add possibilites of given user to run container

[tcollignon]

Hi,

This allow to setup the user who run exec in the container.

I think the comment on the "group" checkbox will be updated, if you think the PR will be accepted.

Tell me what you think.

[jenkinsadmin]

Thank you for this pull request! Please check this document for how the Jenkins project handles pull requests.

[ndeloof]

What's the use case behind this ? We run the container with it's default user intentionally, so container can fully init the way it has been designed. Forcing user from jenkins could result in unexpected container bootstrap issues that would just confuse user.

[tcollignon]

I test with docker maven image, and distant docker daemon (with docker-machine).
I can't access to /root/.m2 in the container because i'm not root, i'm "501".
This is the command for docker run :

docker -H tcp://192.168.99.100:2375 run --tty --detach ......  c0fab6515570 /bin/cat

And the command for exec :

docker -H tcp://192.168.99.100:2375 exec --tty --user 501:root 7fd8ccb6bf589c67a986cfc3dd8dae6a4652e8e7b .... mvn -f pom.xml clean package

Like you said I'm thinking I was the default user in the container, to be independent of Jenkins.
Maybe I do wrong configurations.

[ndeloof]

you do it right, but you can't be independent of jenkins for the user to run the build commands, as this user do write on workspace and this workspace MUST be own by jenkins slave agent user so it can later access and/or delete the workspace.

This used to work, would need to setup a test env to reproduce. Anyway I suggestion you run maven with -Dlocal.maven.repo=$WORKSPACE/.m2 so your local repo is not created in ephemeral container filesystem.

[alhafoudh]

For love of god, can we merge this? This plugin is nearly unusable without ability to specify user. If jenkins runs as non-privileged user I cannot even install apt-get packages inside docker container used for running the job.