I have Jenkins server which builds project, build docker image and push it to Google Container Registry.
I am using service account to login to GCR using command docker login -u _json_key -p "$(cat ${service-account.json})" https://gcr.io as stated here
When this line is executed, content of service-account.json file is printed on console in Jenkins pipeline.
How would I stop credential being printed on console?
The trick is to use the --password-stdin flag.
cat ${service-account.json} | docker login -u _json_key --password-stdin https://gcr.io
Provide a password using STDIN. To run the docker login command non-interactively, you can set the --password-stdin flag to provide a password through STDIN. Using STDIN prevents the password from ending up in the shell’s history, or log-files.
See https://docs.docker.com/engine/reference/commandline/login/
Note: The password file should only include the password, and should not be json encoded.