[solved]/bin/sh: 3: cannot create /root/.netrc: Permission denied

Drone Support
1

I’m getting a permissions error on .netrc when attempting to pull from ECS with a docker image with credentials and use it in my build pipeline, like this:

pipeline:
  auth:
    image: myrepo/ecs-liazon
    commands:
      - aws ecr get-login | bash -c
      - docker pull 44444445.dkr.ecr.us-west-2.amazonaws.com/myimage:latest
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock

  build:
    image: 44444445.dkr.ecr.us-west-2.amazonaws.com/myimage:latest

I’m not using a USER in any of the Dockerfiles involved, and when I build locally I’m able to pull the image. Is there something else I need to do?

Here’s my Dockerfile for the image:

FROM debian:jessie

ENV PYTHONIOENCODING=UTF-8
ENV PATH=/root/.local/bin:$PATH

COPY config/credentials /root/.aws/credentials
COPY config/config /root/.aws/config

RUN apt-get update \
    && apt-get install -y \
    python \
    python-pip

RUN pip install awscli --upgrade \
    && echo 'export PATH=/root/.local/bin:$PATH' >> /root/.bash_profile

RUN set -x \
    && export APT_LISTCHANGES_FRONTEND=none \
    && apt-get -q -y -o Dpkg::Options::="--force-confdef" -o Dpkg::Options::="--force-confold" install apt-transport-https \
    && apt-key adv --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys 58118E89F3A912897C070ADBF76221572C52609D \
    && echo "deb https://apt.dockerproject.org/repo debian-jessie main" > /etc/apt/sources.list.d/docker.list \
    && apt-get update \
    && apt-get -q -y -o Dpkg::Options::="--force-confdef" -o Dpkg::Options::="--force-confold" install docker-engine \
    && apt-get clean \
    && rm -Rf /var/lib/apt/lists/* 2>/dev/null \
    && service docker start
2

the only time I’ve ever seen this error message is when setting USER which you’ve said is not the case with your build image. So I’m not sure. This is the command drone is running inside your container. Perhaps that can help you debug further

#!/bin/sh

cat <<EOF > /root/.netrc
...
EOF
3

After rebuilding the stack, there were other errors and then it worked, it turns out it was again weirdness with dockerhub, which was down for the entire day because AWS S3 was down for the day for us-east-1.