在 Jenkins docker 容器中使用 fabric8 docker-maven-plugin

我正在使用 fabric8 的 docker-maven-plugin 来构建和推送我的 docker 镜像。我做这样的事情：

mvn docker:build

在我的开发环境和 Jenkins 中。但这是我的问题。

我让 Jenkins 在 docker Swarm 中运行。

docker service create --name jenkins -p 8080:8080 -p 50000:50000 --replicas=1 --mount type=volume,src=jenkins_home,dst=/var/jenkins_home --mount type=bind,source=/var/run/docker.sock,destination=/var/run/docker.sock jenkins/jenkins

请注意，我有一个从主机/var/run/docker.sock到容器/var/run/docker.sock的绑定挂载。

然后，我通过运行以下命令在容器内安装 Docker 二进制文件：

apt-get update && apt-get -y install apt-transport-https ca-certificates 
curl gnupg2 software-properties-common && 
curl -fsSL https://download.docker.com/linux/$(. /etc/os-release; echo "$ID")/gpg > /tmp/dkey; apt-key add /tmp/dkey && 
add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/$(. /etc/os-release; echo "$ID") $(lsb_release -cs) stable" && 
apt-get update &&  apt-get -y install docker-ce=18.06.1~ce~3-0~debian

最后，我将jenkins用户添加到docker组中

useradd -G {docker} jenkins

实际上，我将使用上述命令使用jenkins/jenkins映像作为我的根来构建我自己的 docker 映像。

然后我登录到 Jenkins，按如下方式构建我的管道

node {
def mvnHome
stage('Preparation') { // for display purposes
git branch: 'branch', credentialsId: 'id', url: 'https://url'
mvnHome = tool 'm3'
env.JAVA_HOME="${tool 'java8'}"
env.DOCKER_HOST="unix://var/run/docker.sock"
env.PATH="${env.JAVA_HOME}/bin:${env.PATH}"
}
stage('Build Docker Image') {
dir('rms-donation-manager') {
sh "'${mvnHome}/bin/mvn' clean install docker:build"
}
}
}

当我运行管道时，出现以下错误：

+ /var/jenkins_home/tools/hudson.tasks.Maven_MavenInstallation/m3/bin/mvn clean install docker:build
[INFO] Scanning for projects...
[INFO] 
[INFO] ------------------------------------------------------------------------
[INFO] Building donation-manager 1.0.3-SNAPSHOT
[INFO] ------------------------------------------------------------------------
[INFO] 
[INFO] --- docker-maven-plugin:0.28.0:build (default-cli) @ donation-manager ---
Apr 07, 2019 3:21:24 AM org.apache.http.impl.execchain.RetryExec execute
INFO: I/O exception (java.io.IOException) caught when processing request to {}->unix://127.0.0.1:1: Permission denied
Apr 07, 2019 3:21:24 AM org.apache.http.impl.execchain.RetryExec execute
INFO: Retrying request to {}->unix://127.0.0.1:1
Apr 07, 2019 3:21:24 AM org.apache.http.impl.execchain.RetryExec execute
INFO: I/O exception (java.io.IOException) caught when processing request to {}->unix://127.0.0.1:1: Permission denied
Apr 07, 2019 3:21:24 AM org.apache.http.impl.execchain.RetryExec execute
INFO: Retrying request to {}->unix://127.0.0.1:1
Apr 07, 2019 3:21:24 AM org.apache.http.impl.execchain.RetryExec execute
INFO: I/O exception (java.io.IOException) caught when processing request to {}->unix://127.0.0.1:1: Permission denied
Apr 07, 2019 3:21:24 AM org.apache.http.impl.execchain.RetryExec execute
INFO: Retrying request to {}->unix://127.0.0.1:1
[ERROR] DOCKER> Cannot create docker access object  [Permission denied]
[INFO] ------------------------------------------------------------------------
[INFO] BUILD FAILURE
[INFO] ------------------------------------------------------------------------
[INFO] Total time: 4.554 s
[INFO] Finished at: 2019-04-07T03:21:24Z
[INFO] Final Memory: 17M/175M
[INFO] ------------------------------------------------------------------------
[ERROR] Failed to execute goal io.fabric8:docker-maven-plugin:0.28.0:build (default-cli) on project donation-manager: Cannot create docker access object: Permission denied -> [Help 1]

请注意 Jenkins 运行的命令

/var/jenkins_home/tools/hudson.tasks.Maven_MavenInstallation/m3/bin/mvn clean install docker:build

它使用我在 Jenkins 管道中使用的 maven 工具"m3"并运行 maven 命令mvn clean install docker:build及其对权限的抱怨

这是踢球者。我进入詹金斯容器

docker exec -it ec4be3dffa62 /bin/bash

请注意，我不是以 root 用户的身份进入，我实际上是jenkins用户。然后，我进入pom.xml文件所在的项目并运行

/var/jenkins_home/tools/hudson.tasks.Maven_MavenInstallation/m3/bin/mvn clean install docker:build

它有效!!!映像已生成。为什么当我在容器内时它有效，而不是当我从 jenkins UI 运行它时。詹金斯 UI 是否使用其他用户？