Question: How to Detect Docker Agent and Ensure CLI Tool is Downloaded Inside the Container from a Jenkins Plugin?
We are developing a Jenkins plugin that downloads a CLI tool to a specific path on the agent. This works fine on regular agents, but when using a Docker agent in a Jenkins pipeline, the path resolution fails.
What We Observed:
After debugging, we found that the CLI tool is being downloaded to the Docker host machine, not inside the Docker container used by the pipeline. As a result, when the plugin tries to invoke the tool inside the container, the path doesn’t exist.
Temporary Workaround:
We can manually mount the host path into the container using the args field in the Jenkinsfile:
agent {
docker {
image 'maven:3-eclipse-temurin-17'
args '-v $HOME/my-tool:$HOME/my-tool -v $JENKINS_HOME:$JENKINS_HOME'
}
}
This allows the container to access the downloaded tool, but it’s not ideal.
What We Need Help With:
- Is there a way from the plugin code to detect whether the current agent is a Docker agent container?
- We tried checking node labels, environment variables, and node types, but these don’t work with
agent { docker { ... } }since the container is ephemeral and not a separate Jenkins node.
- Is there a way to ensure that the CLI tool is downloaded inside the Docker container, not on the host?
- Ideally, we want the plugin to behave correctly regardless of whether it’s running on a host agent or inside a Docker container.
Jenkinsfile:
pipeline {
agent {
docker {
image 'maven:3-eclipse-temurin-17'
// args '-v $HOME/my-tool:$HOME/my-tool -v $JENKINS_HOME:$JENKINS_HOME'
}
}
stages {
stage('checkout') {
steps {
git url: '<git_url>', branch: 'main'
}
}
stage('security-scan') {
steps {
security_scan product: 'polaris'
}
}
}
}
Here in the security_scan step, the tool download is taking place. But the tool is getting downloaded in the host machine instead of the docker agent container.
Any guidance on how to handle this scenario more cleanly from the plugin side would be greatly appreciated!