Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-48740

Mask Custom Variables in Pipeline Job

XMLWordPrintable

    • Icon: Improvement Improvement
    • Resolution: Unresolved
    • Icon: Minor Minor
    • mask-passwords-plugin
    • None

      At the moment, I am using something like below to fetch credentials (from Jenkins Credentials store) and then use it in Pipeline jobs.

      withCredentials([string(credentialsId: 'AWS_ACCESS_KEY_ID', variable: 'AWS_ACCESS_KEY_ID'),
string(credentialsId: 'AWS_SECRET_ACCESS_KEY', variable: 'AWS_SECRET_ACCESS_KEY')])

      I have a requirement where the password or any other secure string has to be fetched from somewhere else (credstash for example). I can script this out in groovy and get the secret into a variable (say env.MYSECRET), but I am not sure if it is possible to mask this variable MYSECRET.

      Can this be done with the latest version of the plugin? If not, can you pls take this as a feature request.

          [JENKINS-48740] Mask Custom Variables in Pipeline Job

          Oleg Nenashev added a comment -

          Do you consider writing a small plugin which provides credentials from credstash using a standard Credentials API? In such case you would be able to get a secure variable in the environment using the Credentials Binding plugin.

          I would be the recommended approach.

          Oleg Nenashev added a comment - Do you consider writing a small plugin which provides credentials from credstash using a standard Credentials API? In such case you would be able to get a secure variable in the environment using the Credentials Binding plugin. I would be the recommended approach.

          Vikas Kumar added a comment -

          Thanks for the response oleg_nenashev. At the moment, I have no idea about writing a custom Jenkins Plugin. Let me Google it, I believe that is the only option I have

          Vikas Kumar added a comment - Thanks for the response oleg_nenashev . At the moment, I have no idea about writing a custom Jenkins Plugin. Let me Google it, I believe that is the only option I have

          Oleg Nenashev added a comment -

          Sorry, I was unable to find any time to work on this plugin. I have decided to mark it for adoption, so anybody is welcome to take ownership and to work on this issue.

          Oleg Nenashev added a comment - Sorry, I was unable to find any time to work on this plugin. I have decided to mark it for adoption, so anybody is welcome to take ownership and to work on this issue.

          Ivan Krylov added a comment -

          is there any progress related to mask custom variables ?

          Ivan Krylov added a comment - is there any progress related to mask custom variables ?

          Oleg Nenashev added a comment -

          AFAIK no. I know it is getting worse with the recent security advisories

          Oleg Nenashev added a comment - AFAIK no. I know it is getting worse with the recent security advisories

            Unassigned Unassigned
            vikas027 Vikas Kumar
            Votes:
            2 Vote for this issue
            Watchers:
            5 Start watching this issue

              Created:
              Updated: