca-certificates RUN adduser --disabled-password --gecos '' myuser RUN usermod -aG sudo myuser RUN echo '%sudo ALL=(ALL) NOPASSWD:ALL' >> /etc/sudoers USER myuser
Workaround
- Add the Host key to known_host file. "ssh-keyscan <Host Address> >> ~/.ssh/known_hosts"
- Allow your build to run as root user by removing "USER myuser" from the Dockerfile