-
Bug
-
Resolution: Not A Defect
-
Critical
Hi,
I am using username and password on Bitbucket url to clone my repository in Jenkins groovy file and code is below.
It is cloning successfully but it shows password in .git/config folder(inside workspace) and git revision history (in Jenkins run console).
I tried below commands to get rid off password display but it didn't work out.
sh 'git config user.email <email_address>'
sh 'git config user.name ${USER}'
sh 'git remote remove origin'
sh "git remote set-url ${gitUrl}"
and the final results looks like below:
code:
checkout([$class: 'GitSCM',
branches: [[name: 'develop']],
doGenerateSubmoduleConfigurations: false,
extensions: [[$class: 'LocalBranch', localBranch: "**"]],
gitTool: 'GIT_Latest_Version',
submoduleCfg: [],
userRemoteConfigs: [[url:
'https://\{username}:{password}@github.com/repo/repository.git']]])
Use a Jenkins username / password credential to store that information instead of embedding the username and password in the repository URL.. The credential allows the plugin to handle communicating the username and password to command line git or JGit and does a much better job of hiding the value of the credential from view. See the git plugin credentials documentation for general guidance on credential use. See the git Pipeline step for specific examples that use a credential to perform a checkout. See this example or this example for more common usages.
Password hiding techniques are filled with many cases where they cannot hide the password from users. The Jenkins credentials system makes it much easier to use credentials without disclosing them in build logs. See the credentials plugin user documentation for more details about credentials.