Задача – добавить и запушить тег после билда, используя логин:пароль репозитория, которые добавлены в Credentials Binding Plugin.
Само решение достаточно костыльное, но рабочее.
Главная проблема в том, что Jenkins маскирует пароль ****.
Т.е. при вызове:
... withCredentials([usernamePassword(credentialsId: 'git', usernameVariable: 'USERNAME', passwordVariable: 'PASSWORD')]) { sh "echo pass $PASSWORD" sh "echo user $USERNAME" } ...
В результате получим ****:
[EU-api-dev-build] Running shell script
+ echo pass ****
pass ****
[Pipeline] sh
[EU-api-dev-build] Running shell script
+ echo user ****
user ****
Решение нашлось в баге, который был открыт ещё в 2016 году – https://issues.jenkins-ci.org/browse/JENKINS-38181.
Сохраняем значения в переменные, и используем их вне блока withCredentials
, теперь функция польностью выглядит так:
def git_set_tag() { stage('Set tag') { withCredentials([usernamePassword(credentialsId: 'git', usernameVariable: 'USERNAME', passwordVariable: 'PASSWORD')]) { password = env.PASSWORD user = env.USERNAME sh "echo pass $PASSWORD" sh "echo user $USERNAME" } echo "PASS ${password}" echo "USER ${user}" } }
И её выполнение:
[Pipeline] stage
[Pipeline] { (Set tag)
[Pipeline] withCredentials
[Pipeline] {
[Pipeline] sh
[EU-api-dev-build] Running shell script
+ echo pass ****
pass ****
[Pipeline] sh
[EU-api-dev-build] Running shell script
+ echo user ****
user ****
[Pipeline] }
[Pipeline] // withCredentials
[Pipeline] echo
PASS zd%%%ML
[Pipeline] echo
USER svc.lon%%%
[Pipeline] }
[Pipeline] // stage
[Pipeline] }
[Pipeline] // withEnv
[Pipeline] }
[Pipeline] // node
[Pipeline] End of Pipeline
Finished: SUCCESS
Осталось добавить тег, обновить .git/config
, что бы добавить логин:пароль, и запушить тег в репозиторий:
def git_set_tag() { stage('Set tag') { withCredentials([usernamePassword(credentialsId: 'git', usernameVariable: 'USERNAME', passwordVariable: 'PASSWORD')]) { gitPassword = env.PASSWORD gitUser = env.USERNAME } sh 'git config user.email "[email protected]"' sh 'git config user.name "TAG Jenkins"' sh 'git tag -a ${BUILD_NUMBER} -m "branch: ${REPO_API_BRANCH} environment: ${ENVIRONMENT}"' sh 'git tag' sh 'git show ${BUILD_NUMBER}' sh 'cat .git/config' sh "git remote set-url origin https://${gitUser}:${gitPassword}@bitbucket.domain.tld/scm/lontag/tag-server-api.git" sh 'cat .git/config' sh 'git push origin ${BUILD_NUMBER}' } }
Результат:
[Pipeline] stage
[Pipeline] { (Set tag)
[Pipeline] withCredentials
[Pipeline] {
[Pipeline] }
[Pipeline] // withCredentials
[EU-api-dev-build] Running shell script
+ git config user.email [email protected]
[Pipeline] sh
[EU-api-dev-build] Running shell script
+ git config user.name TAG Jenkins
[Pipeline] sh
[EU-api-dev-build] Running shell script
+ git tag -a 593 -m branch: develop environment: dev
[Pipeline] sh
[EU-api-dev-build] Running shell script
+ git tag
591
592
593
[Pipeline] sh
[EU-api-dev-build] Running shell script
+ git show 593
tag 593
Tagger: TAG Jenkins <[email protected]>
Date: Wed Apr 25 10:34:30 2018 +0000branch: develop environment: dev
commit 6c4e987390c011f3a9b4dccda03c1e0bb9a75f34
Merge: 5d4d747 97003ee
Author: *** <***>
Date: Thu Apr 12 16:28:34 2018 +0000Merge pull request #31 in LON/tag-deployment from bugfix/LTH-4898 to develop
* commit ‘97003ee56d7ff30518b7d704e799014a5bb6d05f’:
LTH-4898 build all flavors[Pipeline] sh
[EU-api-dev-build] Running shell script
+ cat .git/config
[core]
repositoryformatversion = 0
filemode = true
bare = false
logallrefupdates = true
[remote “origin”]
url = https://bitbucket.domain.tld/scm/lontag/tag-deployment.git
fetch = +refs/heads/*:refs/remotes/origin/*
[user]
email = [email protected]
name = TAG Jenkins
[Pipeline] sh
[EU-api-dev-build] Running shell script
+ git remote set-url origin https://gituser:[email protected]/scm/lontag/tag-server-api.git
[Pipeline] sh
[EU-api-dev-build] Running shell script
+ cat .git/config
[core]
repositoryformatversion = 0
filemode = true
bare = false
logallrefupdates = true
[remote “origin”]
url = https://gituser:[email protected]/scm/lontag/tag-server-api.git
fetch = +refs/heads/*:refs/remotes/origin/*
[user]
email = [email protected]
name = TAG Jenkins
[Pipeline] sh
[EU-api-dev-build] Running shell script
+ git push origin 593
To https://gituser:[email protected]/scm/lontag/tag-server-api.git
* [new tag] 593 -> 593
[Pipeline] }
[Pipeline] // stage
[Pipeline] }
[Pipeline] // withEnv
[Pipeline] }
[Pipeline] // node
[Pipeline] End of Pipeline
Finished: SUCCESS
Готово.