That would be really nice of you!
Is there a more "standardized" way of providing config files with Jenkins?
I saw I could store the whole file as a secret with the Credentials plugin,
but I can't edit it then. Only reupload without an easy way knowing what's
in there.
And my use case needs to be able to view and edit a config file with
secrets but keeping the secrets secret.
Am Freitag, 23. Februar 2018 14:36:18 UTC+1 schrieb slide:
>
> It looks like the environment variables are not added to the job, which is
> where token macro can get at them, but are added to the local context
> instead. I'll have to look into this more to determine how this can be
> done.
>
> On Fri, Feb 23, 2018 at 6:12 AM Roger Lehmann <honton...@gmail.com
> <javascript:>> wrote:
>
>> Hi,
>>
>> I'm having trouble with replacing tokens inside my config file.
>> The config file token replacement only respects environment variable
>> values defined on the job, but not inside the withEnv or withCredential
>> statement blocks.
>> And as far as I know (and used to), Jenkins or rather the statements
>> provide the credentials as env vars.
>>
>> Could anyone please help me on how to do it properly?
>> Maybe I'm just using the wrong macro in my config file?
>>
>> Thank you!
>>
>>
>> *Example code:*
>>
>> node('master'){
>>> stage('test w/o magic') {
>>> configFileProvider([configFile(fileId:
>>> 'c76d4a37-1233-4f8c-a2bb-e2f9cf4e05b4', replaceTokens: true,
>>> targetLocation: 'test.txt', variable: 'testfile')]) {
>>> sh 'cat $testfile'
>>> echo "var1: $env.var1"
>>> echo "var2: $var2"
>>> }
>>> }
>>> stage('testwith centials provider') {
>>> withCredentials([string(credentialsId: 'aws_vault_password',
>>> variable: 'var1'),
>>> sshUserPrivateKey(credentialsId: 'jenkins-robot-ssh-key',
>>> keyFileVariable: 'var2',
>>> passphraseVariable: 'var3',
>>> usernameVariable: 'var4'),
>>> usernameColonPassword(credentialsId: 'jenkins_robot_for_gitlab',
>>> variable: 'var5')]) {
>>> configFileProvider([configFile(fileId:
>>> 'c76d4a37-1233-4f8c-a2bb-e2f9cf4e05b4', replaceTokens: true,
>>> targetLocation: 'test.txt', variable: 'testfile')]) {
>>> sh 'cat $testfile'
>>> echo "var1: $var1"
>>> echo "var2: $var2"
>>> echo "var5: $var5"
>>> }
>>> }
>>> }
>>>
>>> stage('test with env provider') {
>>> withEnv(['var1=bla', 'var2=blubb', 'undefined=isdefined']) {
>>> configFileProvider([configFile(fileId:
>>> 'c76d4a37-1233-4f8c-a2bb-e2f9cf4e05b4', replaceTokens: true,
>>> targetLocation: 'test.txt', variable: 'testfile')]) {
>>> sh 'cat $testfile'
>>> echo "var1: $env.var1"
>>> echo "var2: $var2"
>>> }
>>> }
>>> }
>>> }
>>
>>
>> *ENV vars declared at job level:*
>>
>> var1=test
>>> var2=foobar
>>
>>
>> *Config File:*
>>
>> Test for Token replacement on ${ENV, var="JOB_NAME"}
>>> key1: ${ENV, var="var1"}
>>> key2: ${ENV, var="var2"}
>>> key5: ${ENV, var="var5"}
>>> undefined: ${ENV, var="undefined"}
>>
>>
>> *Output:*
>>
>> [Pipeline] node
>>> Running on Jenkins
>>> <https://jenkins-dev.offerista.com/computer/(master)/> in
>>> /var/lib/jenkins/workspace/IT/credentials-replacement
>>> [Pipeline] {
>>> [Pipeline] stage
>>> [Pipeline] { (test w/o magic)
>>> [Pipeline] wrap
>>> provisioning config files...
>>> copy managed file [Secret-File] to
>>> file:/var/lib/jenkins/workspace/IT/credentials-replacement/test.txt
>>> [Pipeline] {
>>> [Pipeline] sh
>>> [credentials-replacement] Running shell script
>>> + cat /var/lib/jenkins/workspace/IT/credentials-replacement/test.txt
>>> Test for Token replacement on IT/credentials-replacement key1: test
>>> key2: foobar
>>> key5:
>>> undefined:
>>> [Pipeline] echo
>>> var1: test
>>> [Pipeline] echo
>>> var2: foobar
>>> [Pipeline] }
>>> [Pipeline] // wrap
>>> [Pipeline] }
>>> [Pipeline] // stage
>>> [Pipeline] stage
>>> [Pipeline] { (testwith centials provider)
>>> [Pipeline] withCredentials
>>> [Pipeline] {
>>> [Pipeline] configFileProvider
>>> provisioning config files...
>>> copy managed file [Secret-File] to
>>> file:/var/lib/jenkins/workspace/IT/credentials-replacement/test.txt
>>> [Pipeline] {
>>> [Pipeline] sh
>>> [credentials-replacement] Running shell script
>>> + cat /var/lib/jenkins/workspace/IT/credentials-replacement/test.txt
>>> Test for Token replacement on IT/credentials-replacement key1: test
>>> key2: foobar
>>> key5:
>>> undefined:
>>> [Pipeline] echo
>>> var1: ****
>>> [Pipeline] echo
>>> var2: ****
>>> [Pipeline] echo
>>> var5: ****
>>> [Pipeline] }
>>> [Pipeline] // configFileProvider
>>> [Pipeline] }
>>> [Pipeline] // withCredentials
>>> [Pipeline] }
>>> [Pipeline] // stage
>>> [Pipeline] stage
>>> [Pipeline] { (test with env provider)
>>> [Pipeline] withEnv
>>> [Pipeline] {
>>> [Pipeline] configFileProvider
>>> provisioning config files...
>>> copy managed file [Secret-File] to
>>> file:/var/lib/jenkins/workspace/IT/credentials-replacement/test.txt
>>> [Pipeline] {
>>> [Pipeline] sh
>>> [credentials-replacement] Running shell script
>>> + cat /var/lib/jenkins/workspace/IT/credentials-replacement/test.txt
>>> Test for Token replacement on IT/credentials-replacement key1: test
>>> key2: foobar
>>> key5:
>>> undefined:
>>> [Pipeline] echo
>>> var1: bla
>>> [Pipeline] echo
>>> var2: blubb
>>> [Pipeline] }
>>> [Pipeline] // configFileProvider
>>> [Pipeline] }
>>> [Pipeline] // withEnv
>>> [Pipeline] }
>>> [Pipeline] // stage
>>> [Pipeline] }
>>> [Pipeline] // node
>>> [Pipeline] End of Pipeline
>>> Finished: SUCCESS
>>
>>
>> *Expected:*
>>
>> different outputs for "key1:", "key2:" and "key5:" than the values
>> provided on the job level.
>>
>>
>> Best,
>> Roger
>>
>> --
>> You received this message because you are subscribed to the Google Groups
>> "Jenkins Users" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to jenkinsci-use...@googlegroups.com <javascript:>.
>> To view this discussion on the web visit
>> https://groups.google.com/d/msgid/jenkinsci-users/bcd50ff1-1e1e-427d-94c5-8861897cdd64%40googlegroups.com
>>
>> <https://groups.google.com/d/msgid/jenkinsci-users/bcd50ff1-1e1e-427d-94c5-8861897cdd64%40googlegroups.com?utm_medium=email&utm_source=footer>
>> .
>> For more options, visit https://groups.google.com/d/optout.
>>
>
--
You received this message because you are subscribed to the Google Groups
"Jenkins Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to jenkinsci-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/jenkinsci-users/234f566e-43fc-47eb-a25c-f91100a5ede8%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
