PermissionError: [Errno 13] Permission denied: '/.azure' when run as container in Jenkins docker agent pipeline !
See original GitHub issueSorry but this problem still persistent if you using “Jenkins Docker in Docker” If you using Azure CLI container run in you local laptop it will works fine but if you use it for run as container in Jenkins pipeline you will face permission problem because “az” executed bin need to run as root !!!
]
because Jenkins didn’t give you “root user” to the container because security issues in privilege escalation attack ! So if you type anycommand relate to “root user” you will get broken output even “whoami” command !!! The way to fix is you give additional user argument to container while run it on Jenkins pipeline
Quick and Dirty way to fixing this problem
agent {
docker {
image 'mcr.microsoft.com/azure-cli:2.8.0'
args "--user root --privileged"
}
}
You will fix this problem !!! But why do “Azure CLI need root user ?” I don’t know about internal code in Azure CLI so hope Microsoft Team can help to fix this problem without needed az bin executed as root. Thank you very much 😭😭😭 Tracing error
Traceback (most recent call last):
File "/usr/local/lib/python3.6/runpy.py", line 193, in _run_module_as_main
"__main__", mod_spec)
File "/usr/local/lib/python3.6/runpy.py", line 85, in _run_code
exec(code, run_globals)
File "/usr/local/lib/python3.6/site-packages/azure/cli/__main__.py", line 33, in <module>
az_cli = get_default_cli()
File "/usr/local/lib/python3.6/site-packages/azure/cli/core/__init__.py", line 599, in get_default_cli
from azure.cli.core.azlogging import AzCliLogging
File "/usr/local/lib/python3.6/site-packages/azure/cli/core/azlogging.py", line 30, in <module>
from azure.cli.core.commands.events import EVENT_INVOKER_PRE_CMD_TBL_TRUNCATE
File "/usr/local/lib/python3.6/site-packages/azure/cli/core/commands/__init__.py", line 28, in <module>
from azure.cli.core.extension import get_extension
File "/usr/local/lib/python3.6/site-packages/azure/cli/core/extension/__init__.py", line 18, in <module>
az_config = CLIConfig(config_dir=GLOBAL_CONFIG_DIR, config_env_var_prefix=ENV_VAR_PREFIX)
File "/usr/local/lib/python3.6/site-packages/knack/config.py", line 38, in __init__
ensure_dir(config_dir)
File "/usr/local/lib/python3.6/site-packages/knack/util.py", line 111, in ensure_dir
raise e
File "/usr/local/lib/python3.6/site-packages/knack/util.py", line 108, in ensure_dir
os.makedirs(d)
File "/usr/local/lib/python3.6/os.py", line 220, in makedirs
mkdir(name, mode)
PermissionError: [Errno 13] Permission denied: '/.azure'
_Originally posted by @wdrdres3qew5ts21 in https://github.com/Azure/azure-cli/issues/613#issuecomment-651812788_
Issue Analytics
- State:
- Created 3 years ago
- Reactions:3
- Comments:12 (3 by maintainers)
Top GitHub Comments
A workaround is to redefine a custom image from the azure-cli one with a custom user as below
use USER root this worked for me