[JENKINS-62502] Executing command not escape double quote - Jenkins Jira

Type: Bug
Resolution: Fixed
Priority: Minor
Component/s: deepsecurity-smartcheck-plugin, kubernetes-plugin
Labels:
None
Environment:
Jenkins 2.222.3
Kubernetes Plugin 1.25.7
Deep Security Smart Check Plugin 1.1.2

Similar Issues:
Powered by SuggestiMate

Show

I'm using Kubernetes Plugin to spin up Jenkins Slave to do Deep Security Smart Check. There is one line that show below debug output

Executing command: "docker" "run" "-i" "--rm" "--read-only" "--cap-drop" "ALL" "-e" "DSSC_SMARTCHECK_HOST=smartcheck.example.com" "-e" "DSSC_IMAGE_NAME=registry.example.com/bookinfo/productpage:dev" "-e" "DSSC_SMARTCHECK_USER=administrator" "-e" "DSSC_SMARTCHECK_PASSWORD=CHANGEME" "-e" "DSSC_IMAGE_PULL_AUTH={"username":"admin","password":"CHANGEME"}" "deepsecurity/smartcheck-scan-action"

Please focus on DSSC_IMAGE_PULL_AUTH that value is JSON object. You will find this command execution error because there is no escape on double quote. Plugin author find out that this line wrap double quote but no escaping https://github.com/jenkinsci/kubernetes-plugin/blob/613e0f3f54c3d5428e4a2beeb77bd01a2d2fc266/src/main/java/org/csanchez/jenkins/plugins/kubernetes/pipeline/ContainerExecDecorator.java#L630

Please advice. You can see all discussion about this bug here
https://github.com/jenkinsci/deepsecurity-smartcheck-plugin/issues/3#issue-625554085

causes

JENKINS-64675 Double escaping of quotes cause windows kubernetes-based agents to hang on 'bat'

Resolved

links to

There are no comments yet on this issue.

Assignee:: Vincent Latombe

Reporter:: Jirayut Nimsaeng

Votes:: 1 Vote for this issue

Watchers:: 3 Start watching this issue

Created:: 2020-05-29 01:29

Updated:: 2021-02-24 08:55

Resolved:: 2021-02-24 08:55