-
Bug
-
Resolution: Fixed
-
Critical
-
Jenkins-Version=2.236
OS: Linux and Jenkins running in Docker container
-
-
pipeline-build-step 2.13
Hello,
since Jenkins 2.236 I get the following error when trying to start a job from a job:
org.jenkinsci.plugins.workflow.support.steps.build.BuildTriggerStep: java.lang.IllegalArgumentException: Could not instantiate {name=SERVER_SSH_PASSWORD, value=XXXXX} for hudson.model.PasswordParameterValue: java.lang.ClassCastException: hudson.model.PasswordParameterValue.value expects class hudson.util.Secret but received class java.lang.String
The pipeline look like the following (shortened):
pipeline { agent { label 'linux' } // options, environment stages { stage('Deploy Production') { when { anyOf { buildingTag() } } steps { script { if (env.TAG_NAME) { dockerTag = "${env.TAG_NAME}" } else { dockerTag = "dev-${env.BRANCH_NAME}" } withCredentials([ usernamePassword(credentialsId: 'centos-root', usernameVariable: 'SERVER_SSH_USER', passwordVariable: 'SERVER_SSH_PASSWORD'), usernamePassword(credentialsId: 'database-maintenance', usernameVariable: 'LIQUIBASE_USERNAME', passwordVariable: 'LIQUIBASE_PASSWORD') ]) { build job: 'otherproject/otherjob/master', parameters: [ string(name: 'PROJECT_VERSION', value: "${dockerTag}"), string(name: 'PROJECT_ENVIRONMENT', value: 'production'), string(name: 'LISTEN_IP_NGINX', value: "172.21.240.14"), string(name: 'COMPOSE_ARGS', value: '-f docker-compose.yml'), string(name: 'SERVER_HOST', value: "${env.SERVER_HOST}"), string(name: 'SERVER_IP', value: "${env.SERVER_IP}"), string(name: 'DEPLOY_USER', value: "${env.DEPLOY_USER}"), string(name: 'DOCKER_IMAGE', value: "${env.DOCKER_IMAGE}"), string(name: 'SERVER_SSH_USER', value: "${SERVER_SSH_USER}"), string(name: 'WEB_CONTAINER_NAME', value: 'api'), string(name: 'PHP_CONTAINER_NAME', value: 'api-php'), password(name: 'SERVER_SSH_PASSWORD', value: "${SERVER_SSH_PASSWORD}"), text(name: 'EXTRA_ENVIRONMENT_VARIABLES', value: environmentVariablesProduction()), text(name: 'COMPOSE_FILE', value: readFile("docker-compose.server.yml")), booleanParam(name: 'LIQUIBASE_UPDATE', value: true), string(name: 'LIQUIBASE_USERNAME', value: "${LIQUIBASE_USERNAME}"), password(name: 'LIQUIBASE_PASSWORD', value: "${LIQUIBASE_PASSWORD}"), string(name: 'LIQUIBASE_CHANGELOG_PATH', value: '/var/www/html/data/database/basedata'), string(name: 'LIQUIBASE_URL', value: 'someJDBCUri), booleanParam(name: 'CLEANUP_MEMCACHED', value: true) ] } } } } } // post }
Downgrading to 2.235 helped.
- is caused by
-
JENKINS-61808 Always encrypt f:password values, not just those backed by Secret
-
- Resolved
-
- relates to
-
JENKINS-63516 Use of password parameters with the input step broken in Jenkins 2.236+
-
- Resolved
-
- links to
danielbeck Do you recall why you had to switch the @DataBoundConstructor for PasswordParameterDefinition and PasswordParameterValue? Could we move @DataBoundConstructor back to the old constructors, and instead add a special case for stapler data binding only to this method to handle Secret?
That way everything related to Structs data binding remains as before for compatibility, and things like doc generation would still work (doc generation against 2.236+ is broken because Secret is a parameter in the @DataBoundConstructor for PasswordParameterValue but Secret does not support data binding itself).
While investigating I also noticed that the new "Change Password" button for password parameters doesn't seem to do anything in the Pipeline Snippet Generator UI, but any fix for that is probably distinct from the data binding issues.