5

I'm writing a job-dsl seed job. The seed job needs to be able to generate from either github.com or from my companies github enterprise server. I'd like to keep one job rather than have two.

In each case I would like jenkins to be Authenticated. So to do this, I hardcoded the creds into the script. However I'm not satisfied with this. I would prefer to add a Credentials parameter on the seed job.

The problem is, the Creds parameter seems to add en ENV variable to the script that contains USERID/PASSWORD. http://steve-jansen.github.io/blog/2014/12/16/parsing-jenkins-secrets-in-a-shell-script/

However, the git jobdsl seems to want a Credentials ID, not USERID/PASSWORD.

How to resolve this impasse?

scm {
    git {
        remote {
            name('origin')
                url(repo)
                credentials(myCredential)
        }
        branch('master')
    }
}
Duane
  • 4,572
  • 6
  • 32
  • 33

3 Answers3

5

A good introduction to the way Job DSL handles credentials, can be found on official wiki page.

Two examples explaining how it's possible to pass user password to Jenkins job:

// use the github-ci-key credentials for authentication with GitHub 
job('example-1') { 
    scm { 
        git { 
            remote { 
                github('account/repo', 'ssh') 
                credentials('github-ci-key') 
            } 
        } 
    } 
} 

// assign the jarsign-keystore credentials to the PASSWORD build variable job('example-2') { 
    wrappers { 
        credentialsBinding { 
            usernamePassword('PASSWORD', 'jarsign-keystore') 
        } 
    } 
}
luka5z
  • 7,525
  • 6
  • 29
  • 52
2

Adding to the answer made by Duane above, CredentialID is the unique ID of a credential stored in Jenkins. You can also provide your own ID to identify it in a meaningful way.

Jenkins Credentials

Use this ID shown in the image above in your job-dsl script and it should work for you.

Peace.

Surendra Deshpande
  • 328
  • 1
  • 3
  • 14
0

Turns out that the premise of the question is false. CredentialsPlugin 1.7 sets the variable to the credentialID.

Duane
  • 4,572
  • 6
  • 32
  • 33
  • can you expand on that comment? I have the creds plugin and can see that variable in manual job XML, but it contains a GUID type string – ffghfgh Jun 12 '17 at 12:58
  • sorry for late response. I'm guessing the GUID type string you referring to, is a Github API key. That's all you need to authenticate with github through the API. – Duane Aug 30 '17 at 20:03
  • Right, so what happens is you put the creds into the credentials database in Jenkins. The database has a key for each cred you add. You use the key in the DSL script, and Jenkins will do the substitution for you. – Duane Jan 19 '18 at 21:38
  • 1
    This isn't a forum, if you want to comment, use a comment, not an answer. – bschlueter Jun 13 '19 at 22:35
  • in what way is "The credentials plugin 1.7 sets the variable to the credential id" Not an answer to the question? This is not chat, please read more than the first sentance of an answer. – Duane Jun 17 '19 at 20:48