You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Our Jenkins integration of Docker roughly looks as follows: Jenkins will create a container from the image and start it as a SSH server. Then it will connect to it via SSH as the user "jenkins". Hence, it has no root privileges inside the container. I think this approach is reasonable from a security perspective.
I tried this with an image derived from qodana-jvm-community:2022.3 but I got a permission denied error on /etc/passwd when executing /opt/idea/bin/qodana. Is Qodana trying to write to this file?
I have the feeling that the Qodana images would be more useful if they would support root-less execution. What do you think?
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
-
Our Jenkins integration of Docker roughly looks as follows: Jenkins will create a container from the image and start it as a SSH server. Then it will connect to it via SSH as the user "jenkins". Hence, it has no root privileges inside the container. I think this approach is reasonable from a security perspective.
I tried this with an image derived from
qodana-jvm-community:2022.3but I got a permission denied error on/etc/passwdwhen executing/opt/idea/bin/qodana. Is Qodana trying to write to this file?I have the feeling that the Qodana images would be more useful if they would support root-less execution. What do you think?
Beta Was this translation helpful? Give feedback.
All reactions