Search code examples
jenkinsgroovymercurial

How do I list all of my Jenkins credentials in the script console?


I'm trying to get Jenkins to clone my mercurial project from BitBucket. It won't, because it says there's a problem with the credentials - well, bitbucket is refusing whatever it is that Jenkins is providing.

I'm almost 100% sure that Jenkins is not providing what it should be providing, because when I run

hg clone --ssh="ssh -i /path/to/my/key" ssh://[email protected]/my-org/my-repo

It clones a-OK. The contents of /path/to/my/key are what I put in the key in Jenkins' credentials manager. I've verified that it is found in my jenkins credentials.xml file.

And yet, when I try to run my job? Clone fails because

remote: Host key verification failed.

That leads me to believe that the problem is with whatever is getting passed via the mercurial plugin. But I can't see it in the log because it's some sort of masked string and just displays as ******.

So I wanted to make sure that the credentials that are going to the Hg plugin are, in fact, what's present in my credentials.xml file.

So far I've made it to here:

import com.cloudbees.plugins.credentials.CredentialsProvider
import com.cloudbees.plugins.credentials.common.StandardUsernameCredentials


def creds = CredentialsProvider.all()
print creds

Which gives me a list of credentials providers... but I'm not sure where to go next. I've been drowning in documentation trying to figure out how to get at the credential information that I want... but no dice.

(How) can I take what I've got and display a list of my Jenkins credentials in the Groovy script console?


Solution

  • This works very well for me...

    import java.nio.charset.StandardCharsets;
    def creds = com.cloudbees.plugins.credentials.CredentialsProvider.lookupCredentials(
          com.cloudbees.plugins.credentials.Credentials.class
    )
    
    for (c in creds) {
      println(c.id)
      if (c.properties.description) {
        println("   description: " + c.description)
      }
      if (c.properties.username) {
        println("   username: " + c.username)
      }
      if (c.properties.password) {
        println("   password: " + c.password)
      }
      if (c.properties.passphrase) {
        println("   passphrase: " + c.passphrase)
      }
      if (c.properties.secret) {
        println("   secret: " + c.secret)
      }
      if (c.properties.secretBytes) {
        println("    secretBytes: ")
        println("\n" + new String(c.secretBytes.getPlainData(), StandardCharsets.UTF_8))
        println("")
      }
      if (c.properties.privateKeySource) {
        println("   privateKey: " + c.getPrivateKey())
      }
      if (c.properties.apiToken) {
        println("   apiToken: " + c.apiToken)
      }
      if (c.properties.token) {
        println("   token: " + c.token)
      }
      if (c.properties.subscriptionId) {
        println("   subscriptionId: " + c.subscriptionId)
      }
      if (c.properties.clientId) {
        println("   clientId: " + c.clientId)
      }
      if (c.properties.tenant) {
        println("   tenant: " + c.tenant)
      }
      if (c.properties.clientSecret) {
        println("   clientSecret: " + c.clientSecret)
      }
      if (c.properties.plainClientSecret) {
        println("   plainClientSecret: " + c.plainClientSecret)
      }
      println("")
    }