How to dynamically pass credentialsId to Jenkins pipeline

Question

Is there a way to dynamically pass the credentialsId in Jenkins pipeline within the withCredentials block using an environment variable?

Currently this works:

withCredentials([[$class: 'AmazonWebServicesCredentialsBinding', credentialsId: 'my-aws-credentials',
                        ACCESS_KEY: 'ACCESS_KEY', SECRET_KEY: 'SECRET_KEY']]) { }

But this does not:

withCredentials([[$class: 'AmazonWebServicesCredentialsBinding', credentialsId: '${AWS_CREDENTIAL_ID}',
                        ACCESS_KEY: 'ACCESS_KEY', SECRET_KEY: 'SECRET_KEY']]) { }

I should add that the builds runs within a docker container but other environment variables work fine, so I would expect this one to work too.

I believe the second line doesn't work because you need to enclose ${AWS_CREDENTIAL_ID} in double quotes instead of single quote. — Devesh, Apr 23 '18 at 12:49

score 3 · Answer 1 · answered May 23 '17 at 05:07

3

Actually, I was able to solve it by doing this ->

withCredentials([[$class: 'AmazonWebServicesCredentialsBinding', credentialsId: env.AWS_CREDENTIAL_ID,
                        ACCESS_KEY: 'ACCESS_KEY', SECRET_KEY: 'SECRET_KEY']]) { }

answered May 23 '17 at 05:07

user3575337

194
1
1
8

score 2 · Answer 2 · answered Nov 06 '18 at 16:32

You can use combination of withEnv and withCredentials and pass the credentials dynamically. The credentials have to be defined in the Global credentials section within Jenkins using the Credentials Binding Plugin:

withEnv([""CREDENTIALID=pw_${<some global variable>}",]) {
withCredentials([string(credentialsId: "${CREDENTIALID}", variable: 'mypassword' )]) {



}
}

This worked for me. Hope this helps!!

Joman68 · Answer 3 · 2020-08-26T05:23:21.060

Here is an example of how to set the credentialsId based on the value of the environment variable DEPLOYMENT_ENVIRONMENT:

#! groovy

pipeline {
    environment {
        CREDENTIALS_ID = getCredentialsId()
    }
    stages {
        stage('Build') {
            steps {
                withCredentials([string(credentialsId: "${CREDENTIALS_ID}", variable: 'password')]) {
                    bat """gradlew build -Dpassword=$password"""
                }
            }
        }
    }
}

String getCredentialsId() {
    if (env.DEPLOYMENT_ENVIRONMENT == "PRODUCTION") {
        "prodPassword"
    } else {
        "defaultPassword"
    }
}

score 0 · Answer 4 · answered Feb 21 '23 at 12:24

I tried to to set the credentialsId based on the value of the environment variable using below code but i didn't work:

stage('PrintProd packages'){
               env.KUBECONFIG='development-kubeconfig'
                withCredentials([file(credentialsId: env.KUBECONFIG, variable: 'KUBECRED')]) 
    {
    `enter code here`sh 'helm  list  --kubeconfig=$KUBECRED'
    
    }

it worked fine using env.variable instead:

stage('PrintProd packages'){
               env.KUBECONFIG='development-kubeconfig'
                withCredentials([file(credentialsId: env.KUBECONFIG, variable: 'KUBECRED')]) 
    {
    `enter code here`sh 'helm  list  --kubeconfig=$KUBECRED'
    
    }

How to dynamically pass credentialsId to Jenkins pipeline

4 Answers4