Error when Using the Image in Azure Devops Pipelines

Question

Error when Using the Image in Azure Devops Pipelines

shurick81 opened this issue 2 years ago · 2 comments

Describe the bug

Trying to use the image m365pnp/spfx:1.14.0 but getting error groupadd: Permission denied

To Reproduce

Set the pipeline

name: $(Date:yyyyMMdd).$(Rev:.r)
trigger:
  branches:
    include:
    - main
jobs:
- job:
  displayName: Building
  container: m365pnp/spfx:1.14.0
  steps:
  - script: npm install
  - script: gulp bundle --ship

See error

docker.io/m365pnp/spfx:1.14.0
/usr/bin/docker info -f "{{range .Plugins.Network}}{{println .}}{{end}}"
bridge
host
ipvlan
macvlan
null
overlay
/usr/bin/docker network create --label f4ce27 vsts_network_f74cc7293e1a41ea95308583e112eb1a
53a0343e44dafdb99c76e91cd9ad5a2cb579257acd8972136627f7010009abde
/usr/bin/docker inspect --format="{{index .Config.Labels \"com.azure.dev.pipelines.agent.handler.node.path\"}}" m365pnp/spfx:1.14.0
/usr/bin/docker create --name 8ce280b0d06f4c0285e87f8748905f2e_m365pnpspfx1140_e24cb0 --label f4ce27 --network vsts_network_f74cc7293e1a41ea95308583e112eb1a  -v "/var/run/docker.sock":"/var/run/docker.sock" -v "/home/vsts/work/1":"/__w/1" -v "/home/vsts/work/_temp":"/__w/_temp" -v "/home/vsts/work/_tasks":"/__w/_tasks" -v "/opt/hostedtoolcache":"/__t" -v "/home/vsts/agents/2.204.0/externals":"/__a/externals":ro -v "/home/vsts/work/.taskkey":"/__w/.taskkey" m365pnp/spfx:1.14.0 "/__a/externals/node/bin/node" -e "setInterval(function(){}, 24 * 60 * 60 * 1000);"
eb919e9fca4f4e2c211386920b53d612a75807bba44e55046fe28616e31418aa
/usr/bin/docker start eb919e9fca4f4e2c211386920b53d612a75807bba44e55046fe28616e31418aa
eb919e9fca4f4e2c211386920b53d612a75807bba44e55046fe28616e31418aa
/usr/bin/docker ps --all --filter id=eb919e9fca4f4e2c211386920b53d612a75807bba44e55046fe28616e31418aa --filter status=running --no-trunc --format "{{.ID}} {{.Status}}"
eb919e9fca4f4e2c211386920b53d612a75807bba44e55046fe28616e31418aa Up Less than a second
/usr/bin/docker exec  eb919e9fca4f4e2c211386920b53d612a75807bba44e55046fe28616e31418aa sh -c "command -v bash"
/bin/bash
whoami 
vsts
id -u vsts
1001
Try to create a user with UID '1001' inside the container.
/usr/bin/docker exec  eb919e9fca4f4e2c211386920b53d612a75807bba44e55046fe28616e31418aa bash -c "getent passwd 1001 | cut -d: -f1 "
/usr/bin/docker exec  eb919e9fca4f4e2c211386920b53d612a75807bba44e55046fe28616e31418aa id -u spfx
1001
Grant user 'spfx' SUDO privilege and allow it run any command without authentication.
/usr/bin/docker exec  eb919e9fca4f4e2c211386920b53d612a75807bba44e55046fe28616e31418aa groupadd azure_pipelines_sudo
groupadd: Permission denied.
groupadd: cannot lock /etc/group; try again later.
##[error]Docker exec fail with exit code 10
Finishing: Initialize containers

https://dev.azure.com/sapozhkov/spfx-demo-00/_build/results?buildId=564&view=logs&j=011e1ec8-6569-5e69-4f06-baf193d1351e&t=308a07fd-a4fe-4a35-953c-a9fe3da40b0a

Expected behavior
spfx dist is built in pipeline

Screenshots

Desktop (please complete the following information):
Azure DevOps MS hosted agent

Additional context

Answer 1 · 2022-07-15T14:51:23.000Z

I think the reason is that Azure DevOps pipeline requires the following:

USER has access to groupadd and other privileges commands without sudo

https://docs.microsoft.com/en-us/azure/devops/pipelines/process/container-phases?view=azure-devops&tabs=yaml

Answer 2 · 2022-08-18T09:17:31.000Z

Good find! Any suggestions how to fix it?