I am trying to create sample jenkins pipeline to build maven/gradle based application on internal kubernetes cluster. I have setup proxy through environment variable, on addition I have inserted proxy parameters in gradle.properties file too. Whenever I tries to build an application through gradle build
It fails with an error Java: READ ONLY FILE SYSTEM
. I searched online and found that due to different UID on jnlp
and gradle
container, Gradle
fails to access /home/jenkins/
workspace. I inserted Pod Security Policy
parameter on the pod and tried to executed all the container with same UID 1000
, still It fails. I am still not sure exact root cause of this weird issue.
Reference Link: https://akomljen.com/set-up-a-jenkins-ci-cd-pipeline-with-kubernetes/
I am using Jenkins official helm chart to deploy jenkins on the cluster.
def label = "maven-${UUID.randomUUID().toString()}"
podTemplate(label: label, containers: [
containerTemplate(name: 'gradle', image: 'gradle:latest', ttyEnabled: true, command: 'cat',
envVars: [
envVar(key: 'http_proxy',value: 'www.xxx:8080'),
envVar(key: 'https_proxy',value: 'www.xxx:8080')
])
]) {
node(label) {
stage('Build a Gradle project') {
git 'SOME GRADLE PROJECT REPO.'
container('gradle') {
sh 'gradle build --stacktrace'
}
}
}
}
Consider the above sample example (assume jenkinsci/jnlp-slave:latest
will be provisioned by Jenkins Default Pod template and will be attached to this pod)
Gradle Daemon will start and later fails with the following error.
Error resolving plugin [id: 'org.springframework.boot', version: '2.1.4.RELEASE']
18:24:47.119 [ERROR] [org.gradle.internal.buildevents.BuildExceptionReporter] > Could not resolve all dependencies for configuration 'detachedConfiguration1'.
18:24:47.119 [ERROR] [org.gradle.internal.buildevents.BuildExceptionReporter] > java.io.IOException: Read-only file system
Finally, I found the solution. I was mounting secret volume inside /tmp/ directory and that's why entire container went on READ ONLY FILE SYSTEM mode. I still don't know why jenkins workspace directory went to read only mode as I mounted secret inside /tmp directory.