I am using a yaml
file to configure a jenkins job, and I came across the feature inject-passwords
(see here). However, this documentation neither describes on how to use the variable within the jenkins environment, nor what 'encrypted' password means (How to encrypt?). The link leading to the EnvInjectPlugin also does not have the required information.
Where can I find useful information/documentation? And why is this documentation so incomplete?
Context:
I want to inject passwords in a safe way into a jenkins job. In this jenkins job I want to use this password as a password to log in to an online service in order to test several aspects of that service. I need the test script to get that password (environment variable?) to be able to log in to a service.
Open questions not answered in the referenced documentation:
The documentation for the password injection is not useable. Therefore I provide a complete example here.
First, you ned to get the encryped password.
Second step, you need to put the password in the yaml file as follows:
wrappers:
- inject-passwords:
global: true
mask-password-params: true
job-passwords:
- name: TEST_USER_PASSWORD
password: '{AQAAABAAAAAQvsFFVkOmzr5WzEhX8OWuK7mizr5xzEhX8lGo2AGMVw8=}'
- name: TEST_USER_PASSWORD2
password: '{AQAAABAAAAAQvsFFVkOmzr5xzEhX8lGo2AcPGMVw8b8SflGo2AcPGMVw8=}'
Note: The password are in quotes AND in curly brackets.
Third step: In jenkins you can use the environment variables TEST_USER_PASSWORD
and TEST_USER_PASSWORD2
. These variables will contain the decrypted password, but when you print them out, jenkins will notice there is a password in the log, which jenkins will obfuscate.
Example:
Actual output
My password is jddfdjh44y98dyghsdgdgfdg
Jenkins log output
My password is [********]
You can print the content of the variable step-by-step to get the password (to check that it works).