Currently there appears to be no way to change the id of a credential once it has been created. The user instead is required to manually create a new secret with the same contents. This is very annoying, especially because it requires tracking down the actual credentials themselves again. Instead, the credential id should be a mutable property of a credential. It would also be acceptable if there were simply an option to clone a credential with a new id.

          [JENKINS-60693] Allow editing credential id

          Oleg Nenashev added a comment -

          Note that Credential IDs are stored as strings in objects which use these credentials. Although changing IDs could be a useful feature, tracking down and renaming credentials usages would be a pain. Examples:external usages in Configuration as Code and Pipeline scripts/libraries . I doubt it can be automated if there is such expectation in this ticket

          Oleg Nenashev added a comment - Note that Credential IDs are stored as strings in objects which use these credentials. Although changing IDs could be a useful feature, tracking down and renaming credentials usages would be a pain. Examples:external usages in Configuration as Code and Pipeline scripts/libraries . I doubt it can be automated if there is such expectation in this ticket

          Jesse Rittner added a comment -

          oleg_nenashev If you mean that I would still have to manually update the credential id at each use site (e.g., withCredentials in a Jenkinsfile), that is perfectly acceptable. This is just to be able to fix poorly or improperly named secrets without having to track them down out-of-band, or circumvent the redaction and print them to the logs. Like I said, it would be okay if there were simply a way to clone an existing credential using a new credential id. Then I could just delete the original version myself, and the end result is the same as far as I need.

          Jesse Rittner added a comment - oleg_nenashev If you mean that I would still have to manually update the credential id at each use site (e.g., withCredentials in a Jenkinsfile), that is perfectly acceptable. This is just to be able to fix poorly or improperly named secrets without having to track them down out-of-band, or circumvent the redaction and print them to the logs. Like I said, it would be okay if there were simply a way to clone an existing credential using a new credential id. Then I could just delete the original version myself, and the end result is the same as far as I need.

          Assaf Katz added a comment -

          The process of renaming the certification should work, I agree that we need to display a confirmation popup, but this should be supported.

          Assaf Katz added a comment - The process of renaming the certification should work, I agree that we need to display a confirmation popup, but this should be supported.

          Viktor Kryvolap added a comment - - edited

          I think there can be reasons why it is wrong to change credentials IDs. But it is possible to add a feature to copy credentials with the ability to specify a new ID.

          Viktor Kryvolap added a comment - - edited I think there can be reasons why it is wrong to change credentials IDs. But it is possible to add a feature to copy credentials with the ability to specify a new ID.

            Unassigned Unassigned
            rittneje Jesse Rittner
            Votes:
            2 Vote for this issue
            Watchers:
            6 Start watching this issue

              Created:
              Updated: