Actually I think it does work... for the most part...

Working example:I created a "secret text" credential containing some 
password value and I then put the credential's ID as the value for a Global 
Variable called "myPassword".
In the Global Variables section there is a checkbox, "environment 

These key-value pairs apply for every build on every node. They can be used 
in Jenkins' configuration (as $key or ${key}) and will be added to the 
environment for processes launched from the build.

Then, in the Jenkinsfile I do as in my previous post.

environment {
    myPassword = credentials('${myPassword}')  

This extracts the value of the credential (the name references the ID) into 

Lastly, in the JavaScript I reference it as process.env.myPassword
When npm test is run as part of the Jenkinsfile, it works this way for all 
credentials that I "inject", except for a credential that is a JSON like 

{"property":"value", "property": "value", "property": "value", "property": 

This breaks for some reason.

When running locally (outside of jenkins) with npm test, the values are 
stored in a local .js file and it works flawlessly.

On Thursday, August 3, 2017 at 8:44:41 PM UTC+3, Joshua Noble wrote:
> The secret text being printed as *** is a feature, so credentials aren't 
> leaked in console logs. You cannot use Jenkins credentials during 
> application runtime. (ie: If you deploy a backend Node app to an app 
> server) You can however use Jenkins credentials to run npm scripts, such as 
> npm test, (which require the Node runtime) within a Jenkins build.
> The credentials function needs an input of the credential ID. When a 
> credential is created, you can set the ID value to a custom one, such as a 
> human-friendly name. Otherwise, you will end up with a unique UUID.
> Everyone has their own personal taste, but I would refactor the 
> Jenkinsfile above to the following:
> stage ("E2E tests") {  
>   when {
>     branch 'e2e-dev'
>   }
>   environment {
>     MY_SECRET = credentials('jenkins-secret-id')
>   }   
>   steps {
>     sh 'rm -f config/e2e-config.json'
>     sh 'mv config/e2e-dev-config.json config/e2e-config.json'
>     sh 'npm install'
>     sh 'npm test'
>   }
> }
> With the above Jenkinsfile, you should be able to reference your secret 
> with ${MY_SECRET} anywhere in the code or shell steps, but only when 
> running npm scripts. This will not work for running applications on a 
> server. It should be noted that if you need to specify the secret within a 
> shell step line, that line must use double quotes to resolve the variable 
> properly.
> Another way of doing this would be:
> withCredentials([string(credentialsId: 'credential-id-here', variable: 
> }
> I hope that helps.
> On Thursday, August 3, 2017 at 6:26:28 AM UTC-4, Idan Adar wrote:
>> I have done the following:
>> 1. Create a "secret text" type credential
>> 2. Put in the credential a password
>> 3. Create a Global Variable, mySecret, with its value being the 
>> credential ID
>> 4. In the declarative pipeline: 
>> stage ("E2E tests") {  
>>          environment {
>>             mySecret = credentials('${mySecret}')
>>          }
>>          steps {
>>             script {
>>                STAGE_NAME = "E2E tests"
>>                echo "++++++++++++ $mySecret"
>>                if (JOB_NAME == "e2e-dev") {
>>                   // Setup packages and run tests
>>                   sh '''
>>                      rm -f config/e2e-config.json
>>                      mv config/e2e-dev-config.json config/e2e-config.json
>>                      npm install
>>                      npm test
>>                   '''
>>                }
>>            }
>>         }
>> }
>> In Jenkins, the secret text is printed: "*****"
>> In the NodeJS app, I'm getting an error...
>> Global Variables in Jenkins can also be used as environment variables and 
>> I know I can use those as clear text in the NodeJS app.
>> My question is how to use Jenkins credentials from Jenkins in the NodeJS 
>> app...
>> Any thoughts?

You received this message because you are subscribed to the Google Groups 
"Jenkins Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
To view this discussion on the web visit
For more options, visit

Reply via email to