I would look into Windows batch quoting rules. I think the double quotes become part of the actual value or some other weirdness. Ideally you could write a small tool that just echoes the command line args it receives, and then use that in place of sqlplus to see what actually gets passed to the application.
Alternatively, you may be able to switch from wrapper scripts to launch your programs using hudson.Launcher but I'm not sure how well the masking would work as a part of an argument without masking the entire argument. On Thu, Nov 5, 2020 at 6:52 PM Fernando Boaglio <[email protected]> wrote: > Hi, > > How are you today ? > > I am the sqlplus-script-runner plugin maintainer , this plugin is > basically a wrapper to use Oracle SQL Plus > <https://en.wikipedia.org/wiki/SQL_Plus> by command line. > > This plugin is around since 2015, and due to a recent security issue > <https://issues.jenkins-ci.org/browse/SECURITY-2129>, I did a > workaround/fix to hide user's password. > > - Before release 2.0.12: > > <sqlplus> user/"password"@databaseInstance @customSQLscript > > - Current release 2.0.13: > > HIDDING_PASSWORD=password (by envVars.put) > > Linux: *<sqlplus> user/"$HIDDING_PASSWORD"@databaseInstance > @customSQLscript* > Windows: <sqlplus> user/"%HIDDING_PASSWORD%"@databaseInstance > @customSQLscript > > *Linux*: work flawlessly > *Windows*: doesn't work, I get invalid user/password , some users can't > use it > <https://github.com/jenkinsci/sqlplus-script-runner-plugin/issues/55> > > Example: > C:\instantclient\bin\sqlplus.exe -L fb/"%HIDDEN_PASSWORD%"@XE > @c:\jenkins\workspace\test-sql-slave\temp-script-16045792671955150761487514970585.sql > > ERROR: *ORA-01017: invalid username/password; logon denied* > > I tried to create another file (sqlplus.cmd) to check if HIDDEN_PASSWORD > variable is correct and I got no errors. > > *File sqlplus.cmd:* > > > > > > *echo " CMD " echo HIDDEN_PASSWORD=fb echo ORACLE_HOME=C:\instantclient > cd C:\instantclient\ C:\instantclient\sqlplus.exe fb/"%HIDDEN_PASSWORD%"@XE > @C:\instantclient\teste.sql * > > *Output:* > > > > > > > > > > > > > > > > > > * c:\jenkins\workspace\test-sql-slave>echo " CMD " " CMD " > c:\jenkins\workspace\test-sql-slave>echo HIDDEN_PASSWORD=fb > HIDDEN_PASSWORD=fbc:\jenkins\workspace\test-sql-slave>echo > ORACLE_HOME=C:\instantclient > ORACLE_HOME=C:\instantclientc:\jenkins\workspace\test-sql-slave>cd > C:\instantclient\ C:\instantclient>C:\instantclient\sqlplus.exe fb/"fb"@XE > @C:\instantclient\teste.sql SQL*Plus: Release 19.0.0.0.0 - Production on > Thu Nov 5 04:25:23 2020Version 19.6.0.0.0Copyright (c) 1982, 2019, Oracle. > All rights reserved.Connected to:Oracle Database 11g Express Edition > Release 11.2.0.2.0 - 64bit ProductionUSER is "FB"Disconnected from Oracle > Database 11g Express Edition Release 11.2.0.2.0 - 64bit ProductionProcesso > terminou com status > 0--------------------------------------------------------------------------Finished: > SUCCESS* > > I am out of ideas, is there any issue related to EnvVars ? > > This plugin is based on Jenkins 2.176.3 . > > Thanks for you help =) > > -- > You received this message because you are subscribed to the Google Groups > "Jenkins Developers" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/d/msgid/jenkinsci-dev/f25d0a51-ba77-434e-bdf1-367e7ed97c0en%40googlegroups.com > <https://groups.google.com/d/msgid/jenkinsci-dev/f25d0a51-ba77-434e-bdf1-367e7ed97c0en%40googlegroups.com?utm_medium=email&utm_source=footer> > . > -- Daniel Beck Senior Software Engineer CloudBees, Inc. -- You received this message because you are subscribed to the Google Groups "Jenkins Developers" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-dev/CAMo7PtLN_82wG_Wxg2BiixjKiLCN52vK1bpgPLzHp6wL0NPF-w%40mail.gmail.com.
