[JIRA] (JENKINS-38963) User-scoped credentials cannot be looked up in pipeline

vehovsky@gmail.com (JIRA)

unread,

Oct 13, 2016, 8:17:01 AM10/13/16

to jenkinsc...@googlegroups.com

Martin Vehovsky updated an issue

Jenkins /

JENKINS-38963

User-scoped credentials cannot be looked up in pipeline

Change By:	Martin Vehovsky
Summary:	User-scoped credentials cannot be looked up with in pipeline

Add Comment

This message was sent by Atlassian JIRA (v7.1.7#71011-sha1:2526d7c)

vehovsky@gmail.com (JIRA)

unread,

Oct 13, 2016, 8:17:02 AM10/13/16

to jenkinsc...@googlegroups.com

Martin Vehovsky updated an issue

Jenkins /

JENKINS-38963

User-scoped credentials cannot be looked up in pipeline

Change By:	Martin Vehovsky

It's possible to look-up User-scoped credentials in Freestyle jobs with Bindings. The same seems not to works work in pipeline jobs.

{code:java}
node {
    withCredentials([[$class          : 'UsernamePasswordMultiBinding', credentialsId: 'bc047678-37b8-4747-95d8-c1a8b3df51a6',
                     usernameVariable: 'USERNAME', passwordVariable: 'PASSWORD']]) {
        echo "${env.USERNAME}"
    }
}
{code}

{code:java}
org.jenkinsci.plugins.credentialsbinding.impl.CredentialNotFoundException: bc047678-37b8-4747-95d8-c1a8b3df51a6
at org.jenkinsci.plugins.credentialsbinding.MultiBinding.getCredentials(MultiBinding.java:124)
at org.jenkinsci.plugins.credentialsbinding.impl.UsernamePasswordMultiBinding.bind(UsernamePasswordMultiBinding.java:68)
at org.jenkinsci.plugins.credentialsbinding.impl.BindingStep$Execution.start(BindingStep.java:92)
{code}

Add Comment

vehovsky@gmail.com (JIRA)

unread,

Oct 13, 2016, 8:20:01 AM10/13/16

to jenkinsc...@googlegroups.com

Martin Vehovsky updated an issue

Jenkins /

JENKINS-38963

User-scoped credentials cannot be looked up in pipeline

Change By:	Martin Vehovsky

It's possible to look-up User-scoped credentials in Freestyle jobs with Bindings. The same seems not to work in pipeline jobs.

{code:java}
node {
    withCredentials([[$class          : 'UsernamePasswordMultiBinding', credentialsId: 'bc047678-37b8-4747-95d8-c1a8b3df51a6',
                     usernameVariable: 'USERNAME', passwordVariable: 'PASSWORD']]) {
        echo "${env.USERNAME}"
    }
}
{code}

{code:java}
org.jenkinsci.plugins.credentialsbinding.impl.CredentialNotFoundException: bc047678-37b8-4747-95d8-c1a8b3df51a6
at org.jenkinsci.plugins.credentialsbinding.MultiBinding.getCredentials(MultiBinding.java:124)
at org.jenkinsci.plugins.credentialsbinding.impl.UsernamePasswordMultiBinding.bind(UsernamePasswordMultiBinding.java:68)
at org.jenkinsci.plugins.credentialsbinding.impl.BindingStep$Execution.start(BindingStep.java:92)
{code}

Plugin versions:
_credentials-binding: 1.9_
_credentials: 2.1.5_

Add Comment

vehovsky@gmail.com (JIRA)

unread,

Oct 15, 2016, 5:35:01 AM10/15/16

to jenkinsc...@googlegroups.com

Martin Vehovsky commented on

JENKINS-38963

Re: User-scoped credentials cannot be looked up in pipeline

Just found out, that it's possible to look-up user-scoped sredentials with '${Credentials}'

 
                                                                node {
    withCredentials([[$class          : 'UsernamePasswordMultiBinding', credentialsId: '${Credentials}',
                      usernameVariable: 'USERNAME', passwordVariable: 'PASSWORD']]) {
    }
}
 
                                                            

Could someone please clarify documentation for this?
Thank you

Add Comment

emmanuelrousselle@gmail.com (JIRA)

unread,

Nov 2, 2016, 8:04:01 PM11/2/16

to jenkinsc...@googlegroups.com

Emmanuel Rousselle commented on

JENKINS-38963

Re: User-scoped credentials cannot be looked up in pipeline

I'm facing the same issue and it's not clear to me if:

It's a documentation problem (the plugin is able to fetch user-scope credentials but how to do this is absent from the documentation), OR
The plugin doesn't support fetching user-scope credentials at all

Can someone familiar with the code clarify this?

Thank you.

Add Comment

jglick@cloudbees.com (JIRA)

unread,

Nov 7, 2016, 4:44:02 PM11/7/16

to jenkinsc...@googlegroups.com

Jesse Glick commented on

JENKINS-38963

Re: User-scoped credentials cannot be looked up in pipeline

Stephen Connolly knows more about user-scoped credentials. Possibly you need to use Authorized Project to associate an authentication with the build. There is no test case in this plugin that covers user-scoped credentials so as far as I am concerned it is not supported.

Add Comment

stephen.alan.connolly@gmail.com (JIRA)

unread,

Nov 9, 2016, 12:14:04 PM11/9/16

to jenkinsc...@googlegroups.com

Stephen Connolly commented on

JENKINS-38963

Re: User-scoped credentials cannot be looked up in pipeline

So to fetch user scoped credentials there are one of two conditions that must be met, either:

1. The build must be running as the user that owns the credentials (this requires the AuthorizedProject plugin be configured); or
2. The credentials must come from a credentials parameter and be selected by the user and that user must have the Credentials/USE_OWN permission (typically implied by Job/BUILD unless you request them separated out by setting a system property). If you use the default credentials in the parameter, then those will not be searched for as the idea is to prevent the user's credentials being hijacked without an explicit selection by the user triggering the build

Add Comment

jglick@cloudbees.com (JIRA)

unread,

Jan 27, 2017, 10:09:07 AM1/27/17

to jenkinsc...@googlegroups.com

Jesse Glick updated an issue

Jenkins /

JENKINS-38963

User-scoped credentials cannot be looked up in pipeline

Change By:	Jesse Glick
Labels:	pipeline

Add Comment

jglick@cloudbees.com (JIRA)

unread,

Jan 27, 2017, 10:14:01 AM1/27/17

to jenkinsc...@googlegroups.com

Jesse Glick updated an issue

Jenkins /

JENKINS-38963

User-scoped credentials cannot be looked up in pipeline

Change By:	Jesse Glick
Labels:	documentation pipeline

Add Comment

boards@gmail.com (JIRA)

unread,

Aug 26, 2019, 3:23:02 PM8/26/19

to jenkinsc...@googlegroups.com

Matt Sicker commented on

JENKINS-38963

Re: User-scoped credentials cannot be looked up in pipeline

This feature is improved in ~~JENKINS-58170~~ and will also be supported by an upcoming release of pipeline-input-step to support user-scoped credentials prompted via an input step.

Add Comment

This message was sent by Atlassian Jira (v7.11.2#711002-sha1:fdc329d)

boards@gmail.com (JIRA)

unread,

Aug 26, 2019, 3:32:04 PM8/26/19

to jenkinsc...@googlegroups.com

Matt Sicker resolved as Fixed

This was implemented in ~~JENKINS-58170~~, though it requires the use of credentials build parameters. Alternatively, you can use authorize-project to automate the user who is bound to the build to access their credentials.

Jenkins /

JENKINS-38963

User-scoped credentials cannot be looked up in pipeline

Change By:	Matt Sicker
Status:	Open Resolved
Resolution:	Fixed

Add Comment

vit_zikmund@cz.ibm.com (JIRA)

unread,

Sep 23, 2019, 8:52:08 AM9/23/19

to jenkinsc...@googlegroups.com

Vít Zikmund edited a comment on

JENKINS-38963

Re: User-scoped credentials cannot be looked up in pipeline

Hello there, [~jvz]. If you suggest using the authorize- project plugin for this purpose, can you confirm it actually works? All my white-box attempts so far failed as those in JENKINS-44772.

Add Comment

This message was sent by Atlassian Jira (v7.13.6#713006-sha1:cc4451f)

vit_zikmund@cz.ibm.com (JIRA)

unread,

Sep 23, 2019, 8:52:08 AM9/23/19

to jenkinsc...@googlegroups.com

Vít Zikmund commented on

JENKINS-38963

Re: User-scoped credentials cannot be looked up in pipeline

Hello there, Matt Sicker. If you suggest using the authorize-plugin for this purpose, can you confirm it actually works? All my white-box attempts so far failed as those in JENKINS-44772.

Add Comment

Reply all

Reply to author

Forward