Uploaded image for project: 'Bitbucket Cloud'
  1. Bitbucket Cloud
  2. BCLOUD-14736

Pipelines: known_host file is not updated to non-root user directory

    XMLWordPrintable

Details

    Description

      Summary

      With Docker image logged as non-root, the build is unable to get the host's fingerprint which had fetch in the Pipelines Settings.
      Tried to run "cat ~/.ssh/known_hosts" in the build and the known_host file is empty
      Ran "cat /opt/atlassian/pipelines/agent/data/known_hosts" and getting "cat: /opt/atlassian/pipelines/agent/data/known_hosts: Permission denied" error.

      Example:
      Build image - Dockerfile:

      #!python
FROM node:argon

RUN apt-get update
RUN apt-get -y dist-upgrade
RUN apt-get install --no-install-recommends -y -q sudo curl python build-essential git ca-certificates

RUN adduser --disabled-password --gecos '' myuser
RUN usermod -aG sudo myuser
RUN echo '%sudo ALL=(ALL) NOPASSWD:ALL' >> /etc/sudoers

USER myuser

      Workaround

      1. Add the Host key to known_host file. "ssh-keyscan <Host Address> >> ~/.ssh/known_hosts"
      2. Allow your build to run as root user by removing "USER myuser" from the Dockerfile

      Attachments

        Activity

          People

            Unassigned Unassigned
            rchia Ronald C.
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: