[JIRA] (JENKINS-58873) Parameterized Remote Triggers treat credentials value as templated

dshvedchenko@gmail.com (JIRA)

unread,

Aug 9, 2019, 5:34:02 AM8/9/19

to jenkinsc...@googlegroups.com

Denis Shvedchenko created an issue

Jenkins /

JENKINS-58873

Parameterized Remote Triggers treat credentials value as templated

Issue Type:	Bug
Assignee:	KaiHsiang Chang
Components:	parameterized-remote-trigger-plugin
Created:	2019-08-09 09:33
Environment:	jenkins 1.164.1 , Parametgerized Remote Triggers : 3.0.7
Priority:	Minor
Reporter:	Denis Shvedchenko

Remote server specified on global server. Auth done by credential, password contain something xxx$aaa=xxx.

it complains that there is no such template aaa

Add Comment

This message was sent by Atlassian Jira (v7.11.2#711002-sha1:fdc329d)

dshvedchenko@gmail.com (JIRA)

unread,

Aug 9, 2019, 5:34:03 AM8/9/19

to jenkinsc...@googlegroups.com

Denis Shvedchenko commented on

JENKINS-58873

Re: Parameterized Remote Triggers treat credentials value as templated

at this moment we switched to token auth, but log with this error was lost due to cleanup

Add Comment

dshvedchenko@gmail.com (JIRA)

unread,

Aug 9, 2019, 5:44:08 AM8/9/19

to jenkinsc...@googlegroups.com

Denis Shvedchenko closed an issue as Duplicate

Jenkins /

JENKINS-58873

Parameterized Remote Triggers treat credentials value as templated

Change By:	Denis Shvedchenko
Status:	Open Closed
Resolution:	Duplicate

Add Comment

dshvedchenko@gmail.com (JIRA)

unread,

Aug 9, 2019, 5:46:03 AM8/9/19

to jenkinsc...@googlegroups.com

Denis Shvedchenko commented on

JENKINS-58873

Re: Parameterized Remote Triggers treat credentials value as templated

https://github.com/jenkinsci/parameterized-remote-trigger-plugin/blob/7b875a62c6d4892324a9d45e53ebbbe89a181a27/src/main/java/org/jenkinsci/plugins/ParameterizedRemoteTrigger/utils/Base64Utils.java#L50

Add Comment

patrick.f.housley@gmail.com (JIRA)

unread,

Jan 24, 2020, 6:10:03 PM1/24/20

to jenkinsc...@googlegroups.com

Patrick Housley reopened an issue

I am re-opening this ticket because this remains a problem. When using a username and password and if that password contains a dollar symbol, it is being treated as a template string. More importantly and concerning, this is also causing the username and password to be spilled into the build log in clear text.

We are using version 3.0.8 so I am not sure if this is still an issue in the latest but it needs to be checked. We have gotten around this for now by switching to token auth.

Jenkins /

JENKINS-58873

Parameterized Remote Triggers treat credentials value as templated

Change By:	Patrick Housley
Resolution:	Duplicate
Status:	Closed Reopened

Add Comment

This message was sent by Atlassian Jira (v7.13.6#713006-sha1:cc4451f)

patrick.f.housley@gmail.com (JIRA)

unread,

Jan 24, 2020, 6:11:03 PM1/24/20

to jenkinsc...@googlegroups.com

Patrick Housley commented on

JENKINS-58873

Re: Parameterized Remote Triggers treat credentials value as templated

Error in log:

 
                                                                2020-01-24 16:22:54.870  org.jenkinsci.plugins.tokenmacro.MacroEvaluationException: Unrecognized macro 'Q' in '<redacted username>:<redacted password>'
2020-01-24 16:22:54.870  	at org.jenkinsci.plugins.tokenmacro.Parser.processToken(Parser.java:343)
2020-01-24 16:22:54.870  	at org.jenkinsci.plugins.tokenmacro.Action$KiHW1UeqOdqAwZul.run(Unknown Source)
2020-01-24 16:22:54.870  	at org.parboiled.matchers.ActionMatcher.match(ActionMatcher.java:96)
2020-01-24 16:22:54.870  	at org.parboiled.parserunners.BasicParseRunner.match(BasicParseRunner.java:77)
2020-01-24 16:22:54.870  	at org.parboiled.MatcherContext.runMatcher(MatcherContext.java:351)
2020-01-24 16:22:54.870  	at org.parboiled.matchers.SequenceMatcher.match(SequenceMatcher.java:46)
2020-01-24 16:22:54.870  	at org.parboiled.parserunners.BasicParseRunner.match(BasicParseRunner.java:77)
2020-01-24 16:22:54.870  	at org.parboiled.MatcherContext.runMatcher(MatcherContext.java:351)
2020-01-24 16:22:54.870  	at org.parboiled.matchers.FirstOfMatcher.match(FirstOfMatcher.java:41)
2020-01-24 16:22:54.870  	at org.parboiled.parserunners.BasicParseRunner.match(BasicParseRunner.java:77)
2020-01-24 16:22:54.870  	at org.parboiled.MatcherContext.runMatcher(MatcherContext.java:351)
2020-01-24 16:22:54.870  	at org.parboiled.matchers.FirstOfMatcher.match(FirstOfMatcher.java:41)
2020-01-24 16:22:54.870  	at org.parboiled.parserunners.BasicParseRunner.match(BasicParseRunner.java:77)
2020-01-24 16:22:54.870  	at org.parboiled.MatcherContext.runMatcher(MatcherContext.java:351)
2020-01-24 16:22:54.870  	at org.parboiled.matchers.ZeroOrMoreMatcher.match(ZeroOrMoreMatcher.java:39)
2020-01-24 16:22:54.870  	at org.parboiled.parserunners.BasicParseRunner.match(BasicParseRunner.java:77)
2020-01-24 16:22:54.870  	at org.parboiled.MatcherContext.runMatcher(MatcherContext.java:351)
2020-01-24 16:22:54.870  	at org.parboiled.matchers.SequenceMatcher.match(SequenceMatcher.java:46)
2020-01-24 16:22:54.870  	at org.parboiled.parserunners.BasicParseRunner.match(BasicParseRunner.java:77)
2020-01-24 16:22:54.870  	at org.parboiled.MatcherContext.runMatcher(MatcherContext.java:351)
2020-01-24 16:22:54.870  	at org.parboiled.parserunners.BasicParseRunner.run(BasicParseRunner.java:72)
2020-01-24 16:22:54.870  	at org.parboiled.parserunners.ReportingParseRunner.runBasicMatch(ReportingParseRunner.java:86)
2020-01-24 16:22:54.870  	at org.parboiled.parserunners.ReportingParseRunner.run(ReportingParseRunner.java:66)
2020-01-24 16:22:54.870  	at org.parboiled.parserunners.AbstractParseRunner.run(AbstractParseRunner.java:81)
2020-01-24 16:22:54.870  	at org.parboiled.parserunners.AbstractParseRunner.run(AbstractParseRunner.java:76)
2020-01-24 16:22:54.870  	at org.jenkinsci.plugins.tokenmacro.Parser.process(Parser.java:85)
2020-01-24 16:22:54.870  	at org.jenkinsci.plugins.tokenmacro.Parser.process(Parser.java:74)
2020-01-24 16:22:54.870  	at org.jenkinsci.plugins.tokenmacro.TokenMacro.expand(TokenMacro.java:199)
2020-01-24 16:22:54.870  	at org.jenkinsci.plugins.tokenmacro.TokenMacro.expandAll(TokenMacro.java:237)
2020-01-24 16:22:54.870  	at org.jenkinsci.plugins.tokenmacro.TokenMacro.expandAll(TokenMacro.java:207)
2020-01-24 16:22:54.870  	at org.jenkinsci.plugins.ParameterizedRemoteTrigger.utils.TokenMacroUtils.applyTokenMacroReplacements(TokenMacroUtils.java:18)
2020-01-24 16:22:54.870  Caused: java.io.IOException
2020-01-24 16:22:54.870  	at org.jenkinsci.plugins.ParameterizedRemoteTrigger.utils.TokenMacroUtils.applyTokenMacroReplacements(TokenMacroUtils.java:22)
2020-01-24 16:22:54.870  	at org.jenkinsci.plugins.ParameterizedRemoteTrigger.utils.Base64Utils.generateAuthorizationHeaderValue(Base64Utils.java:50)
2020-01-24 16:22:54.870  	at org.jenkinsci.plugins.ParameterizedRemoteTrigger.auth2.CredentialsAuth.setAuthorizationHeader(CredentialsAuth.java:125)
2020-01-24 16:22:54.870  	at org.jenkinsci.plugins.ParameterizedRemoteTrigger.utils.HttpHelper.getAuthorizedConnection(HttpHelper.java:303)
2020-01-24 16:22:54.870  	at org.jenkinsci.plugins.ParameterizedRemoteTrigger.utils.HttpHelper.sendHTTPCall(HttpHelper.java:432)
2020-01-24 16:22:54.870  	at org.jenkinsci.plugins.ParameterizedRemoteTrigger.utils.HttpHelper.tryCall(HttpHelper.java:571)
2020-01-24 16:22:54.870  	at org.jenkinsci.plugins.ParameterizedRemoteTrigger.utils.HttpHelper.tryGet(HttpHelper.java:591)
2020-01-24 16:22:54.870  	at org.jenkinsci.plugins.ParameterizedRemoteTrigger.RemoteBuildConfiguration.doGet(RemoteBuildConfiguration.java:877)
2020-01-24 16:22:54.870  	at org.jenkinsci.plugins.ParameterizedRemoteTrigger.RemoteBuildConfiguration.getRemoteJobMetadata(RemoteBuildConfiguration.java:1049)
2020-01-24 16:22:54.870  	at org.jenkinsci.plugins.ParameterizedRemoteTrigger.RemoteBuildConfiguration.performTriggerAndGetQueueId(RemoteBuildConfiguration.java:624)
2020-01-24 16:22:54.870  	at org.jenkinsci.plugins.ParameterizedRemoteTrigger.pipeline.RemoteBuildPipelineStep$Execution.run(RemoteBuildPipelineStep.java:263)
2020-01-24 16:22:54.870  	at org.jenkinsci.plugins.ParameterizedRemoteTrigger.pipeline.RemoteBuildPipelineStep$Execution.run(RemoteBuildPipelineStep.java:239)
2020-01-24 16:22:54.870  	at org.jenkinsci.plugins.workflow.steps.SynchronousNonBlockingStepExecution.lambda$start$0(SynchronousNonBlockingStepExecution.java:47)
2020-01-24 16:22:54.870  	at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
2020-01-24 16:22:54.870  	at java.util.concurrent.FutureTask.run(FutureTask.java:266)
2020-01-24 16:22:54.870  	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
2020-01-24 16:22:54.870  	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
2020-01-24 16:22:54.870  	at java.lang.Thread.run(Thread.java:748)
2020-01-24 16:22:54.870  Finished: FAILURE  
                                                            

Add Comment

patrick.f.housley@gmail.com (JIRA)

unread,

Jan 24, 2020, 6:12:02 PM1/24/20

to jenkinsc...@googlegroups.com

Patrick Housley updated an issue

Jenkins /

JENKINS-58873

Parameterized Remote Triggers treat credentials value as templated

Change By:	Patrick Housley
Priority:	Minor Critical

Add Comment

Reply all

Reply to author

Forward