How to run pipelines as Jenkins user using ECS plugin

Hi Team,

I’m using Jenkins version 2.401.1 version running on AWS ECS Cluster with controller and Salve setup, controller is running on one ECS cluster and agent is running on different ECS cluster. We have ECS plugin used for launching the agents in the agent cluster cluster.
I have issue while running the pipelines in the agents using Jenkins user and has to run using root user. I have requirement to create the directories and install packages dynamically running the pipelines. Please help to how to run the pipelines on agent using Jenkins user without any issue.

Unfortunately, your two requirements are mutually exclusive. The operating system (correctly) will only allow packages to be installed by privileged (“root”) users. The Jenkins user is intentionally not a privileged user.

You could modify the container images to make the Jenkins user a privileged user that is allowed to perform the operations you require (like allowing the Jenkins user to run the operating system package manager), but that will allow jobs that are running the containers to perform privileged operations. That will create a security risk for your Pipelines.

You could install the components that you need into container images and then have the Pipeline jobs use those container images. The Jenkins user then runs as an unprivileged user (that is good) but you need to manage the container images and assure that they contain the correct tool versions.

The Jenkins infrastructure installs the needed components into the container images and manages those container images with dependabot, updatecli, and renovate.

Hi MarkEWaite

Thank you so much for the response. I’m using Jenkins JNLP agent with java 11 version. Some packages are not accessible from the Jenkins user as I installed as root while creating the agent. Please help me how to resolve this issue.
Thanks you so much for the response.


Hi Mark,

Thank you so much for the response. I have one for some packages, some packages are not accessible from the Jenkins user as we installed the packages as root user while creating the agent in the docker file.
Please help me for this issue.

You’ve not provided enough information to allow others to duplicate the issue that you are seeing. That requires me (and others) to guess what you did and offer guesses as to ways they think they would correct the thing that they guess you did. Placing one guess on top of another guess almost always fails to address the question. You’ll need to provide much more detail that describes the problem you are seeing.