Jenkins Credentials Export

Enterprise 2023-04-17 11:09:54 views: null

Credential Profile

Jenkins needs account password and other information when calling third-party tools such as svn and ssh. If these sensitive information are passed directly in the pipeline script when calling third-party tools, it is both inconvenient and a security risk.

Based on this, Jenkins can store these sensitive information as credentials, and then refer to them by credential ID in the project, which is safe and easy to reuse.

As a Jenkins administrator, in some cases you may lose information such as account passwords, or you do not know some sensitive information, for example, the information is configured by another system administrator. At this time, because the information is encrypted, you cannot directly view the relevant information through Jenkins credential management. If you need to view these sensitive information, you need to use the script command line tool of Jenkins.

It should be noted that Jenkins uses a symmetric encryption algorithm to encrypt strings, and different Jenkins installation instances use different encryption keys. Therefore, the encrypted text of the same content on different Jenkins instances is different.

Credentials export

Jenkins > System Administration > Tools and Actions > Script Command Line

Execute the following script to decrypt and export all credential information:

com.cloudbees.plugins.credentials.SystemCredentialsProvider.getInstance().getCredentials().forEach {

  it.properties.each { prop, val ->

    println(prop + ' = "' + val + '"')

  }

  println("#########################")

}

 

encryption and decryption

Jenkins credentials are stored in the credentials.xml file in the root directory.

 

You can directly take out the ciphertext of the corresponding account for decryption:

Jenkins > System Administration > Tools and Actions > Script Command Line

Encryption (encryption is performed on the string "abcd" in the example):

println(hudson.util.Secret.fromString("abcd").getEncryptedValue())

Decryption (decryption is performed on the ciphertext of the string "abcd" in the example):

println(hudson.util.Secret.fromString("{AQAAABAAAAAQt33hpeqAVUbJtq/BDWocriigjpYDaQJOztbG/tO6JPA=}").getPlainText())

 

Guess you like

Origin blog.csdn.net/Dancen/article/details/125211186
Recommended
NetBSD bans submission of code generated by AI
Ranking
Talk dubbo of LRUCache
Chapter 1 Learning Summary
Introduction to Virtualization
pytorch 调用lstm
Six modules
[8086] The natural number of 1 to 36 into a 6x6 two-dimensional array of line-sequentially, and then print out the lower left half of the triangular array
mybatis mapper mapping file $ # {} {} understanding and
C language input and output buffer
c language floating-point input and output
andorid P version compatible, refer to Huawei
Daily
More
2024-05-18(31)
2024-05-17(6)
2024-05-16(23)
2024-05-15(5)
2024-05-14(9)
2024-05-13(8)
2024-05-12(28)
2024-05-11(32)
2024-05-10(34)
2024-05-09(32)

Code World

© 2018 codetd.com