Reputation: 4339
Parametrize withCredentials block in Jenkinsfile
I am trying to parameterize the credentials block in my Jenkinsfile and not able to do so.
Here is what i currently have
stage("Deploy") {
if ("${ENVIRONMENT}"=='dev') {
wrap([$class: 'VaultBuildWrapper', configuration: configuration, vaultSecrets: secrets]) {
withCredentials([string(credentialsId: 'secret1_dev', variable: 'SECRET1'), string(credentialsId: 'secret2_dev', variable: 'SECRET2'),string(credentialsId: 'secret3_dev', variable: 'SECRET3'), string(credentialsId: 'secret4_dev', variable: 'SECRET4'),string(credentialsId: 'secret5_dev', variable: 'SECRET5'), string(credentialsId: 'secret6_dev', variable: 'SECRET6')]){
} else {
wrap([$class: 'VaultBuildWrapper', configuration: configuration, vaultSecrets: secrets]) {
withCredentials([string(credentialsId: 'secret1_qa', variable: 'SECRET1'), string(credentialsId: 'secret2_qa', variable: 'SECRET2'),string(credentialsId: 'secret3_qa', variable: 'SECRET3'), string(credentialsId: 'secret4_qa', variable: 'SECRET4'),string(credentialsId: 'secret5_qa', variable: 'SECRET5'), string(credentialsId: 'secret6_qa', variable: 'SECRET6')]){
}
sh """
export DEPLOYMENT_ENVIRONMENT=${ENVIRONMENT}
source ~/.bashrc
echo 'parametrized credentials!'
"""
}
}
}
I am getting below error
org.codehaus.groovy.control.MultipleCompilationErrorsException: startup failed:
WorkflowScript: 58: expecting '}', found 'else' @ line 58, column 17.
} else {
^
What i want to do is depending on what ENVIRONMENT is given to the job via parameter, it selects what credentialsId to pick for the secret variable am passing to the job.
Anyone know how to properly do this?
Thanks
Upvotes: 0
Views: 5004
Answers (2)
Reputation: 4339
i will accept @gerard-ryan answer but this is simplify what i needed derived from his answer
stage("Deploy") {
wrap(
[
$class: 'VaultBuildWrapper',
configuration: configuration,
vaultSecrets: secrets
]
) {
withCredentials(
[
string(credentialsId: "secret1_${ENVIRONMENT}", variable: 'SECRET1'),
string(credentialsId: "secret2_${ENVIRONMENT}", variable: 'SECRET2'),
string(credentialsId: "secret3_${ENVIRONMENT}", variable: 'SECRET3'),
string(credentialsId: "secret4_${ENVIRONMENT}", variable: 'SECRET4'),
string(credentialsId: "secret5_${ENVIRONMENT}", variable: 'SECRET5'),
string(credentialsId: "secret6_${ENVIRONMENT}", variable: 'SECRET6')
]
) {
sh """
export DEPLOYMENT_ENVIRONMENT=${ENVIRONMENT}
source ~/.bashrc
echo 'parametrized credentials!'
"""
}
}
}
I did not the final string section as i already have the ENVIRONMENT parameterized
Upvotes: 1
Reputation: 2017
Your error is simply down to your block nesting being incorrect. in programming languages like Groovy (in this case) that use curly braces to denote blocks, you open the blocks from the outermost to the innermost, then you close from innermost to outermost. E.g.
while(outer) {
if (inner1) {
echo "inner1"
} else {
echo "inner2"
}
}
So for your case, it would look something like this (long lines wrapped for readability):
stage("Deploy") {
if ("${ENVIRONMENT}"=='dev') {
wrap(
[
$class: 'VaultBuildWrapper',
configuration: configuration,
vaultSecrets: secrets
]
) {
withCredentials(
[
string(credentialsId: 'secret1_dev', variable: 'SECRET1'),
string(credentialsId: 'secret2_dev', variable: 'SECRET2'),
string(credentialsId: 'secret3_dev', variable: 'SECRET3'),
string(credentialsId: 'secret4_dev', variable: 'SECRET4'),
string(credentialsId: 'secret5_dev', variable: 'SECRET5'),
string(credentialsId: 'secret6_dev', variable: 'SECRET6')
]
) {
sh """
export DEPLOYMENT_ENVIRONMENT=${ENVIRONMENT}
source ~/.bashrc
echo 'parametrized credentials!'
"""
}
}
} else {
wrap(
[
$class: 'VaultBuildWrapper',
configuration: configuration,
vaultSecrets: secrets
]
) {
withCredentials(
[
string(credentialsId: 'secret1_qa', variable: 'SECRET1'),
string(credentialsId: 'secret2_qa', variable: 'SECRET2'),
string(credentialsId: 'secret3_qa', variable: 'SECRET3'),
string(credentialsId: 'secret4_qa', variable: 'SECRET4'),
string(credentialsId: 'secret5_qa', variable: 'SECRET5'),
string(credentialsId: 'secret6_qa', variable: 'SECRET6')
]
) {
sh """
export DEPLOYMENT_ENVIRONMENT=${ENVIRONMENT}
source ~/.bashrc
echo 'parametrized credentials!'
"""
}
}
}
}
Now, that seems unnecessarily duplicated, right? You want to only have one copy of your sh step, and for the correct credentials to be available within it, depending on the ${ENVIRONMENT} variable. You could try storing the suffix for the credentials in a variable, and then using a GString for the name in each case. Something like this should do the trick (note: I haven't tried this out but I'm relatively confident that it should work):
stage("Deploy") {
final String credentialSuffix = ENVIRONMENT == 'dev' ? 'dev' : 'qa'
wrap(
[
$class: 'VaultBuildWrapper',
configuration: configuration,
vaultSecrets: secrets
]
) {
withCredentials(
[
string(credentialsId: "secret1_${credentialSuffix}", variable: 'SECRET1'),
string(credentialsId: "secret2_${credentialSuffix}", variable: 'SECRET2'),
string(credentialsId: "secret3_${credentialSuffix}", variable: 'SECRET3'),
string(credentialsId: "secret4_${credentialSuffix}", variable: 'SECRET4'),
string(credentialsId: "secret5_${credentialSuffix}", variable: 'SECRET5'),
string(credentialsId: "secret6_${credentialSuffix}", variable: 'SECRET6')
]
) {
sh """
export DEPLOYMENT_ENVIRONMENT=${ENVIRONMENT}
source ~/.bashrc
echo 'parametrized credentials!'
"""
}
}
}
Upvotes: 2
Related Questions
- Define credential parameter in parameters in Jenkins declarative pipeline?
- How to dynamically pass credentialsId to Jenkins pipeline
- Jenkins : use withCredentials in global environment section
- Jenkins - translate withCredentials into declarative style syntax
- Jenkins withCredentials in dynamic selected parameters
- Use withCredentials([usernamePassword( ... ) ]) in Jenkins Pipeline Library
- How to use multiple credentials in withCredentials in Jenkins Pipeline
- Jenkins Pipelines: How to use withCredentials() from a shared-variable script
- How to Set multiple credentials using withcredentials in jenkins pipeline groovy file
- Jenkins credentials in script block