I have a variable in environment something like this
PACT_ARGUMENTS = "--pacticipant ${APP_NAME} \
--broker-base-url ${PACT_BROKER_URL} \
--broker-username ${PACT_BROKER_BASIC_CREDENTIALS_USR} \
--broker-password ${PACT_BROKER_BASIC_CREDENTIALS_PSW} \
--version ${GIT_COMMIT}"
I have two stages where I use them like this
stage('Can I Deploy to Dev') {
agent none
steps {
sh 'docker run --rm ${PACT_CLI_IMAGE} broker can-i-deploy ${PACT_ARGUMENTS} --to ${PACT_DEFAULT_ENV}'
}
}
stage('Create Dev Version Tag') {
agent none
steps {
sh 'docker run --rm ${PACT_CLI_IMAGE} broker create-version-tag ${PACT_ARGUMENTS} --tag ${PACT_DEFAULT_ENV}'
}
}
It works fine but I am getting notifications in Jenkins saying that The following steps that have been detected may have insecure interpolation of sensitive variables
The solution that I used to have is
stage('Can I Deploy to Dev') {
agent none
steps {
sh 'docker run --rm ${PACT_CLI_IMAGE} broker can-i-deploy \
--pacticipant ${APP_NAME} \
--broker-base-url ${PACT_BROKER_URL} \
--broker-username ${PACT_BROKER_BASIC_CREDENTIALS_USR} \
--broker-password ${PACT_BROKER_BASIC_CREDENTIALS_PSW} \
--version ${GIT_COMMIT}\
--to ${PACT_DEFAULT_ENV}'
}
}
but I chose to extract few of those arguments because it would be look a bit cleaner. I tried to replace PACT_ARGUMENTS with single quote but it just take the whole thing as a string. Any suggestions how to handle this scenario?
As @daggett suggest here
I replace double quotes to single quotes to PACT_ARGUMENTS variable like this
PACT_ARGUMENTS = '--pacticipant $APP_NAME \
--broker-base-url $PACT_BROKER_URL \
--broker-username $PACT_BROKER_BASIC_CREDENTIALS_USR \
--broker-password $PACT_BROKER_BASIC_CREDENTIALS_PSW \
--version $GIT_COMMIT'
Then I used double quotes for sh like this
stage('Can I Deploy to Dev') {
agent none
steps {
sh "docker run --rm ${PACT_CLI_IMAGE} broker can-i-deploy ${PACT_ARGUMENTS} --to ${PACT_DEFAULT_ENV}"
}
}