Hi,
I'm having trouble with replacing tokens inside my config file.
The config file token replacement only respects environment variable values defined on the job, but not inside the withEnv or withCredential statement blocks.
And as far as I know (and used to), Jenkins or rather the statements provide the credentials as env vars.
Could anyone please help me on how to do it properly?
Maybe I'm just using the wrong macro in my config file?
Thank you!
Example code:
node('master'){
stage('test w/o magic') {
configFileProvider([configFile(fileId: 'c76d4a37-1233-4f8c-a2bb-e2f9cf4e05b4', replaceTokens: true, targetLocation: 'test.txt', variable: 'testfile')]) {
sh 'cat $testfile'
echo "var1: $env.var1"
echo "var2: $var2"
}
}
stage('testwith centials provider') {
withCredentials([string(credentialsId: 'aws_vault_password', variable: 'var1'),
sshUserPrivateKey(credentialsId: 'jenkins-robot-ssh-key',
keyFileVariable: 'var2',
passphraseVariable: 'var3',
usernameVariable: 'var4'),
usernameColonPassword(credentialsId: 'jenkins_robot_for_gitlab', variable: 'var5')]) {
configFileProvider([configFile(fileId: 'c76d4a37-1233-4f8c-a2bb-e2f9cf4e05b4', replaceTokens: true, targetLocation: 'test.txt', variable: 'testfile')]) {
sh 'cat $testfile'
echo "var1: $var1"
echo "var2: $var2"
echo "var5: $var5"
}
}
}
stage('test with env provider') {
withEnv(['var1=bla', 'var2=blubb', 'undefined=isdefined']) {
configFileProvider([configFile(fileId: 'c76d4a37-1233-4f8c-a2bb-e2f9cf4e05b4', replaceTokens: true, targetLocation: 'test.txt', variable: 'testfile')]) {
sh 'cat $testfile'
echo "var1: $env.var1"
echo "var2: $var2"
}
}
}
}
ENV vars declared at job level:
Config File:
Test for Token replacement on ${ENV, var="JOB_NAME"}
key1: ${ENV, var="var1"}
key2: ${ENV, var="var2"}
key5: ${ENV, var="var5"}
undefined: ${ENV, var="undefined"}
Output:
[Pipeline] node
Running on Jenkins in /var/lib/jenkins/workspace/IT/credentials-replacement
[Pipeline] {
[Pipeline] stage
[Pipeline] { (test w/o magic)
[Pipeline] wrap
provisioning config files...
copy managed file [Secret-File] to file:/var/lib/jenkins/workspace/IT/credentials-replacement/test.txt
[Pipeline] {
[Pipeline] sh
[credentials-replacement] Running shell script
+ cat /var/lib/jenkins/workspace/IT/credentials-replacement/test.txt
Test for Token replacement on IT/credentials-replacement key1: test
key2: foobar
key5:
undefined:
[Pipeline] echo
var1: test
[Pipeline] echo
var2: foobar
[Pipeline] }
[Pipeline] // wrap
[Pipeline] }
[Pipeline] // stage
[Pipeline] stage
[Pipeline] { (testwith centials provider)
[Pipeline] withCredentials
[Pipeline] {
[Pipeline] configFileProvider
provisioning config files...
copy managed file [Secret-File] to file:/var/lib/jenkins/workspace/IT/credentials-replacement/test.txt
[Pipeline] {
[Pipeline] sh
[credentials-replacement] Running shell script
+ cat /var/lib/jenkins/workspace/IT/credentials-replacement/test.txt
Test for Token replacement on IT/credentials-replacement key1: test
key2: foobar
key5:
undefined:
[Pipeline] echo
var1: ****
[Pipeline] echo
var2: ****
[Pipeline] echo
var5: ****
[Pipeline] }
[Pipeline] // configFileProvider
[Pipeline] }
[Pipeline] // withCredentials
[Pipeline] }
[Pipeline] // stage
[Pipeline] stage
[Pipeline] { (test with env provider)
[Pipeline] withEnv
[Pipeline] {
[Pipeline] configFileProvider
provisioning config files...
copy managed file [Secret-File] to file:/var/lib/jenkins/workspace/IT/credentials-replacement/test.txt
[Pipeline] {
[Pipeline] sh
[credentials-replacement] Running shell script
+ cat /var/lib/jenkins/workspace/IT/credentials-replacement/test.txt
Test for Token replacement on IT/credentials-replacement key1: test
key2: foobar
key5:
undefined:
[Pipeline] echo
var1: bla
[Pipeline] echo
var2: blubb
[Pipeline] }
[Pipeline] // configFileProvider
[Pipeline] }
[Pipeline] // withEnv
[Pipeline] }
[Pipeline] // stage
[Pipeline] }
[Pipeline] // node
[Pipeline] End of Pipeline
Finished: SUCCESS
Expected:
different outputs for "key1:", "key2:" and "key5:" than the values provided on the job level.
Best,
Roger