The Correct Way to Handle Credentials in a Jenkins Pipeline

preview_player
Показать описание
Need help with your Jenkins questions?

Timecodes ⏱:

0:00 Intro
0:19 Overview
0:34 environment directive
1:37 example pipeline
2:13 String interpolation
3:56 Interpolation of sensitive environment variables
5:32 Example pipelines
8:51 Conclusion

Information referenced in this video:

environment directive for declarative pipeline

Interpolation of sensitive environment variables
  1. CloudBeesTV
  2. darin pope
  3. jenkins tutorials
  4. jenkins credentials
  5. jenkins declarative pipeline
Рекомендации по теме
Is this the 0:00:15

Is this the best way to handle a traffic stop while armed?

How to Handle 0:05:20

How to Handle Disrespect | The Best Way To Deal With Rude People | Want RESPECT 🤔 🤔

THE BEST Way 0:07:35

THE BEST Way to Handle Anxiety in 2024

The BEST way 0:03:16

The BEST way to handle an ANGRY person with emotional intelligence

How Do You 0:03:45

How Do You Handle Stress? | Best Answer (from former CEO)

The Best Way 0:01:57

The Best Way To Control Anger | Ryan Holiday | Daily Stoic Podcast

How to Handle 0:10:56

How to Handle a Disrespectful Wife the Right Way!

Brandon Smith - 0:02:04

Brandon Smith - The best way to handle a bad performance review

Is This The 0:00:47

Is This The Best Way To Control Your Gain?

The Right Way 0:33:49

The Right Way to Handle Options for Safe Monthly Income!

The right way 0:20:38

The right way to handle criticism and feedback | Dr. Henry Cloud

The Right Way 0:00:23

The Right Way to Handle Problems in Business

The Only Right 0:13:12

The Only Right Way To Handle Errors in React - No More Error Boundaries

This is BEST 0:00:58

This is BEST way to HANDLE and VIEW REJECTION!

Best way to 0:00:26

Best way to handle rejection🥰

Office Gossip: The 0:03:08

Office Gossip: The Best Way to Handle It

The Best Way 0:00:21

The Best Way To Handle TOXIC people #psychologyfacts #humanbehavior

How to handle 0:05:14

How to handle a trout (the right way)

HOW DO YOU 0:02:58

HOW DO YOU HANDLE STRESS AND PRESSURE? (The BEST ANSWER to this CHALLENGING Interview Question!)

The Correct Way 0:09:50

The Correct Way to Handle Credentials in a Jenkins Pipeline

'Hey Bill Nye, 0:04:53

'Hey Bill Nye, What's the Best Way to Handle Overpopulation?' #TuesdaysWithBill | Big...

Not sure this 0:00:57

Not sure this is the correct way to handle a crisis #TheOffice #DwightSchrute #Shorts

The Right Way 0:13:43

The Right Way to Handle Leash Reactivity in Dobermans (No Gimmicks)

The BEST Way 0:11:58

The BEST Way To Handle Retroactive Jealousy TRIGGERS [THIS ALWAYS WORKS!]

Комментарии
Автор

Timecodes ⏱:

0:00 Intro
0:19 Overview
0:34 environment directive
1:37 example pipeline
2:13 String interpolation
3:56 Interpolation of sensitive environment variables
5:32 Example pipelines
8:51 Conclusion

Information referenced in this video:

environment directive for declarative pipeline

Interpolation of sensitive environment variables

CloudBeesTV
Автор

This is useful for using credentials but I'm hoping you could add another video on using credentials scope (i.e. user/system) and domain. Specifically how to define and use credentials for a single (non-admin) user.

BramMertens
Автор

This is a good summary of the basics, but what happens when we want to use parameters or other environment variables within the same shell string? Single quotes resolves the warning message and passes the secrets securely, but it breaks every other type of string interpolation. How can we do both at the same time?

Beokabatuka
Автор

Thank you for the video. Helped me a lot.

allanfernandes
Автор

Even if you use single quotes, a shell will perform variable interpolation and will run curl process with exposed credentials. So you will be able to see them in OS process list even if you use single quotes. So how can single quotes be much more secure? You will see the credentials in OS process list regardless of what kind of quotes you use.

grigorytrenin
Автор

Thank you for the video, this helped to understand about each KIND of credentials use, also do you have any video on how to use WITHCREDENTIALS syntax? how & what to use in it.? would be helpful if you can post

prasadkancharlaautomation
Автор

How to pass aws access and secret key in Jenkins pipeline for running aws-describe instance command

ramnarasimha
Автор

I think the single-quote pattern was updated from '$CRED' to '%CRED%'

toniasanzo
Автор

I did not see any difference between the use of single and double quotes. Both were showing ****. Just the warning was missing in the single quote.

niranjanhettiwatte
Автор

agent label linux crashed my pipeline but neverthless adding this label for my built-in-node in nodes fixed it again.

UK-slgu
Автор

If the credential has a dollar sign in it? Why it isn't handled?

CorporalAdrianShephard
Автор

Nope, wrong. All you've done is silenced the warning in Jenkins, you haven't changed the actual security posture at all.

What you did is move variable expansion from Groovy to the shell executing curl, but both forms will still toss the raw credentials to exec() and thus show up bright as day in a ps process listing by any user on the system.

If you must use curl with basic auth credentials, use a netrc file and make sure you lock down its file permissions properly.

ByronBrummer