Username and Password to checkout git in Jenkinsfile (groovy)

[Vikas Kumar]

We are trying to use AWS DynamoDB (with KMS encrypted values) to store our secrets rather than using Jenkins Credentials. This is advised by our security team.

I am able to fetch secrets (git username and password) as variables on Jenkins slaves, but not sure how to use those to checkout git repository using those.

This is our existing code

stage('SCM Checkout') {
    checkout([$class: 'GitSCM', branches: [[name: "*/${GIT_BRANCH}"]],
        doGenerateSubmoduleConfigurations: false, extensions: [], submoduleCfg: [],
        userRemoteConfigs: [[credentialsId: 'GIT_PASSWORD', url: "${GIT_URL}"]]])
}

I want to use variable GIT_USER and GIT_PASSWORD (fetched from AWS) instead of using credentialsId

[Mark Waite]

If your GIT_URL is https, then you could embed the username and password into the URL.  For example, the URL:

    https://github.com/user/repo

can be 

    https://username:pass...@github.com/user/repo 

Mark Waite

--
You received this message because you are subscribed to the Google Groups "Jenkins Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-use...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-users/7a811855-da28-4a82-9b33-ac824b5e89a3%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Vikas Kumar]

Thanks Mark, yeah this is one option but in this case, username and password are visible in console output. I am thinking to use SSH Keys.

On Monday, 2 October 2017 13:46:24 UTC+11, Mark Waite wrote:

If your GIT_URL is https, then you could embed the username and password into the URL.  For example, the URL:

    https://github.com/user/repo

can be 

    https://username:password@github.com/user/repo 

Mark Waite

[Vikas Kumar]

I have got a solution. Pls see this link for details. Thanks.