Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-43872

Dollar signs in credentials or literal value env vars cause issues in environment in Declarative

    XMLWordPrintable

Details

    Description

      I'm still figuring out all the details, but if you've got an environment directive like this:

      environment {
        SOME_VAR = credentials('some-creds')
        SOME_OTHER_VAR = "Look, I contain ${SOME_VAR}"
      }
      

      where SOME_VAR ends up containing something like $VARIABLES somewhere in it, you get an error like:

      [test1 #1] groovy.lang.MissingPropertyException: No such property: VARIABLES for class: groovy.lang.Binding
      [test1 #1] 	at groovy.lang.Binding.getVariable(Binding.java:63)
      [test1 #1] 	at org.jenkinsci.plugins.scriptsecurity.sandbox.groovy.SandboxInterceptor.onGetProperty(SandboxInterceptor.java:224)
      [test1 #1] 	at org.kohsuke.groovy.sandbox.impl.Checker$4.call(Checker.java:241)
      [test1 #1] 	at org.kohsuke.groovy.sandbox.impl.Checker.checkedGetProperty(Checker.java:238)
      [test1 #1] 	at com.cloudbees.groovy.cps.sandbox.SandboxInvoker.getProperty(SandboxInvoker.java:28)
      [test1 #1] 	at com.cloudbees.groovy.cps.impl.PropertyAccessBlock.rawGet(PropertyAccessBlock.java:20)
      [test1 #1] 	at Script1.run(Script1.groovy:1)
      [test1 #1] 	at org.jenkinsci.plugins.pipeline.modeldefinition.ModelInterpreter.withEnvBlock(/Users/abayer/IdeaProjects/pipeline-config-plugin/pipeline-model-definition/target/classes/org/jenkinsci/plugins/pipeline/modeldefinition/ModelInterpreter.groovy:216)
      [test1 #1] 	at org.jenkinsci.plugins.pipeline.modeldefinition.ModelInterpreter.call(/Users/abayer/IdeaProjects/pipeline-config-plugin/pipeline-model-definition/target/classes/org/jenkinsci/plugins/pipeline/modeldefinition/ModelInterpreter.groovy:75)
      [test1 #1] 	at org.jenkinsci.plugins.pipeline.modeldefinition.ModelInterpreter.inDeclarativeAgent(/Users/abayer/IdeaProjects/pipeline-config-plugin/pipeline-model-definition/target/classes/org/jenkinsci/plugins/pipeline/modeldefinition/ModelInterpreter.groovy:361)
      ...
      

      Additionally, a $ on its own gets you a different error, but the underlying problem is the same - we're not escaping things properly.

      Attachments

        Issue Links

          Activity

            People

              abayer Andrew Bayer
              abayer Andrew Bayer
              Votes:
              1 Vote for this issue
              Watchers:
              6 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: