Hello, we are having a problem with Jenkins+Vault plugin. If credential has double dollar signs one of them gets removed when Jenkins passes it to env. According to following thread I suppose it is related to Jenkins but not plugin. Any ways to fix/escape this problem?
Hello @sukur55 and welcome to this community
I’m not so sure you’re having the same behaviour which is described in the Jira issue, but it sure looks like it could be linked.
Would you have any logs or configuration to share?
Configuration done from Jenkins ui not pipeline file, it basicly connects Vault and grabs key values, when there is double quota on Vault credential, one of them gets removed when Jenkins pass credential to env variable. So pass$$123 on Vault ends up pass$123 on Jenkins env. I will check logs if I find something regarding this.
I was not able to find any log related to it, as it is not an Error but some kind of a bug.
I don’t think that’s true. I think something else is going on. Can you show us how your testing/confirming this behavior? Its usually how shell/quotes are handled.
Okay, please check out following, basicly I use Hashicorp Vault plugin to get credential from vault ant set to ENV on Jenkins. Env setting process all dones by plugin+Jenkins no custom stuff there, there is just one way of doing it.
Case1: password is “12345test” on Vault and when I do printenv on execute section of job I get following
So it is considered as secret and hided
Case2: password is “p@$$DASD” on Vault and printenv shows…
So it dedect it not even as secret and one dollar sign is gone.
I tried echo with different quota combinations, same result. I strongly believe that above Jira issue describes this. Possibly it could be plugin too