Environment
Jenkins 2.462.2
Problem Description
I am working on a Jenkinsfile (Jenkins Pipeline).
There are warnings and errors in the console output after I pass credentials(type: Usernames and passwords) to the "Publish over SSH" plugin.
Pipeline Status Warning
The following steps that have been detected may have insecure interpolation of sensitive variables (click here for an explanation):
sh: [HARBOR_PSW]
sshPublisher: [HARBOR_PSW]Pipeline Console Output Warning
Warning: A secret was passed to "sshPublisher" using Groovy String interpolation, which is insecure.
Affected argument(s) used the following variable(s): [HARBOR_PSW]
See https://jenkins.io/redirect/groovy-string-interpolation for details.Solve
Use single quotes to enclose the credential variable, and then use "+" to concatenate it with other codes.
Example 1
Image
Code
...
stage('Example1') {
environment {
HARBOR = credentials('CredentialID')
}
steps {
sh "docker build -t $proj_name:$proj_tag -f docker/Dockerfile-uwsgi . && \
docker login -u " + '$HARBOR_USR' + " -p " + '$HARBOR_PSW' + " $harbor_addr && \
docker tag $proj_name:$proj_tag $harbor_addr/$harbor_repo/$proj_name:$proj_tag && \
docker push $harbor_addr/$harbor_repo/$proj_name:$proj_tag"
}
}
...Example 2
Image
Code
...
steps {
sshPublisher(publishers: [sshPublisherDesc(configName: 't01-ubuntu', transfers:
[sshTransfer(cleanRemote: false, excludes: '',
execCommand: "deploy-swarm.sh $harbor_addr $harbor_repo $proj_name $proj_tag $local_path $HARBOR_USR" + '$HARBOR_PSW',
execTimeout: 120000, flatten: false, makeEmptyDirs: false, noDefaultExcludes: false, patternSeparator: '[, ]+',
remoteDirectory: '', remoteDirectorySDF: false, removePrefix: '', sourceFiles: '')],
usePromotionTimestamp: false, useWorkspaceInPromotion: false, verbose: false)])
...Keyword
Passing credentials to downstream build step in Jenkins pipeline
Unable to interpolate sensitive environment variables