[JIRA] [credentials-binding-plugin] (JENKINS-26051) Workflow integration

[jgl...@cloudbees.com (JIRA)]

Jesse Glick commented on JENKINS-26051 Workflow integration There are several possible designs here: Use SimpleBuildWrapper, in some future LTS. No workflow dep from credentials-binding, which is nice, but will be months before it is available. Syntax would be a bit clunky due to use of step. Values are exposed only as environment variables, which is fine if they are being interpreted from external processes, but requires env.VARIABLE syntax if needed from Groovy code. step([$class: 'SecretBuildWrapper', bindings: [[$class: 'StringBinding', variable: 'SECRET', credentialsId: 'mysecret']]]) { sh 'echo $SECRET' writeFile file: 'secret.txt', text: env.SECRET } Have a Step which takes a List<MultiBinding> and sets EnvVars overrides. Again potentially awkward if you need the secrets from Groovy code as opposed to being picked up directly by an external process. withCredentials([[$class: 'StringBinding', variable: 'SECRET', credentialsId: 'mysecret']]) { sh 'echo $SECRET' writeFile file: 'secret.txt', text: env.SECRET } Have a Step which takes a List<MultiBinding> and returns the resulting Map<String,String> bindings, for use as you like. Unclear how this would work, since the step return value is not available from its body, and the SPI does not support passing local variables to a body. withCredentials(localVar: 'secrets', bindings: [[$class: 'StringBinding', variable: 'secret', credentialsId: 'mysecret']]) { sh "echo ${secrets.secret}" writeFile file: 'secret.txt', text: secrets.secret } Have a Step which takes some other binding-like interface which has not yet been created, but which does not require the variable names to be specified. Again would require steps to be able to bind local variables. Unclear how to support multi-variable bindings like username/password. withCredentials(localVar: 'secret', binding: [$class: 'NoVarStringBinding', credentialsId: 'mysecret']) { sh "echo ${secret}" writeFile file: 'secret.txt', text: secret } Currently going with #2 as this seems most practical.

This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators. For more information on JIRA, see: http://www.atlassian.com/software/jira

--
You received this message because you are subscribed to the Google Groups "Jenkins Issues" group.
To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.