Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-57417

configFileProvider / withCredentials not working in declarative pipeline

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Fixed
    • Icon: Major Major
    • config-file-provider-plugin
    • None
    • Jenkins 2.174
      Config File Provider Plugin 3.6
      Credentials Bind Plugin 1.18

      From what I read which googling the issue, I am under the impression that:

      1) The credentials bind plugin does not assign environment variables, but rather groovy variables; and even if it did, environment variables do not propagate "up" to the parent context.

      2) The "glue" that is available using scripted pipelines does not work in declarative pipelines; specifically the ability to define local variables and assign environment variables within a stage, and access them via the underlying token macro plugin that backs the configFileProvider.

      • Use of groovy variables, ${PIP_USERNAME}, resulted in an "Unrecoginzed macro" error.
      • Use of ${env.PIP_USERNAME} did not substitute the variable at all.
      • Use of ${ENV, var = "PIP_USERNAME"} substitutes the variable with null string.

       

      Custom Config File - 05f48227-0980-4313-ab24-f007d78090cf
      [global]
index = https://${ENV, var="PIP_USERNAME"}:${ENV, var="PIP_PASSWORD"}@nexus/repository/pypi-all/pypi
index-url = https://${ENV, var="PIP_USERNAME"}:${ENV, var="PIP_PASSWORD"}@nexus/repository/pypi-all/simple
cert = /etc/pki/ca-trust/source/anchors/ca.crt

[list]
format=columns

       

      Pipeline
      pipeline {
    agent any
    
    environment {
        PIP_FILE = '05f48227-0980-4313-ab24-f007d78090cf'
    }
    stages {
        stage('Build') {
            steps {
                withCredentials([usernamePassword(credentialsId: '0353637f-ef0b-46e5-b95a-6322b1e073d7', passwordVariable: 'PIP_PASSWORD', usernameVariable: 'PIP_USERNAME')]) {
                    configFileProvider([configFile(fileId: "${env.PIP_FILE}", replaceTokens: true, variable: 'PIP_TARGET')]) {
                        sh "cat ${PIP_TARGET}"
                    }
                }
            }
        }
    }
}
      Output
      ...
Pipeline] {
[Pipeline] withEnv
[Pipeline] {
[Pipeline] stage
[Pipeline] { (Build)
[Pipeline] withCredentials
Masking only exact matches of $PIP_USERNAME or $PIP_PASSWORD
[Pipeline] {
[Pipeline] wrap
provisioning config files...
copy managed file [Python pip.conf for Debugging] to file:/home/jenkins/workspace/OPIN/jenkins-issue@tmp/config8203247759059609056tmp
[Pipeline] {
[Pipeline] sh
+ cat /home/jenkins/workspace/OPIN/jenkins-issue@tmp/config8203247759059609056tmp
[global]
index = https://:@nexus/repository/pypi-all/pypi
index-url = https://:@nexus/repository/pypi-all/simple
cert = /etc/pki/ca-trust/source/anchors/ca.crt

[list]
[Pipeline] }
Deleting 1 temporary files
...

      Is this a bug, or am I missing something?

            domi Dominik Bartholdi
            crashvb Richard Davis
            Votes:
            1 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated:
              Resolved: