CODEWITHSUNDEEP
jenkins
TWT
TWT

Reputation: 2571

How to send credentials to a powershell script in a jenkins pipeline?

When executing the following code in a Jenkins pipeline, a "The following steps that have been detected may have insecure interpolation of sensitive variables" warning is being added to the build, with a link to https://www.jenkins.io/doc/book/pipeline/jenkinsfile/#string-interpolation with explanation.

                powershell script: """ 
                \$ErrorActionPreference = "Stop" 
                cd "${WORKSPACE}\\MyDirectory"
                & .\\myScript.ps1 -user "${creds_USR}" -passw "${creds_PSW}" 
            """

I've already tried to change it as described in the link above, but then the variables don't seem to be replaced anymore.

                powershell script: ''' 
                \$ErrorActionPreference = \"Stop\" 
                cd \"$WORKSPACE\\MyDirectory\"
                & .\\myScript.ps1 -user \"$creds_USR\" -passw \"$creds_PSW\" 
            '''

Would somebody know a working solution for this please?

Upvotes: 0

Views: 2966

Answers (1)

Adam Smith
Adam Smith

Reputation: 54193

Presumably you have a block like this that's generating those values:

environment {
    creds = credentials('some-credentials')
}

So your build environment has those variables available to Powershell. Rather than interpolating the string that constitutes the Powershell script, then, just write the script to pull the data from the environment.

    powershell script: '''\
$ErrorActionPreference = "Stop"
cd "$Env:WORKSPACE\MyDirectory"
& .\myScript.ps1 -user "$Env:creds_USR" -passw "$Env:creds_PSW"
'''

Upvotes: 4

Related Questions