Menu
I have found a way to access the credentials store in Jenkins:
def getPassword = { username -> def creds = com.cloudbees.plugins.credentials.CredentialsProvider.lookupCredentials( com.cloudbees.plugins.credentials.common.StandardUsernamePasswordCredentials.class, jenkins.model.Jenkins.instance ) def c = creds.findResult { it.username == username ? it : null } if ( c ) { println "found credential ${c.id} for username ${c.username}" def credentials_store = jenkins.model.Jenkins.instance.getExtensionList( 'com.cloudbees.plugins.credentials.SystemCredentialsProvider' )[0].getStore() println "result: " + credentials_store } else { println "could not find credential for ${username}" } } getPassword("XYZ") But now i would like to get the password for the appropriate user which i can't do...
I always get unknown method etc. if i try to access passord etc.
The reason for doing this is to use this user/password to call git and extract information from repository..
I always get something like this:
result: com.cloudbees.plugins.credentials.SystemCredentialsProvider$StoreImpl@1639eab2 After experimenting more (and the hint of Jeanne Boyarsky) with it i found that i was thinking to compilcated. The following already gives me the password for the user:
def getUserPassword = { username -> def creds = com.cloudbees.plugins.credentials.CredentialsProvider.lookupCredentials( com.cloudbees.plugins.credentials.common.StandardUsernamePasswordCredentials.class, jenkins.model.Jenkins.instance ) def c = creds.findResult { it.username == username ? it : null } if ( c ) { return c.password } else { println "could not find credential for ${username}" } } Furthermore by using the following snippet you can iterate over the whole credentials store:
def credentials_store = jenkins.model.Jenkins.instance.getExtensionList( 'com.cloudbees.plugins.credentials.SystemCredentialsProvider' ) println "credentials_store: ${credentials_store}" println " Description: ${credentials_store.description}" println " Target: ${credentials_store.target}" credentials_store.each { println "credentials_store.each: ${it}" } credentials_store[0].credentials.each { it -> println "credentials: -> ${it}" if (it instanceof com.cloudbees.plugins.credentials.impl.UsernamePasswordCredentialsImpl) { println "XXX: username: ${it.username} password: ${it.password} description: ${it.description}" } } And you will get an output like this:
[(master)]: credentials_store: [com.cloudbees.plugins.credentials.SystemCredentialsProvider@5a2822be] Description: [The descriptions...] Target: [com.cloudbees.plugins.credentials.SystemCredentialsProvider@5a2822be] credentials_store.each: com.cloudbees.plugins.credentials.SystemCredentialsProvider@5a2822be credentials: -> com.cloudbees.jenkins.plugins.sshcredentials.impl.BasicSSHUserPrivateKey@38357ca1 credentials: -> com.cloudbees.jenkins.plugins.sshcredentials.impl.BasicSSHUserPrivateKey@47cf7703 credentials: -> com.cloudbees.plugins.credentials.impl.UsernamePasswordCredentialsImpl@739abac5 XXX: username: User1 password: Password description: The description of the user. credentials: -> com.cloudbees.plugins.credentials.impl.UsernamePasswordCredentialsImpl@884a53e6 XXX: username: User2 password: Password1 description: The description of the user1. Result: [com.cloudbees.jenkins.plugins.sshcredentials.impl.BasicSSHUserPrivateKey@38357ca1, com.cloudbees.jenkins.plugins.sshcredentials.impl.BasicSSHUserPrivateKey@47cf7703, com.cloudbees.plugins.credentials.impl.UsernamePasswordCredentialsImpl@739abac5, com.cloudbees.plugins.credentials.impl.UsernamePasswordCredentialsImpl@884a53e6] So by using the appropriate class in the instanceof clause you can select what you need.
947
To retrieve Jenkins credentials, you should import cloudbees credentials specific libraries. And use the lookupCredentials function to get all the credentials stored in Jenkins. Here is the full groovy script to list all the Jenkins credentials. You can test this script using the Jenkins script console.
From the Jenkins home page (i.e. the Dashboard of the Jenkins classic UI), click Manage Jenkins > Manage Credentials. Under Stores scoped to Jenkins on the right, click on Jenkins. Under System, click the Global credentials (unrestricted) link to access this default domain. Click Add Credentials on the left.
To use, first go to the Credentials link and add items of type Secret file and/or Secret text. Now in a freestyle job, check the box Use secret text(s) or file(s) and add some variable bindings which will use your credentials. The resulting environment variables can be accessed from shell script build steps and so on.
This works. It gets the credentials rather than the store.
I didn't write any error handling so it blows up if you don't have a credentials object set up (or probably if you have two). That part is easy to add though. The tricky part is getting the right APIs!
def getPassword = { username -> def creds = com.cloudbees.plugins.credentials.CredentialsProvider.lookupCredentials( com.cloudbees.plugins.credentials.common.StandardUsernamePasswordCredentials.class, jenkins.model.Jenkins.instance ) def c = creds.findResult { it.username == username ? it : null } if ( c ) { println "found credential ${c.id} for username ${c.username}" def systemCredentialsProvider = jenkins.model.Jenkins.instance.getExtensionList( 'com.cloudbees.plugins.credentials.SystemCredentialsProvider' ).first() def password = systemCredentialsProvider.credentials.first().password println password } else { println "could not find credential for ${username}" } } getPassword("jeanne") The official solution n the jenkins wiki
Printing a list of all the credentials in the system and their IDs.
def creds = com.cloudbees.plugins.credentials.CredentialsProvider.lookupCredentials( com.cloudbees.plugins.credentials.Credentials.class, Jenkins.instance, null, null ); for (c in creds) { println(c.id + ": " + c.description) } If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
