How do I define Credentials as params in Jenkinsfile scripted pipeline - jenkins

I am defining a scripted pipeline with many inputs, 2 of them are credentials. In the UI I can see how to add an input that is a credential, but I can't find anything on how to define Credential Params for scripted Pipelines. My params are defined like:
properties([
buildDiscarder(logRotator(numToKeepStr: '20')),
parameters([
stringParam(name: 'export_credentials'),
stringParam(name: 'import_credentials'),
]),
])
But I'd prefer it to be actual credentials params and not string ones

To keep the string secured use the following:
properties([
buildDiscarder(logRotator(numToKeepStr: '20')),
parameters([
password(description: 'b', name: 'b')
])
])

I figured it out after exploring the job-dsl plugin API (<jenkins_url>/plugin/job-dsl/api-viewer/index.htm):
properties([
buildDiscarder(logRotator(numToKeepStr: '20')),
disableResume(),
parameters([
credentials(name: 'export_token_credential_id', required: true, credentialType: "com.cloudbees.plugins.credentials.impl.UsernamePasswordCredentialsImpl", defaultValue: 'dockerjenkins-token', description: 'Username and API Token for the Jenkins to migrate from'),
credentials(name: 'import_token_credential_id', required: true, credentialType: "com.cloudbees.plugins.credentials.impl.UsernamePasswordCredentialsImpl", defaultValue: 'cloudbees-token', description: 'Username and API Token for this Jenkins'),
stringParam(name: 'item', description: 'Item (job) to migrate. '),
choiceParam(name: 'disable_mode', choices: "NEITHER\nDEST\nSOURCE\nBOTH", description: 'Which Jenkins, if any, to disable jobs on when migrating'),
]),
])

Related

what can I do on Jenkinsfile to get credentials?

I'm new to jenkins and I'm creating a jenkinsfile with a declarative pipeline that supports different parameters. I also need to access to a credential stored in Jenkins, that I created already. How can I access to this credentials though jenkinsfile? do I need to call them inside of the stage or like this is ok? I got very confused in this part :S
I saw something like this on internet:
steps {
withCredentials([usernamePassword(credentialsId: 'x'....
}
Until now I have this:
pipeline {
agent any
environment{
my_credentials = credentials('x-credentials-id')
}
stages{
stage('Setup parameters') {
steps {
parameters([
string(name: 'a', defaultValue: 'x', description: 'test'),
text(name: 'b', defaultValue: ''),
text(name: 'b2', defaultValue: ''),
text(name: 'c', defaultValue: ''),
text(name: 'c2', defaultValue: '')
])
//])
}
}
}
}
From Jenkins documentation.
Jenkins' declarative Pipeline syntax has the credentials() helper
method (used within the environment directive) which supports secret
text, username and password, as well as secret file credentials.
So basically credentials('x-credentials-id') will support the aforementioned credential types and you should be using this helper method within an Environment block. You can use this approach if you want to declare your credentials globally so they can be used anywhere in the pipeline.
example
environment {
AWS_ACCESS_KEY_ID = credentials('jenkins-aws-secret-key-id')
AWS_SECRET_ACCESS_KEY = credentials('jenkins-aws-secret-access-key')
}
For other types, you can use withCredentials directive.(This is coming from Credentials Binding plugin) Both will get the Job done.
withCredentials(bindings: [certificate(credentialsId: 'jenkins-certificate-for-xyz', \
keystoreVariable: 'CERTIFICATE_FOR_XYZ', \
passwordVariable: 'XYZ-CERTIFICATE-PASSWORD')]) {
//
}
Although it says secrettext, username and password etc are not supported with Bind Credentials plugin, you can use WithCredentials for those types as well.
withCredentials([usernamePassword(credentialsId: 'amazon', usernameVariable: 'USERNAME', passwordVariable: 'PASSWORD')]) {
echo "username is $USERNAME"
}
Read more from here and here

How to add radio buttons in Jenkins using groovy when building a job using "Build with parameters"?

I am trying to add radio buttons in Jenkins instead of checkboxes when running Build with Parameters. In my existing code, I am getting checkboxes. What changes should I make in my existing code to get the radio buttons. Below is my groovy code:
def call(Map config = [:]) {
paramsList = []
paramsList << booleanParam(name: 'deployToDev', defaultValue: false, description: 'Set to true to deploy to Dev K8s Environment')
paramsList << booleanParam(name: 'deployToTest', defaultValue: false, description: 'Set to true to deploy to Test K8s Environment')
paramsList << booleanParam(name: 'deployToStage', defaultValue: false, description: 'Set to true to deploy to Stage K8s Environment')
properties([parameters(paramsList)])
}
Please find the below screenshot:
You can achieve that easily using the Extended Choice Parameter which has a built in support for all kinds of selection options including radio buttons.
You can use it as follows:
def call(Map config = [:]) {
paramsList = []
// You can also set the default value using the 'defaultValue' option
paramsList << extendedChoice(name: 'DeployTo', description: 'Select the environment to deploy to', type: 'PT_RADIO', value: 'Dev,Test,Stage', visibleItemCount: 5)
properties([parameters(paramsList)])
}
The result will look like:
You can also use the Active Choices plugin, which is a bit more complicated but has more configuration options, it will also allow you to generate the values from a groovy script.
For example:
properties([parameters(
[[$class: 'ChoiceParameter', name: 'DeployTo', choiceType: 'PT_RADIO', description: 'Select the environment to deploy to', script: [$class: 'GroovyScript', script: [classpath: [], sandbox: false, script: "return ['Dev','Test','Stage']"]]]]
)])

How to add a build selector as a parameter?

I have two jobs:
Build job
Deployment job
I copy the artifacts (jars) generated in the first job to the second job and deploy them to an environment.
properties([
parameters(
[
string(
name: 'buildnumber',
description: 'Buildnumber to deploy'
),
choice(
name: 'env',
choices: ['qa', 'stage', 'prod'],
description: 'Environment where the app should be deployed'
)
]
)
])
node{
stage('Copy artifacts'){
copyArtifacts(projectName: 'my-demo-build-job/master', selector: specific(params.buildnumber))
}
stage('Deploy'){
sh 'Deploying to the specified environment '
}
}
With this I have to manually check the latest/successful builds and put that as a parameter. Is there a way so that we can get a dropdown with all the successful build sorted by build number as a selector from the other job?
You can use the Extended Choice Parameter Plugin for achieving what you want with the help of a groovy script.
You will need to define an extended choice parameter of type Single Select, as a Source for Value choose Groovy Script, and as a groovy script use something like the following:
def job = jenkins.model.Jenkins.instance.getItemByFullName('my-demo-build-job/master')
return job.builds.findResults{
it.result == hudson.model.Result.SUCCESS ? it.getNumber().toInteger() : null
}
This script will go over all the build of the configured job and filter out only the successful builds - which will be returned as the select-list options for the parameter.
The configuration in the pipeline will look like:
properties([
parameters([
extendedChoice(name: 'buildnumber', type: 'PT_SINGLE_SELECT', description: 'Buildnumber to deploy', visibleItemCount: 10, groovyScript:
'''def job = jenkins.model.Jenkins.instance.getItemByFullName('my-demo-build-job/master')
return job.builds.findResults { it.result == hudson.model.Result.SUCCESS ? it.getNumber().toInteger() : null }''',
choice(name: 'env', choices: ['qa', 'stage', 'prod'], description: 'Environment where the app should be deployed'),
])
])

How to programmatically set Authentication Token in Jenkins groovy script?

I'm looking to set the Authentication Token in groovy similar to how I setup other options for the build:
properties([[$class: 'BuildConfigProjectProperty'],
buildDiscarder(logRotator(numToKeepStr: '25')),
parameters([
password(name: 'aws_access_key', defaultValue: 'AWS Access Key', description: 'Enter AWS Access Key ID'),
])])
The field I wish to set (from the UI):
Picture of UI
How does one set this field?

Append to Job properties

My job parameters defined in job-dsl.groovy are overwritten by those defined in pipeline.
I am using job-dsl-plugin and Jenkins pipeline to generate Jenkins job for each git branch. Sine my code is stored in gitLab they require gitLab integration. I am providing that using gitlab-plugin. The problem is with the 'gitLabConnection' it looks like it can be only applied from inside the Jenkins pipeline.
So if in job-dsl I would do:
branches.each { branch ->
String safeBranchName = branch.name.replaceAll('/', '-')
if (safeBranchName ==~ "^release.*")
{
return
}
def branch_folder = "${basePath}/${safeBranchName}"
folder branch_folder
pipelineJob("$branch_folder/build") {
logRotator {
numToKeep 20
}
parameters {
stringParam("BRANCH_NAME", "${safeBranchName}", "")
stringParam("PROJECT_NAME", "${basePath}", "")
{
}
And then in my Jenkins pipeline I would add the 'gitLabConnection'
node('node_A') {
properties([
gitLabConnection('gitlab.internal')
])
stage('clean up') {
deleteDir()
}
///(...)
I have to do it like:
node('node_A') {
properties([
gitLabConnection('gitlab.internal'),
parameters([
string(name: 'BRANCH_NAME', defaultValue: BRANCH_NAME, description: ''),
string(name: 'PROJECT_NAME', defaultValue: PROJECT_NAME, description: '')
])
])
stage('clean up') {
deleteDir()
}
///(...)
So that my BRANCH_NAME and PROJECT_NAME are not overwritten.
Is there another way to tackle this ?
Is it possible to append the 'gitLabConnection('gitlab.internal')' to the properties in the Jenkins pipeline ?
Unfortunately it doesn't seem like there is a way to do this yet. There's some discussion about this at https://issues.jenkins-ci.org/browse/JENKINS-43758 and I may end up opening a feature request to allow people to "append to properties"
There are 2 ways for solving this. The first one uses only Jenkins pipeline code, but if you choose this path the initial job run will most likely fail. This initial fail will happen, because at the time of first job run, the pipeline creates Jenkins job parameters. Once the parameters are created, job will work.
Option '1' - using Jenkins pipeline Only.
In 'Pipeline Syntax'/'Snippet Generator' check:
'This project is parameterised'.
Add parameter(s) you need, and hit 'Generate Pipeline Script'. In my case I get:
properties([
gitLabConnection(gitLabConnection: 'my_gitlab_connection', jobCredentialId: '', useAlternativeCredential: false),
[$class: 'JobRestrictionProperty'],
parameters([
string(defaultValue: 'test', description: 'test', name: 'test', trim: false)
]),
throttleJobProperty(categories: [], limitOneJobWithMatchingParams: false, maxConcurrentPerNode: 0, maxConcurrentTotal: 0, paramsToUseForLimit: '', throttleEnabled: false, throttleOption: 'project')
])
Option '2' - It's more complicated but, also far more powerfull. The one I finally took, because of the issues described above.
Use Jenkins job DSL plugin - https://github.com/jenkinsci/job-dsl-plugin
Gitlab plugin works quite well with it https://github.com/jenkinsci/gitlab-plugin#declarative-pipeline-jobs

Resources