I have a python project that I'm using pytest with integration to Report Portal.
I execute the tests from Jenkins (freestyle project).
In order to to get the user name for each session in Report Portal, I need to know the Report Portal access_token of the user.
After finding those, I added to Jenkins for each user a secret text with the ID as the user Jenkins BUILD_USER_ID.
Next, In the Jenkins configure page, I clicked on Use secret text(s) or file(s) under Build Environment
Then clicked on Add and Secret text.
I called the Variable RP_UUID.
And set Credentials to Parameter expression.
Jenkins gave me a hint:
A valid parameter expression consists of the parameter name enclosed
within ${ and }
I tried to set this filed to be ${ BUILD_USER_ID }, but I got the following error:
Rebuilds build #17
Running as SYSTEM
Building remotely on Automation in workspace /var/lib/jenkins/workspace/test
[WS-CLEANUP] Deleting project workspace...
[WS-CLEANUP] Deferred wipeout is used...
[WS-CLEANUP] Done
ERROR: Could not find credentials entry with ID '${ BUILD_USER_ID }'
Finished: FAILURE
I tried all sorts of things, but it seems that Jenkins in this stage doesn't recognize any variable name.
Any idea how to resolve this, or any different approach?
p.s.
The field Set Jenkins user build variables is ticked.
See JENKINS-36470 the only parameter type that can be expanded in the Parameter expression section is a Credentials Parameter. All other parameters are not supported.
So if you want to use this mechanism you must define the input parameter as a Credentials type:
You'd probably need to set "Run as SYSTEM" in Access Control for Builds at
https://jenkins-url/configureSecurity
When I used "Run as SYSTEM" just for "Project default Build Authorization" it didn't work. Once I set it also under "Per-project configurable Build Authorization" - Then the triggered job could evaluate the parameter expression for the credentials bindings.
Related
In a Jenkins Freestyle Job Config, I am trying to use "Build Steps -> Changes Build Description" to provide a URL to an external website where I have stored build artifacts.
From the job config inline help for "Build Steps -> Changes Build Description" for Freestyle Jobs:
Normally, build description is empty, but it can be changed by setting what name new build gets. This field can contain macros.
But attempting to do a Token Macro transform in that field produces an error, despite documentation indicating that the transform is supported.
Jenkins Version : CloudBees CI Managed Controller 2.361.3.2-rolling
Plugin Version : Token Macro Plugin Version 308.v4f2b_ed62b_b_16
Assume the following Build Parameters:
PARAM1=my_job
PARAM2=test_param_22_01_03
I want to use the last 8 characters of a Build Parameter to form the URL to supply in the Build Description, e.g. :
Link to Artifacts
Per Jenkins Documentation on Token Transforms , the PARAM2 token macro transform above is documented as supported, but in my console log, I see:
Failed to evaluate description macro:org.jenkinsci.plugins.tokenmacro.MacroEvaluationException: Error processing tokens
If I specify just the parameters ${PARAM1} and ${PARAM2} with No Token Transform, e.g:
Link to Artifacts
All works OK, but as soon as I attempt to extract a substring from PARAM2, I get the error above. What am I doing wrong?
I have a job to be triggered by developers where they have to put their AD's before triggering build. But thoes passwords are displayed on console output. I have tried mask passwords plugin. But the problem is I cannot store all developers AD's in job configuration.
Please suggest me any solution.
Please find below my findings with solution [without using Mask Passwords plugin]:
Brief Description about my jenkins job:
I wrote a job which downloads the artifacts from Nexus based on the parameters given at run-time and then makes a Database SQL connection and deploy the SQL scripts using maven flyway plugin. My job takes - Environment, Database Schema, Artifact version number, Flyway command, Database User and it's password as input parameters.
Brief Background about problem:
While passing the PASSWORD as MAVEN GOAL (Parameter), it was coming in Jenkins Console as a plain text.
Although I was using "Password Parameter" to pass the password at run-time but then also it was coming as plain text in console.
I tried to use the "secret text" to encrypt the password but then my job started failing because the encrypted password was getting passed to Maven Goals, which was not able to connect to DB.
Solution:
I used "Inject passwords to the build as environment variables" from Build Environment and defined its value as my "password parameter" (my password parameter name was db_password) which I am passing as parameter at run-time (eg.: I defined my inject password value as : ${db_password} ).
And this is working as expected. The password which I am passing while running my job is coming as [*******]
[console log:
Executing Maven: -B -f /work/jenkins_data/workspace/S2/database-deployment-via-flyway-EDOS/pom.xml clean compile -Ddb=UAT_cms_core -DdatabaseSchema=cms-core -Dmode=info -DdeploymentVersion=1.2.9 -Ddb_user=DB_USER -Ddb_password=[*******]
]
Regards,
Rohit Rajpoot
Here's an answer I just came across in the Jenkins documentation:
Normally you will start your script with
set +x
so that commands you run are not echoed to the log, in case you
mention the values of secrets in those commands.
I have GitLab Community Edition 8.15.2 successfully trigger pipeline projects in Jenkins 2.32.1 using a webhook. I want the gitlab push to trigger a build with parameters but the parameter value is null when it comes through so the build fails.
The gitlab webhook looks like:
http://jenkins.server:8080/project/project-a/buildWithParameters?MYPARAM=foo
In my pipeline project I echo the parameter value out with
echo "MYPARAM: ${MYPARAM}"
and it's not set to anything. Any ideas on where I've gone wrong?
UPDATE
The actual code I'm using in the pipeline is:
node {
try {
echo "VM_HOST: ${VM_HOST}"
echo "VM_NAME: ${VM_NAME}"
stage('checkout') {
deleteDir()
git 'http://git-server/project/automated-build.git'
}
stage('build') {
bat 'powershell -nologo -file Remove-MyVM.ps1 -VMHostName %VM_HOST% -VMName "%VM_NAME%" -Verbose'
}
...
}
}
The parameter VM_HOST has a default value but VM_NAME doesn't. In my Console output in Jenkins I can see:
[Pipeline] echo
VM_HOST: HyperVHost
[Pipeline] echo
VM_NAME:
I have been struggling with this for weeks. I had it working once, but I couldn't get it to work again, untill today. And the solution was mindblowingly obvious ofcourse...
Automatically for each pipeline job I ticked the following box:
Build when a change is pushed to GitLab. GitLab CI Service URL:
http://jenkins.dev:8080/project/MyProject
Then from GitLab I used the webhook to trigger the above.
Like you I tried to add /buildWithParameters and tried many other things that didn't work.
The problem was, I ticked the wrong checkbox!
Since I trigger the build from a GitLab webhook, the above checkbox (build when a...) does not have to be checked at all.
What needs to be checked is:
Trigger builds remotely (e.g., from scripts)
That checkbox provides you with a new URL:
Use the following URL to trigger build remotely:
JENKINS_URL/job/MyProject/build?token=TOKEN_NAME or
/buildWithParameters?token=TOKEN_NAME
Like all the documentation I came along states and as you can see, the URL now no longer starts with /project, but with /job instead!
So tick that box and change your URL accordingly:
http://jenkins.server:8080/**job**/project-a/buildWithParameters?token=TOKEN_NAME&MYPARAM=foo
Least I want to mention the token:
In the GitLab webhook there is a seperate field for "token", which states:
Use this token to validate received payloads. It will be sent with the request in the X-Gitlab-Token HTTP header.
So, the token provided there will be sent along the request as a HTTP header.
This is the token which can be provided globally in the Jenkins setup.
The token you must provide in the Jenkins job when ticking the box Use the following URL to trigger build remotely must be send in the URL as GET parameter, just like the example shows.
Final note: personally I have never got this working completely, because I don't get the Jenkins CSRF protection off my back. Disabling it gives me another error. However, hopefully the above does fix the problem for you and others.
GitLab plugin does not allow you to pass arbitrary parameters. In their project there is an open issue for it that deserves to be upvoted.
My convoluted solution was to use the desired values for the push trigger as the default parameters of the job. Then I used the Parameterized Scheduler plugin to use other values in the scheduled executions.
The problem is that I got a bad usability for the job when it was manually run, since the default parameters were appropriate for the push hook.
I found the solution here https://www.jittagornp.me/blog/jenkins-gitlab-webhook/
I verified it with Jenkins 2.263.1 and GitLab Community Edition 13.6.1
Your webhook url will look like
https://hunter:11a403302a4f01b9b4975c0ac27441a5cc#jenkinsservername.com/job/yourjenkinsproject/buildWithParameters?token=Aju9ryHUu6t7W8wLSeCWtY2bWjzQduYNPyY7B3gs&yourparam=yourvalue
"hunter" ist your username in Jenkins.
The following is the Jenkins API Token you have to create in your Jenkins User Managment independent of the project.
The last Token is the one you specify in the jenkins project options under "Trigger builds remotely (e.g., from scripts)"
The last thing is to add your Parameter and value to the url with ¶m=value
I have a jenkins job that runs some tests and promotes the build if all tests pass.
I then have a second job that has a 'Promoted build parameter' which is used for deployments.
THe idea is that the deply job should let you pick one of the prompted builds for deploying. The issue I'm having is that I can pick a promoted build, but I have not idea how I access information about the build.
I've named the build parameter
SELECTED_BUILD
And according to the docs this should then be available via the environment.
The problem is that it doesn't seem to be bound to anything.
If I run a build step to exectute this sheel script:
echo $SELECTED_BUILD
echo ${SELECTED_BUILD}
The values are not interpolated / set.
Any idea how I can access the values of this param?
Many Thanks,
Vackar
Inject the information as variable user jenkins plugin (eject evn variable).
while triggering parameterized build on other job, pass above variable as parameter to next job.
I have a Jenkins job that is doing the following (amongst other things):
Read user input for ENVIRONMENT and SERVERTYPE
Inject environment variable AGENT (initially blank) as a build step to create
a new variable
Execute shell as a build step to populate AGENT, based on what was entered
in ENVIRONMENT and SERVERTYPE
Use AGENT as an input to a plugin as a post build action
The problem is that the value of AGENT doesn't seem to persist outside of the "execute shell" build step. When I try and pass it into the post build action plugin, it's still blank.
Can anyone point out what am I doing wrong? I have read the documentation, but can't seem to figure it out.
Your problem is that whatever variables you set in the shell script, they don't make it out.
This is true for any process: child process (your shell script) can never directly affect environment of parent process (Jenkins executor client).
If you need the data to persist, you need to store it outside the script; there are many options like uploading it to a server or storing it in a database, the most obvious and easiest option is to save it to a file.
You can even save the value to a "properties file" in the syntax supported by EnvInject and specify path in "Properties File Path" field.
You need to populate properties file with the values of the environment variables to be injected again, so they will survive until post-build actions. The properties file usually resides in the job's workspace.
For example use the following steps:
Build step "Execute shell" :
AGENT="My agent"
echo AGENT=$AGENT > my.properties
Build step: "Inject environment variables",
Field "Properties File Path":
$WORKSPACE/my.properties
Post-Build Actions: "Editable Email Notification", Field "Default Content":
Current Agent $AGENT
Or ${ENV, var="AGENT"}