-
Notifications
You must be signed in to change notification settings - Fork 159
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
How to use withCredentials in declarative Jenkinsfile? #107
Comments
I think that is more of a credentials plugin question. Not something to do with this plugin. https://www.google.com/search?q=jenkins+withcredentials+declarative |
@tomasbjerre, I've been googling for it, but found nothing working, so I hoped maybe here people could suggest something. I also tried this approach:
Syntax was accepted by Jenkins, but then build can't be triggered: |
You may be experiencing this issue: #100 |
I rebuilt it twice, didn't help... Could the problem be that |
Okay, so I figured out a bit. It seems that
I manually launched this build two times. Both times |
I updated the readme, the "Pipeline" section. You should verify that your configuration has actually been applied. |
Jenkins ver. 2.164.1 I'm not quite sure what kind of job is it: I created a project using Blue Ocean and it uses the Jenkins file that is in the repo. Jenkinsfile contains declarative pipeline. Here's the full content of it:
Give me a second to try |
It works if I use a static string as a token, like: |
Yeah I'm not convinced that the So if we can't access |
The pipeline script is accessing Check the readme (pipeline section) on how to verify what config has actually been applied. If you can verify that the token has been persisted in the config but the plugin is still not working as expected: then we may have a bug! |
@tomasbjerre, I don't get it. There are scripted pipelines and there are declarative pipelines, and they work differently, as far as I know. 90% of the readme section that you are referring to, is dedicated to the scripted pipelines, and only the last example is about declarative pipelines. But in this last example, you have token hardcoded. So could you, maybe, provide a working example of how the token can be read from secrets using declarative syntax? I tried lots of different approaches and could never make it work so I've just given up. |
I don't know how to read the token with declarative pipeline. That is a general Jenkins question, has nothing to do with this plugin. What I would do is one of:
|
@tomasbjerre So you're saying for declarative pipelines, token's must be hardcoded into the Jenkinsfiles because the plugin hasn't been updated to support environment variables for declarative pipelines? Being able to pass credentials to the plugin in a declarative pipeline seems like a real and necessary use case for a lot of recent Jenkins users. Having to hardcode the token or, as you say, use a scripted pipeline instead, isn't always an option for most people, and kind of defeats the purpose of using a declarative pipeline. But if that's your stance, perhaps the readme should state very obviously that the plugin doesn't support credentials or environment variables for declarative pipelines. No need for others to waste more time trying to figure that out on their own. |
A way forward here might be to add something like What is your use case here really? Avoid configuring the token in many places? Because then you should be able to define it with shared libraries. |
@tomasbjerre I like the The use case is just to not have to hardcode tokens inside code committed to repositories. Especially if it's a public repo. But yeah, also being able to share tokens across multiple pipelines. |
I opened this issue: https://issues.jenkins-ci.org/browse/JENKINS-57390 |
I will probably not work on implementing this in the plugin. The credentials API is really terrible and not easy to use at all. Which is my main reason for not adding it. But pull requests are always welcome! Quickest solution for you might be to create a shared library where you store the token: |
Sorry if I commented in this issue that was closed. but you can mix the scripted pipeline and the declarative pipeline for solving your case @dtitov . btw I had similar issue with you ( I want to use environment variable to put my secret token and use it in my declarative pipeline ). example code:
|
It now has tokenCredentialId. See readme. |
Hi,
In the example I find:
Apparently, this works with scripted Jenkinsfile, but not with declarative Jenkinsfile.
If I try to do something like:
it fails with
WorkflowScript: 4: Undefined section "withCredentials"
.If I put
withCredentials
inside thetriggers
section, it fails withWorkflowScript: 5: Triggers definitions cannot have blocks
.So, what's the proper way of using token from credentials with declarative syntax?
The text was updated successfully, but these errors were encountered: