Actually I think it does work... for the most part...
Working example:I created a "secret text" credential containing some
password value and I then put the credential's ID as the value for a Global
Variable called "myPassword".
In the Global Variables section there is a checkbox, "environment
variables".
These key-value pairs apply for every build on every node. They can be used
in Jenkins' configuration (as $key or ${key}) and will be added to the
environment for processes launched from the build.
Then, in the Jenkinsfile I do as in my previous post.
environment {
myPassword = credentials('${myPassword}')
...
}
This extracts the value of the credential (the name references the ID) into
myPassword.
Lastly, in the JavaScript I reference it as process.env.myPassword
When npm test is run as part of the Jenkinsfile, it works this way for all
credentials that I "inject", except for a credential that is a JSON like
this:
{"property":"value", "property": "value", "property": "value", "property":
"value"}
This breaks for some reason.
When running locally (outside of jenkins) with npm test, the values are
stored in a local .js file and it works flawlessly.
On Thursday, August 3, 2017 at 8:44:41 PM UTC+3, Joshua Noble wrote:
>
> The secret text being printed as *** is a feature, so credentials aren't
> leaked in console logs. You cannot use Jenkins credentials during
> application runtime. (ie: If you deploy a backend Node app to an app
> server) You can however use Jenkins credentials to run npm scripts, such as
> npm test, (which require the Node runtime) within a Jenkins build.
>
> The credentials function needs an input of the credential ID. When a
> credential is created, you can set the ID value to a custom one, such as a
> human-friendly name. Otherwise, you will end up with a unique UUID.
>
> Everyone has their own personal taste, but I would refactor the
> Jenkinsfile above to the following:
>
> stage ("E2E tests") {
> when {
> branch 'e2e-dev'
> }
> environment {
> MY_SECRET = credentials('jenkins-secret-id')
> }
> steps {
> sh 'rm -f config/e2e-config.json'
> sh 'mv config/e2e-dev-config.json config/e2e-config.json'
> sh 'npm install'
> sh 'npm test'
> }
> }
>
> With the above Jenkinsfile, you should be able to reference your secret
> with ${MY_SECRET} anywhere in the code or shell steps, but only when
> running npm scripts. This will not work for running applications on a
> server. It should be noted that if you need to specify the secret within a
> shell step line, that line must use double quotes to resolve the variable
> properly.
>
> Another way of doing this would be:
>
> withCredentials([string(credentialsId: 'credential-id-here', variable:
> 'CUSTOM_VARIABLE_NAME_HERE')]) {
> sh "MY_SECRET=CUSTOM_VARIABLE_NAME_HERE npm test"
> }
>
> I hope that helps.
>
>
> On Thursday, August 3, 2017 at 6:26:28 AM UTC-4, Idan Adar wrote:
>>
>> I have done the following:
>>
>> 1. Create a "secret text" type credential
>> 2. Put in the credential a password
>> 3. Create a Global Variable, mySecret, with its value being the
>> credential ID
>> 4. In the declarative pipeline:
>>
>> stage ("E2E tests") {
>> environment {
>> mySecret = credentials('${mySecret}')
>> }
>>
>> steps {
>> script {
>> STAGE_NAME = "E2E tests"
>> echo "++++++++++++ $mySecret"
>>
>>
>> if (JOB_NAME == "e2e-dev") {
>> // Setup packages and run tests
>> sh '''
>> rm -f config/e2e-config.json
>> mv config/e2e-dev-config.json config/e2e-config.json
>> npm install
>> npm test
>> '''
>> }
>> }
>> }
>> }
>>
>> In Jenkins, the secret text is printed: "*****"
>> In the NodeJS app, I'm getting an error...
>>
>> Global Variables in Jenkins can also be used as environment variables and
>> I know I can use those as clear text in the NodeJS app.
>> My question is how to use Jenkins credentials from Jenkins in the NodeJS
>> app...
>>
>> Any thoughts?
>>
>
--
You received this message because you are subscribed to the Google Groups
"Jenkins Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to jenkinsci-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/jenkinsci-users/d1e51b34-8fc4-4785-9b86-eee09072eb52%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
