Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-62502

Executing command not escape double quote

XMLWordPrintable

      I'm using Kubernetes Plugin to spin up Jenkins Slave to do Deep Security Smart Check. There is one line that show below debug output

      Executing command: "docker" "run" "-i" "--rm" "--read-only" "--cap-drop" "ALL" "-e" "DSSC_SMARTCHECK_HOST=smartcheck.example.com" "-e" "DSSC_IMAGE_NAME=registry.example.com/bookinfo/productpage:dev" "-e" "DSSC_SMARTCHECK_USER=administrator" "-e" "DSSC_SMARTCHECK_PASSWORD=CHANGEME" "-e" "DSSC_IMAGE_PULL_AUTH={"username":"admin","password":"CHANGEME"}" "deepsecurity/smartcheck-scan-action"

      Please focus on DSSC_IMAGE_PULL_AUTH that value is JSON object. You will find this command execution error because there is no escape on double quote. Plugin author find out that this line wrap double quote but no escaping https://github.com/jenkinsci/kubernetes-plugin/blob/613e0f3f54c3d5428e4a2beeb77bd01a2d2fc266/src/main/java/org/csanchez/jenkins/plugins/kubernetes/pipeline/ContainerExecDecorator.java#L630

      Please advice. You can see all discussion about this bug here
      https://github.com/jenkinsci/deepsecurity-smartcheck-plugin/issues/3#issue-625554085

          [JENKINS-62502] Executing command not escape double quote

          Jirayut Nimsaeng created issue -
          Vincent Latombe made changes -
          Description Original: I'm using Kubernetes Plugin to spin up Jenkins Slave to do Deep Security Smart Check. There is one line that show below debug output

          {{Executing command: "docker" "run" "-i" "--rm" "--read-only" "--cap-drop" "ALL" "-e" "DSSC_SMARTCHECK_HOST=smartcheck.example.com" "-e" "DSSC_IMAGE_NAME=registry.example.com/bookinfo/productpage:dev" "-e" "DSSC_SMARTCHECK_USER=administrator" "-e" "DSSC_SMARTCHECK_PASSWORD=CHANGEME" "-e" "DSSC_IMAGE_PULL_AUTH=\{"username":"admin","password":"CHANGEME"}" "deepsecurity/smartcheck-scan-action" }}

          Please focus on {{DSSC_IMAGE_PULL_AUTH}} that value is JSON object. You will find this command execution error because there is no escape on double quote. Plugin author find out that this line wrap double quote but no escaping [https://github.com/jenkinsci/kubernetes-plugin/blob/613e0f3f54c3d5428e4a2beeb77bd01a2d2fc266/src/main/java/org/csanchez/jenkins/plugins/kubernetes/pipeline/ContainerExecDecorator.java#L630]

          Please advice. You can see all discussion about this bug here
          [https://github.com/jenkinsci/deepsecurity-smartcheck-plugin/issues/3#issue-625554085]           		New: I'm using Kubernetes Plugin to spin up Jenkins Slave to do Deep Security Smart Check. There is one line that show below debug output

          {code}
          Executing command: "docker" "run" "-i" "--rm" "--read-only" "--cap-drop" "ALL" "-e" "DSSC_SMARTCHECK_HOST=smartcheck.example.com" "-e" "DSSC_IMAGE_NAME=registry.example.com/bookinfo/productpage:dev" "-e" "DSSC_SMARTCHECK_USER=administrator" "-e" "DSSC_SMARTCHECK_PASSWORD=CHANGEME" "-e" "DSSC_IMAGE_PULL_AUTH=\{"username":"admin","password":"CHANGEME"}" "deepsecurity/smartcheck-scan-action"
          {code}

          Please focus on {{DSSC_IMAGE_PULL_AUTH}} that value is JSON object. You will find this command execution error because there is no escape on double quote. Plugin author find out that this line wrap double quote but no escaping [https://github.com/jenkinsci/kubernetes-plugin/blob/613e0f3f54c3d5428e4a2beeb77bd01a2d2fc266/src/main/java/org/csanchez/jenkins/plugins/kubernetes/pipeline/ContainerExecDecorator.java#L630]

          Please advice. You can see all discussion about this bug here
          [https://github.com/jenkinsci/deepsecurity-smartcheck-plugin/issues/3#issue-625554085]
          Vincent Latombe made changes -
          Description Original: I'm using Kubernetes Plugin to spin up Jenkins Slave to do Deep Security Smart Check. There is one line that show below debug output

          {code}
          Executing command: "docker" "run" "-i" "--rm" "--read-only" "--cap-drop" "ALL" "-e" "DSSC_SMARTCHECK_HOST=smartcheck.example.com" "-e" "DSSC_IMAGE_NAME=registry.example.com/bookinfo/productpage:dev" "-e" "DSSC_SMARTCHECK_USER=administrator" "-e" "DSSC_SMARTCHECK_PASSWORD=CHANGEME" "-e" "DSSC_IMAGE_PULL_AUTH=\{"username":"admin","password":"CHANGEME"}" "deepsecurity/smartcheck-scan-action"
          {code}

          Please focus on {{DSSC_IMAGE_PULL_AUTH}} that value is JSON object. You will find this command execution error because there is no escape on double quote. Plugin author find out that this line wrap double quote but no escaping [https://github.com/jenkinsci/kubernetes-plugin/blob/613e0f3f54c3d5428e4a2beeb77bd01a2d2fc266/src/main/java/org/csanchez/jenkins/plugins/kubernetes/pipeline/ContainerExecDecorator.java#L630]

          Please advice. You can see all discussion about this bug here
          [https://github.com/jenkinsci/deepsecurity-smartcheck-plugin/issues/3#issue-625554085]           		New: I'm using Kubernetes Plugin to spin up Jenkins Slave to do Deep Security Smart Check. There is one line that show below debug output
          {code:java}
          Executing command: "docker" "run" "-i" "--rm" "--read-only" "--cap-drop" "ALL" "-e" "DSSC_SMARTCHECK_HOST=smartcheck.example.com" "-e" "DSSC_IMAGE_NAME=registry.example.com/bookinfo/productpage:dev" "-e" "DSSC_SMARTCHECK_USER=administrator" "-e" "DSSC_SMARTCHECK_PASSWORD=CHANGEME" "-e" "DSSC_IMAGE_PULL_AUTH={"username":"admin","password":"CHANGEME"}" "deepsecurity/smartcheck-scan-action"
          {code}
          Please focus on {{DSSC_IMAGE_PULL_AUTH}} that value is JSON object. You will find this command execution error because there is no escape on double quote. Plugin author find out that this line wrap double quote but no escaping [https://github.com/jenkinsci/kubernetes-plugin/blob/613e0f3f54c3d5428e4a2beeb77bd01a2d2fc266/src/main/java/org/csanchez/jenkins/plugins/kubernetes/pipeline/ContainerExecDecorator.java#L630]

          Please advice. You can see all discussion about this bug here
           [https://github.com/jenkinsci/deepsecurity-smartcheck-plugin/issues/3#issue-625554085]
          Vincent Latombe made changes -
          Remote Link New: This issue links to "PR #924 (Web Link)" [ 26411 ]
          Vincent Latombe made changes -
          Assignee Original: Graham McGregor [ gmtm ] New: Vincent Latombe [ vlatombe ]
          Vincent Latombe made changes -
          Status Original: Open [ 1 ] New: In Progress [ 3 ]
          Vincent Latombe made changes -
          Status Original: In Progress [ 3 ] New: In Review [ 10005 ]
          Vincent Latombe made changes -
          Resolution New: Fixed [ 1 ]
          Status Original: In Review [ 10005 ] New: Fixed but Unreleased [ 10203 ]
          Vincent Latombe made changes -
          Released As New: 1.28.6
          Status Original: Fixed but Unreleased [ 10203 ] New: Resolved [ 5 ]
          Jesse Glick made changes -
          Link New: This issue causes JENKINS-64675 [ JENKINS-64675 ]
          Vincent Latombe made changes -
          Resolution Original: Fixed [ 1 ]
          Status Original: Resolved [ 5 ] New: Reopened [ 4 ]

            vlatombe Vincent Latombe
            winggundamth Jirayut Nimsaeng
            Votes:
            1 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated:
              Resolved: