Passing credentials variables to powershell script in Jenkins - powershell

I am trying to run MATLAB script inside powershell in one of the stages like this
withCredentials([[$class: 'UsernamePasswordMultiBinding', credentialsId: "${myID}", usernameVariable: 'USERNAME', passwordVariable: 'PASSWORD']])
{
script {
env.VAL_RESULT = powershell(script: "matlab -wait -r \"JUsername='$USERNAME';JPassword='$PASSWORD';modelValidation;\"", returnStatus: true)
if(env.VAL_RESULT == "1" ) {
unstable("Failed")
}
}
}
Trying to do this will give a warning in console like
Warning: A secret was passed to "powershell" using Groovy String interpolation, which is insecure.
Affected argument(s) used the following variable(s): [PASSWORD, USERNAME]
See https://jenkins.io/redirect/groovy-string-interpolation for details.
In-order to solve the warning, I had to encapsulate powershell scripts within single quotes like
withCredentials([[$class: 'UsernamePasswordMultiBinding', credentialsId: '${myID}', usernameVariable: 'USERNAME', passwordVariable: 'PASSWORD']])
{
script {
env.VAL_RESULT = powershell(script: 'matlab -wait -r \"JUsername='$USERNAME';JPassword='$PASSWORD';modelValidation;\"', returnStatus: true)
if(env.VAL_RESULT == "1" ) {
unstable("Failed")
}
}
}
Now the script doesn't exit. I believe that there is something wrong with the way I have used single quotes in JPassword='$PASSWORD'. Can anyone tell me if there is a way to escape single quote?

Related

How to view script output (specifically PowerShell) from a Jenkinsfile?

I'm pretty new to Jenkins, so not totally clear on how to assign/read variables.
I have a jenkinsfile with a couple stages and a bunch of steps. In one of the steps, I want to run a PowerShell script but it isn't accomplishing the intent. The problem is, when I'm in Jenkins and I go to the Console Output to troubleshoot why the PowerShell script isn't working, I don't see any of the output from the powershell script, I just see this:
[Pipeline] {
[Pipeline] powershell (Test PowerShell Script)
[Pipeline] }
Here's a trimmed-down version of my code:
stages {
stage('Stage 1') {
agent { node {
label "Windows"
customWorkspace "D:\\Path"
}}
steps {
dir('Directory') {
withCredentials(
[usernameColonPassword(
credentialsId: 'credential1',
variable: 'BasicCred'
)]
) {
powershell(
label: 'Test PowerShell Script',
returnStdout: true,
script: 'echo Test'
)
}
}
}
}
}
I tried using the code provided in this Jenkins article:
steps {
dir('Directory') {
withCredentials(
[usernameColonPassword(
credentialsId: 'credential1',
variable: 'BasicCred'
)]
) {
def msg = powershell(
label: 'Test PowerShell Script',
returnStdout: true,
script: 'echo Test'
)
println msg
}
}
}
This threw an error:
WorkflowScript: 135: Expected a step # line 135, column 25.
def msg = powershell(
^
I also tried putting it inside a node:
steps {
dir('Directory') {
node {
withCredentials(
[usernameColonPassword(
credentialsId: 'credential1',
variable: 'BasicCred'
)]
) {
def msg = powershell(
label: 'Test PowerShell Script',
returnStdout: true,
script: 'echo Test'
)
println msg
}
}
}
}
But it threw an error that the node is missing a label, and when I tried adding a label it threw another error.
So what's the right way to go about this? I just want to capture the output from the PowerShell script and see it so I can troubleshoot why it isn't working.

Not able to run an exe in jenkins pipeline using powershell

I am trying to execute a process which is written in c# through jenkins pipeline during the build and deployment process.
It is a simple executable which takes 3 arguments, when it gets called from jenkins pipeline using a powershell function it doesn't write any logs which are plenty within the code of this exe, also it does not show anything on the pipeline logs as to what happened to this process. Whereas the logs output is clean before and after the execution of this process i.e. "Started..." & "end" gets printed in the jenkins build log.
When i try to run the same exe on a server directly with the same powershel script it runs perfectly fine. Could you please let me know how can i determine whats going wrong here or how can i make the logs more verbose so i can figure out the root cause.
Here is the code snippet
build-utils.ps1
function disable-utility($workspace) {
#the code here fetches the executable and its supporting libraries from the artifactory location and unzip it on the build agent server.
#below is the call to the executable
Type xmlPath #this prints the whole contents of the xml file which is being used as an input to my exe.
echo "disable exe path exists : $(Test-Path ""C:\Jenkins\workspace\utils\disable.exe"")" // output is TRUE
echo "Started..."
Start-Process -NoNewWindow -Filepath "C:\Jenkins\workspace\utils\disable.exe" -ArgumentList "-f xmlPath 0" #xmlPath is a path to a xml file
echo "end."
}
jenkinsfile
library {
identifier: 'jenkins-library#0.2.14',
retriever: legacySCM{[
$class: 'GitSCM',
userRemoteConfigs: [[
credtialsId: 'BITBUCKET_RW'
url: <htps://gitRepoUrl>
]]
]}
}
def executeStep(String stepName) {
def butil = '.\\build\\build-utils.ps1'
if(fileExists(butil))
{
def status = powershell(returnStatus: true, script: "& { . '${butil}'; ${stepName}; }")
echo status
if(status != 0) {
currentBuild.Result = 'Failure'
error("$StepName failed")
}
}
else
{
error("failed to find the file")
}
}
pipeline {
agent {
docker {
image '<path to the docker image to pull a server with VS2017 build tools>'
lable '<image name>'
reuseNode true
}
}
environment {
#loading the env variables here
}
stages {
stage {
step {
executeStep("disable-utility ${env.workspace}")
}
}
}
}
Thanks a lot in advance !
Have you changed it ? go to Regedit [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System Set "EnableLUA"= 0

how to pass variable from powershell script to an other step?

I use Jenkins and pipeline Jenkinsfile with a Windows agent. I want set a veriable from powershell in a 1st step and use this value in a 2nd step after.
my pipeline is:
def MSVERSION
pipeline {
stages {
stage('Clean workspace') {
steps {
deleteDir()
}
}
stage('package') {
steps {
script {
def stdout = powershell(returnStdout: true, script: '''
$MSVERSION="1234"
write-host "MSVERSION is $MSVERSION"
''')
println stdout
}
}
}
stage('deploy') {
steps {
script {
bat 'echo MSVERSION is ${MSVERSION}'
}
bat 'echo MSVERSION is ${MSVERSION}'
}
}
}
}
but my result is:
MSVERSION is 1234
MSVERSION is ${MSVERSION}
MSVERSION is ${MSVERSION}
EDIT
I find a workaroud but is not my question today:
in powershell I write a var.propertie file:
set-Content -path "var.properties" -Value "MSVERSION=$($VERSION)"
and in my script I read this var.properties file:
properties = readProperties file: 'var.properties'
echo "MSVERSION is ${properties.MSVERSION}"
bat 'echo MSVERSION is ${MSVERSION}'
does not do string interpolation, but this does:
bat "echo MSVERSION is ${MSVERSION}"

Pass bool param to a powershell script in Jenkinsfile multiline parameterised pipeline

In my Jenkinsfile I have something like:
def addDollar(param) {
return "\$" + param
}
parameters {
booleanParam(
defaultValue: false,
name: 'FORCE_UPGRADE'
)
}
environment {
FORCE_UPGRADE = addDollar(params.FORCE_UPGRADE)
}
stages {
stage('Test') {
steps {
powershell script: ".\\test.ps1 -forceUpgrade ${env:FORCE_UPGRADE}"
}
}
stage('Test Multiline') {
steps {
powershell script: '''
.\\test.ps1 `
-forceUpgrade $env:FORCE_UPGRADE
'''
}
}
}
and the powershell script is
param (
[Parameter(Mandatory=$true)][boolean]$forceUpgrade=$false
)
if($forceUpgrade) {
Write-Host "Forcing upgrade"
}
This jenkins stage Test works as expected but Test Multiline erorrs with ParameterBindingArgumentTransformationException:
Cannot process argument transformation on parameter 'forceUpgrade'. Cannot convert value "System.String" to type "System.Boolean". Boolean parameters accept only Boolean values and
numbers, such as $True, $False, 1 or 0.
I get the same error if I run
.\test.ps1 -forceUpgrade false rather than
.\test.ps1 -forceUpgrade $false
Any ideas how to get the Jenkins Test Multiline stage working? I have a script where i need to pass a number of args, would be ideal to prevent horizontal scrolling using multiline powershell
Change the powershell input to a [string] instead of a [boolean]
[string]$forceUpgrade = $false
you will still be able to use the $forceUpgrade variable as a bool in the conditional in the powershell also.

Unable to checkout SVN repo using Puppet

I am trying to checkout code from SVN repo for which I am accepting the URL as argument. I have quoted the URL as shown below because it contains spaces. I also checked the parameter by redirecting the $svn_url in file (shown below). If I pick the URL from the file and pass it as is on the command line to the given script, it works fine but somehow when invoked from Puppet, it's not working.
Puppet manifests:
repo_checkout.pp:
define infra::svn::repo_checkout ($svn_url_params) {
$svn_url = $svn_url_params[svn_url]
include infra::params
$repo_checkout_ps = $infra::params::repo_checkout_ps
file { $repo_checkout_ps:
ensure => file,
source => 'puppet:///modules/infra/repo_checkout.ps1',
}
util::executeps { 'Checking out repo':
pspath => $repo_checkout_ps,
argument => "\'\"$svn_url\"\'",
}
}
params.pp:
$repo_checkout_ps = 'c:/scripts/infra/repo_checkout.ps1',
site.pp:
$svn_url_ad = {
svn_url => 'https:\\\\some_repo.abc.com\svn\dir with space\util',
}
infra::svn::repo_checkout { "Checking out code in C:\build":
svn_url_params => $svn_url_ad
}
executeps.pp:
define util::executeps ($pspath, $argument) {
$powershell = 'C:/Windows/System32/WindowsPowerShell/v1.0/powershell.exe -NoProfile -NoLogo -NonInteractive'
exec { "Executing PS file \"$pspath\" with argument \"$argument\"":
command => "$powershell -file $pspath $argument",
timeout => 900,
}
}
PowerShell code:
$svn_url = $args[0]
Set-Location C:\build
echo "svn co --username user --password xxx --non-interactive '$svn_url'" | Out-File c:\svn_url
svn co --username user --password xxx --non-interactive '$svn_url'
Puppet output on agent node:
Util::Executeps[Checking out repo]/Exec[Executing PS file "c:/scripts/infra/repo_checkout.ps1" with argument "'"https:\\some_repo.abc.com\svn\dir with space\util"'"]/returns: executed successfully
Notice: Applied catalog in 1.83 seconds
Content of c:\svn_url:
'https:\\\\some_repo.abc.com\svn\dir with space\util'
UPDATE: Sorry for the confusion but i was trying out several permutations and combinations and in doing that, i forgot to mention that when the $svn_url contains backslash (\), it does NOT work on the command line too if i copy the SVN URL from the text file where i am redirecting the echo output.
Based on #Ansgar's suggestion, i changed '$svn_url' to "$svn_url" in powershell code but the output in text file then contained ' quote twice around the URL. So i changed the argument parameter from "\'\"$svn_url\"\'" to "\"$svn_url\"". Now the output file had only single quote present around the URL. I copied only the URL (along with single quotes around it) from the output file and tried passing it to the powershell script. I now get the following error:
svn: E020024: Error resolving case of 'https:\\some_repo.abc.com\svn\dir with space\util'
Another thing to note is that if i change the back slashes in URL to forward slashes, it works fine on the command line. Invoking from Puppet still doesn't work.
Posting the final configuration that worked out for me based on #AnsgarWiechers' suggestion.
[tom#pe-server] cat repo_checkout.pp
define infra::svn::repo_checkout ($svn_url_params) {
$svn_url = $svn_url_params[svn_url]
...
...
util::executeps { 'Checking out repo':
pspath => $repo_checkout_ps,
argument => "\"$svn_url\"",
}
}
[tom#pe-server] cat repo_checkout.ps1
$svn_url = $args[0]
Set-Location C:\build
svn co --username user --password xxx --non-interactive "$svn_url"
[tom#pe-server] cat params.pp
$repo_checkout_ps = 'c:/scripts/infra/repo_checkout.ps1',
[tom#pe-server] cat site.pp
$svn_url_ad = {
svn_url => 'https://some_repo.abc.com/svn/dir with space/util',
}
infra::svn::repo_checkout { "Checking out code in C:\build":
svn_url_params => $svn_url_ad
}
Thanks a lot #AnsgarWiechers! :)
Note:
In site.pp: Used forwardslashes (/) when specifying svn_url
In repo_checkout.ps1: Changed '$svn_url' to "$svn_url"
In repo_checkout.pp: Changed double-nested (' and ") quoting in argument to single (") nested i.e., from "\'\"$svn_url\"\'" to "\"$svn_url\""