I’m running Drone on k8s via helm (v2.0.0-rc.14) connected to a BB repository. I got it set up and many of my pipelines work however I’m stuck with a couple that raise a permission denied error. For instance
whoaim returns root. I see this issue also when trying to run some features tests on a ruby project so I don’t believe it’s npm/yarn specific.
I’m using terraform to deploy helm and the config is as below.
resource "helm_release" "drone" {
name = "drone"
chart = "stable/drone"
version = "2.0.0-rc.14"
recreate_pods = true
set {
name = "service.type"
value = "NodePort"
}
set {
name = "server.host"
value = "drone.xxxxx.com"
}
set {
name = "server.protocol"
value = "https"
}
set {
name = "server.env.DRONE_TLS_AUTOCERT"
value = "false"
}
set_string {
name = "server.env.DRONE_USER_FILTER"
value = "xxxxx"
}
set {
name = "server.env.DRONE_DATABASE_DRIVER"
value = "postgres"
}
set {
name = "server.env.DRONE_LOGS_TRACE"
value = true
}
set_sensitive {
name = "server.env.DRONE_DATABASE_DATASOURCE"
value = "xxxxx"
}
set {
name = "server.kubernetes.namespace"
value = "xxxxx"
}
set {
name = "sourceControl.provider"
value = "bitbucketCloud"
}
set {
name = "sourceControl.bitbucketCloud.clientID"
value = "xxxxx"
}
set_sensitive {
name = "sourceControl.secret"
value = "${kubernetes_secret.core.metadata.0.name}"
}
set {
name = "sourceControl.bitbucketCloud.clientSecretKey"
value = "BITBUCKET_CLIENT_SECRET"
}
}
FYI i’ve updated to the latest stable release of the helm chart and i’m getting the same issue.
resource "helm_release" "drone" {
name = "drone"
chart = "stable/drone"
version = "2.0.4"
recreate_pods = true
set {
name = "service.type"
value = "NodePort"
}
set {
name = "server.host"
value = "xxxx"
}
set {
name = "server.protocol"
value = "https"
}
set {
name = "server.env.DRONE_TLS_AUTOCERT"
value = "false"
}
set_string {
name = "server.env.DRONE_USER_FILTER"
value = "xxxx"
}
set {
name = "server.env.DRONE_DATABASE_DRIVER"
value = "postgres"
}
set {
name = "server.env.DRONE_LOGS_TRACE"
value = true
}
set {
name = "server.env.DRONE_RPC_SERVER"
value = "http://drone-drone.default"
}
set_sensitive {
name = "server.env.DRONE_DATABASE_DATASOURCE"
value = "xxxx"
}
set {
name = "server.kubernetes.namespace"
value = "xxxx"
}
set {
name = "sourceControl.provider"
value = "bitbucketCloud"
}
set {
name = "sourceControl.bitbucketCloud.clientID"
value = "xxxx"
}
set_sensitive {
name = "sourceControl.secret"
value = "xxxx"
}
set {
name = "sourceControl.bitbucketCloud.clientSecretKey"
value = "BITBUCKET_CLIENT_SECRET"
}
}
@bradrydzewski thanks. I read about some issues with the volumes but the link you sent was more helpful.
I set server.kubernetes.enabled to false and it’s now using the agent and can run. For anyone having similar issues my terraform helm settings are now:
resource "helm_release" "drone" {
name = "drone"
chart = "stable/drone"
version = "2.0.4"
recreate_pods = true
set {
name = "service.type"
value = "NodePort"
}
set {
name = "server.host"
value = "xxxxx"
}
set {
name = "server.protocol"
value = "https"
}
set {
name = "server.env.DRONE_TLS_AUTOCERT"
value = "false"
}
set_string {
name = "server.env.DRONE_USER_FILTER"
value = "xxxxx"
}
set {
name = "server.env.DRONE_DATABASE_DRIVER"
value = "postgres"
}
set {
name = "server.env.DRONE_RPC_SERVER"
value = "http://drone-drone.default"
}
set {
name = "server.env.DRONE_RPC_PROTO"
value = "http"
}
set_sensitive {
name = "server.env.DRONE_DATABASE_DATASOURCE"
value = "xxxxx"
}
set {
name = "server.kubernetes.enabled"
value = false
}
set {
name = "sourceControl.provider"
value = "bitbucketCloud"
}
set {
name = "sourceControl.bitbucketCloud.clientID"
value = "xxxxx"
}
set_sensitive {
name = "sourceControl.secret"
value = "xxxxx"
}
set {
name = "sourceControl.bitbucketCloud.clientSecretKey"
value = "BITBUCKET_CLIENT_SECRET"
}
}