Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-43872

Dollar signs in credentials or literal value env vars cause issues in environment in Declarative

    Details

    • Similar Issues:

      Description

      I'm still figuring out all the details, but if you've got an environment directive like this:

      environment {
        SOME_VAR = credentials('some-creds')
        SOME_OTHER_VAR = "Look, I contain ${SOME_VAR}"
      }
      

      where SOME_VAR ends up containing something like $VARIABLES somewhere in it, you get an error like:

      [test1 #1] groovy.lang.MissingPropertyException: No such property: VARIABLES for class: groovy.lang.Binding
      [test1 #1] 	at groovy.lang.Binding.getVariable(Binding.java:63)
      [test1 #1] 	at org.jenkinsci.plugins.scriptsecurity.sandbox.groovy.SandboxInterceptor.onGetProperty(SandboxInterceptor.java:224)
      [test1 #1] 	at org.kohsuke.groovy.sandbox.impl.Checker$4.call(Checker.java:241)
      [test1 #1] 	at org.kohsuke.groovy.sandbox.impl.Checker.checkedGetProperty(Checker.java:238)
      [test1 #1] 	at com.cloudbees.groovy.cps.sandbox.SandboxInvoker.getProperty(SandboxInvoker.java:28)
      [test1 #1] 	at com.cloudbees.groovy.cps.impl.PropertyAccessBlock.rawGet(PropertyAccessBlock.java:20)
      [test1 #1] 	at Script1.run(Script1.groovy:1)
      [test1 #1] 	at org.jenkinsci.plugins.pipeline.modeldefinition.ModelInterpreter.withEnvBlock(/Users/abayer/IdeaProjects/pipeline-config-plugin/pipeline-model-definition/target/classes/org/jenkinsci/plugins/pipeline/modeldefinition/ModelInterpreter.groovy:216)
      [test1 #1] 	at org.jenkinsci.plugins.pipeline.modeldefinition.ModelInterpreter.call(/Users/abayer/IdeaProjects/pipeline-config-plugin/pipeline-model-definition/target/classes/org/jenkinsci/plugins/pipeline/modeldefinition/ModelInterpreter.groovy:75)
      [test1 #1] 	at org.jenkinsci.plugins.pipeline.modeldefinition.ModelInterpreter.inDeclarativeAgent(/Users/abayer/IdeaProjects/pipeline-config-plugin/pipeline-model-definition/target/classes/org/jenkinsci/plugins/pipeline/modeldefinition/ModelInterpreter.groovy:361)
      ...
      

      Additionally, a $ on its own gets you a different error, but the underlying problem is the same - we're not escaping things properly.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                abayer Andrew Bayer
                Reporter:
                abayer Andrew Bayer
              • Votes:
                1 Vote for this issue
                Watchers:
                5 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: