Reputation: 2076
Push tags to Bitbucket repository from Jenkins pipeline using withVault
I've a requirement to fetch the credentials from Vault in a keeper namespace and use withVault directive in Jenkins pipeline instead of withCredentials. I'm facing issues using withVault.
Below works fine using withCredentials directive in jenkins pipeline.
withCredentials([gitUsernamePassword(credentialsId: 'BITBUCKET_ACCESS_TOKEN_TDM', gitToolName: 'git')]) {
String tagName = "${branchName}/${params.RELEASE}-${env.BUILD_NUMBER}"
sh """
git tag ${tagName}
git push origin --tags
"""
}
Console Output:
12:54:23 + git tag gen_testing/8.4.1-246
12:54:23 + git push origin --tags
12:54:30 To https://bitbucket.company.com/bitbucket/scm/genpower/genpower-core.git
12:54:30 * [new tag] gen_testing/8.4.1-246 -> gen_testing/8.4.1-246
12:54:31 Everything up-to-date
Below is the config I used for withVault.
withVault(
configuration: [
timeout: 60,
vaultCredentialId: 'tdmapprole',
vaultNamespace: 'genpower/tdm',
vaultUrl: 'https://nat.keeper.company.com'
],
vaultSecrets: [
[
engineVersion: 2,
path: 'credentials/bitbucket_access_token',
secretValues: [
[
envVar: 'BITBUCKET_ACCESS_TOKEN_TDM',
vaultKey: 'tgen-tdm-tbs.gen'
]
]
]
]
) {
String tagName = "${branchName}/${params.RELEASE}-${env.BUILD_NUMBER}"
sh """
git tag ${tagName}
git remote set-url origin https://tgen-tdm-tbs.gen:${env.BITBUCKET_ACCESS_TOKEN_TDM}@bitbucket.company.com/bitbucket/scm/genpower/genpower-core.git
git push origin --tags
"""
}
}
And I get the below error.
09:57:54 + git push origin --tags
09:57:54 fatal: could not read Username for 'https://bitbucket.company.com': No such device or address
Please note that I'm using access tokens to push tags. The access token doesn't have any special characters other than /. The token retrieval from keeper namespace works fine.
Appreciate any inputs on this. Thanks!
Upvotes: 0
Views: 226
Answers (1)
Reputation: 2076
The error is due to missing url-encoding. After adding that, it worked. Access token contained special characters due to which it failed with the errors. If the access token contains any of the special characters below, replace it with their url-encoded representation.
! # $ & ' ( ) * + , / : ; = ? @ [ ]
%21 %23 %24 %26 %27 %28 %29 %2A %2B %2C %2F %3A %3B %3D %3F %40 %5B %5D
So at first I changed the variable that holds the token from this ${BITBUCKET_ACCESS_TOKEN_TDM} to this ${BITBUCKET_ACCESS_TOKEN_TDM/"/"/"%2F"}.
But it can be a headache with escape sequences used to replace / with %2F. There is a much simpler solution to this.
{
env.URL_ENCODED_BITBUCKET_ACCESS_TOKEN_TDM=URLEncoder.encode(BITBUCKET_ACCESS_TOKEN_TDM, "UTF-8")
String tagName = "${branchName}/${params.RELEASE}-${env.BUILD_NUMBER}"
sh """
set +x
git tag ${tagName}
git remote set-url origin https://tgen-tdm-tbs.gen:${URL_ENCODED_BITBUCKET_ACCESS_TOKEN_TDM}@bitbucket.company.com/bitbucket/scm/genpower/genpower-core.git
git push origin --tags
set -x
"""
}
Please note, if you don't turn off bash (set +x) debugging, the credentials will be printed in the job console.
Upvotes: 0
Related Questions
- Remove local git tags that are no longer on the remote repository
- How do you push a tag to a remote repository using Git?
- Delete all tags from a Git repository
- Add a tag to a repository with Jenkinsfile pipeline with credentials
- Jenkins, get code from Git by tag and not branch
- Azure Devops trigger pipeline with pushing tags from Bitbucket
- Git Fetch in Jenkins failing with timeout during build process for Bitbucket repository
- Jenkins Pipeline based on groovy : unable to push into git => Permission denied (publickey)
- Git push in Jenkins
- Clone from bitbucket private repository using jenkins Pipeline as code