You are 100% correct, i was confused about what was actually happening here ( so may layers of parsing!).
So thanks to this SO answer <https://stackoverflow.com/questions/48778678/in-credentials-binding-sh-escaping-madness-for-declarative-pipelines> I can see there are two ways to handle this: environment{ CRED = credentials('mycreds') } steps { sh "some command blahb blah blah" + //This works, because i guess bash is smart enough to escape $ in environment variables? '--username ${CRED_USR} --password ${CRED_PSW}' // ====== OR ====== sh "some command blahb blah blah" + //Passing in the var directly, like you said, requires I tell bash this is a literal string "--username '${CRED_USR}' --password '${CRED_PSW}'" Also, just an aside, I saw nowhere in the docs that usernamePassword binding was supported in environment{} or how it worked. That should be in the docs somewhere if it isn't. On Tuesday, February 13, 2018 at 11:50:53 PM UTC-5, Mark Waite wrote: > > Are you sure that's really a bug? > > If the value of mypass is 'ASD123$567' and that is passed as an > environment variable to the shell, won't the shell see the '$567' and > attempt to expand an environment variable named '567'? The expansion of > $567 is probably the empty string. > > If '$' and other special characters are embedded in the password, aren't > surrounding quotes needed around the expanded result to assure it is not > interpreted by the shell? > > Mark Waite > > > > On Tue, Feb 13, 2018 at 7:36 PM Slide <[email protected] <javascript:>> > wrote: > >> Can you file an issue in JIRA? >> >> On Tue, Feb 13, 2018 at 7:10 PM red 888 <[email protected] >> <javascript:>> wrote: >> >>> This is my password: "ASD123$567" >>> >>> This doesn't work >>> >>> withCredentials([usernamePassword(credentialsId: 'creds', >>> usernameVariable: 'myuser', passwordVariable: 'mypass')]) { >>> sh "some command --username ${svnuser} --password ${mypass}" >>> } >>> >>> >>> What i see in the output is mypass is not obfuscated and most >>> importantly it looks like its getting cut off after the "$" so its only >>> showing ASD123 >>> >>> -- >>> You received this message because you are subscribed to the Google >>> Groups "Jenkins Users" group. >>> To unsubscribe from this group and stop receiving emails from it, send >>> an email to [email protected] <javascript:>. >>> To view this discussion on the web visit >>> https://groups.google.com/d/msgid/jenkinsci-users/16bfd2b1-ad71-4326-ac3c-7693b9c71331%40googlegroups.com >>> >>> <https://groups.google.com/d/msgid/jenkinsci-users/16bfd2b1-ad71-4326-ac3c-7693b9c71331%40googlegroups.com?utm_medium=email&utm_source=footer> >>> . >>> For more options, visit https://groups.google.com/d/optout. >>> >> -- >> You received this message because you are subscribed to the Google Groups >> "Jenkins Users" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected] <javascript:>. >> To view this discussion on the web visit >> https://groups.google.com/d/msgid/jenkinsci-users/CAPiUgVf9g8GN2BPSGdt9jSR1t%2Bj7%2BzoC%2B711cPQzOO1duu6WYQ%40mail.gmail.com >> >> <https://groups.google.com/d/msgid/jenkinsci-users/CAPiUgVf9g8GN2BPSGdt9jSR1t%2Bj7%2BzoC%2B711cPQzOO1duu6WYQ%40mail.gmail.com?utm_medium=email&utm_source=footer> >> . >> For more options, visit https://groups.google.com/d/optout. >> > -- You received this message because you are subscribed to the Google Groups "Jenkins Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-users/e6bf4041-65d5-4e22-94c5-b24494a6e93a%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
