Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-57936

Parameters not expanded in username or password portion of https git URL

    Details

    • Type: Bug
    • Status: Open (View Workflow)
    • Priority: Minor
    • Resolution: Unresolved
    • Component/s: git-client-plugin
    • Labels:
      None
    • Environment:
      Jenkins 2.164.3 git plugin 3.10.0 git-client 2.7.7
    • Similar Issues:

      Description

      When a parameterized job attempts to use the value of the parameter as the username or password of an https based git repository URL, the git client plugin does not expand the parameter reference. If a string parameter USERNAME and a password parameter PASSWORD are defined in either a Freestyle or a Pipeline job, references to those variables are not expanded in the username and password portion of the repository URL.

      https://${USERNAME}:${PASSWORD}@github.com/${USERNAME}/secret-repo.git
      

      becomes:

      https://${USERNAME}:${PASSWORD}@github.com/MarkEWaite/secret-repo.git
      

      Notice that the USERNAME parameter is replaced in some parts of the URL, but not in all parts of the URL.


      Dear Jenkins users,

      I'm use Jenkins 2.164.3 and trying to clone a repository with Git Plugin I get the error " authentication failed", because for some reason git plugin add "%24" in front of my password read from password parameter. 

      I read from ticket JENKINS-20533

      It was an old bug of 5 years ago of very old git plugin, but now should be solved!

      Could you help me? Thanks.

        Attachments

          Activity

          Hide
          piyush_devops piyush sachdeva added a comment -

          Hi Mark,

          Thanks for your reply however, I have tried the approach already but I am still getting the below error

          fatal: could not read Username for 'https://github.xx.com': terminal prompts disabled.

          PS: My Jenkins is running as a Docker container/

          Show
          piyush_devops piyush sachdeva added a comment - Hi Mark, Thanks for your reply however, I have tried the approach already but I am still getting the below error fatal: could not read Username for ' https://github.xx.com ': terminal prompts disabled. PS: My Jenkins is running as a Docker container/
          Hide
          markewaite Mark Waite added a comment -

          piyush sachdeva please don't use a bug report as a place to request help with configuration issues. This bug report describes a failure to expand a parameter in a git URL that is provided to a Freestyle job.

          Your issue is different and should be handled through the user mailing list or the chat system. Many, many users are successfully cloning repositories with GitHub personal access tokens. The most likely problem is a configuration error somewhere in your environment. That's not a bug, it is a configuration error.

          Show
          markewaite Mark Waite added a comment - piyush sachdeva please don't use a bug report as a place to request help with configuration issues. This bug report describes a failure to expand a parameter in a git URL that is provided to a Freestyle job. Your issue is different and should be handled through the user mailing list or the chat system. Many, many users are successfully cloning repositories with GitHub personal access tokens. The most likely problem is a configuration error somewhere in your environment. That's not a bug, it is a configuration error.
          Hide
          piyush_devops piyush sachdeva added a comment -

          Mark Waite, the reason I am commenting on this thread is because the status of this bug is still unresolved and I am facing the exact same issue.

          Show
          piyush_devops piyush sachdeva added a comment - Mark Waite , the reason I am commenting on this thread is because the status of this bug is still unresolved and I am facing the exact same issue.
          Hide
          markewaite Mark Waite added a comment - - edited

          piyush sachdeva if you are passing the GitHub personal access token as a parameter to a job, you're making a mistake. Don't do that.

          Job parameters are visible from the "Parameters" link on the left-hand side of the individual job history. In my case, job #7 shows the parameters which were used to run that job. If a personal access token had been entered into a parameter field to run that job, the value of the personal access token would be visible from that page.

          Please use Jenkins credentials. They are designed to store credentials. They work well with Jenkins plugins. Investigate why your credentials are not working. Don't pass sensitive text as a parameter to a Jenkins job.

          Show
          markewaite Mark Waite added a comment - - edited piyush sachdeva if you are passing the GitHub personal access token as a parameter to a job, you're making a mistake. Don't do that. Job parameters are visible from the "Parameters" link on the left-hand side of the individual job history. In my case, job #7 shows the parameters which were used to run that job. If a personal access token had been entered into a parameter field to run that job, the value of the personal access token would be visible from that page. Please use Jenkins credentials. They are designed to store credentials. They work well with Jenkins plugins. Investigate why your credentials are not working. Don't pass sensitive text as a parameter to a Jenkins job.
          Hide
          piyush_devops piyush sachdeva added a comment -

          Mark Waite, yes that is why I was using Jenkins credential store along with the masked variable but it's not able to resolve the variable. I don't want it to print in Jenkins console output that is why I have posted in this thread(my first comment). I will keep digging into it. 

          Thanks

          Show
          piyush_devops piyush sachdeva added a comment - Mark Waite , yes that is why I was using Jenkins credential store along with the masked variable but it's not able to resolve the variable. I don't want it to print in Jenkins console output that is why I have posted in this thread(my first comment). I will keep digging into it.  Thanks

            People

            • Assignee:
              unrue Gabriele Fatigati
              Reporter:
              unrue Gabriele Fatigati
            • Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

              • Created:
                Updated: