linuxbashjenkinsjenkins-pipelinejenkins-groovy

Jenkins pipeline operation not permitted

I'm working on a Jenkins pipeline and can't understand why one of my steps can't be executed on the target machines.

Basically, I want to deploy my new code from github repository with Jenkins agent via ssh.

The issue: When I want to change the group owner of the project folder it won't let me to do it from Jenkins pipeline, but I'm able to do it if I'll manually connect under jenkins user to the target machine.

P.S: I approved the script and Jenkins pipeline is not in a Sandboxed environment.

P.S.S: I'm able to copy my code to the project folder with rsync, so there is no issue with that. The only problem is change of group with: chgrp -R gunicorn $PROJECT

Here is what I have so far:

Jenkins user without root permission on a target machine. Jenkins user is part of other group that I need my files changed to. Manual operation of changing the group permissions (without sudo) is working fine when manually connected under jenkins via ssh, but not from the pipeline.

Thank you in advance.

My sample pipeline code:

pipeline {
   agent none
   environment {
       GITHUB_REPO = 'github.com/************/**********.git'
       PROJECT = '/opt/***********/'
   }
   stages {
       stage('Parallel Execution') {
           parallel {
               stage('Test Deploy Agent 1') {
                   agent { label '***********' }
                   steps {
                       script {
                           // Use withCredentials to securely inject the GitHub credentials
                           withCredentials([usernamePassword(credentialsId: 'jenkins-github-test', usernameVariable: 'GITHUB_USER', passwordVariable: 'GITHUB_TOKEN')]) {
                               // Clone the repository using the provided credentials
                               sh """
                                   git clone https://\$GITHUB_USER:\$GITHUB_TOKEN@\$GITHUB_REPO \$WORKSPACE/***********
                               """
                           }
                       }
                       sh "rsync --exclude='.git/' -q $WORKSPACE/***********/ $PROJECT"
                       sh "chgrp -R gunicorn $PROJECT"
                   }
                   post {
                       always {
                           cleanWs()
                       }
                   }
               }
               stage('Test Deploy Agent 2') {
                   agent { label '***********' }
                   steps {
                       script {
                           // Use withCredentials to securely inject the GitHub credentials
                           withCredentials([usernamePassword(credentialsId: 'jenkins-github-test', usernameVariable: 'GITHUB_USER', passwordVariable: 'GITHUB_TOKEN')]) {
                               // Clone the repository using the provided credentials
                               sh """
                                   git clone https://\$GITHUB_USER:\$GITHUB_TOKEN@\$GITHUB_REPO \$WORKSPACE/***********
                               """
                           }
                           sh "rsync --exclude='.git/' -q $WORKSPACE/***********/ $PROJECT"
                           sh "chgrp -R gunicorn $PROJECT"
                       }
                   }
                   post {
                       always {
                           cleanWs()
                       }
                   }
               }
           }
       }
   }
}

code

Solution

  • Restart jenkins after adding jenkins user to gunicorn group.