Jenkins gives withCredentials() feature (Credentials Binding Plugin (jenkins.io)), that basically gives the closure code the option to obfuscate in UI but pass actual credentials under user specified usernameVariable and passwordVariable value-named variables. Basically, later on one could do env.<defined_variable> to get respective credential part. But how do we get the name of said variables to check, eg. by detecting from a shared lib code/method, when we cannot be sure the devs using shared lib are using same variable names…
You know, something like:
withCredentials([usernamePassword(credentialsId: "sq-creds", usernameVariable: 'SQ_USR', passwordVariable: 'SQ_PWD')]) {
withSonarQubeEnv(env.SQ_SERVER) {
sharedLibMethodThatUsesCredentials()
}
}
Eg. some users may specify usernameVariable=SERVERUSER passwordVariable=SERVERPASSWORD, others would use SERVICE* naming, others would drop vowels and use *USR and *PWD respectively, others would think up vastly different schemes. How can we extract which variables to use from such shared lib method, eg. something like:
sharedLibMethodThatUsesCredentials(){
String user = null
if(env.usernameVariable) { user = env["${env.usernameVariable}"] }
(...)
}
Now, while this looks simple, “just add credentials as params” when calling said shared lib method, but it’s not that easy, cause in our case the amount of code that would need alteration and verification would take far too many man-hours across all the projects. Thus, since I already know devs/users are already employing withCredentials() block as shown, I’d need to find a way to extract those creds “automatically” in the shared lib method.