Recently I had to push in a Jenkins Pipeline to a git repository that was only accessible through https with username + password.
Attempts to provide the password in the url like https://user:p@s$w0rd@host.com/ failed, as apparently the password contained already a @ character and thus messed up the url.
A good colleague pointed me to .netrc which apparently is used, as git itself is using curl under the covers. The only problem was, that – from what is publicly documented – the .netrc file has to be in the $HOME folder, which would mean, that all other jobs on the Jenkins instance could also use our credentials.. while in theory possible, its a NOGO in our situation.
In the end, I’ve ended up with this solution.
environment { | |
JENKINS_GIT = credentials('jenkins_svc-git.credentials') | |
} | |
…. | |
stage('Deploy to TEST') { | |
when { | |
branch 'master' | |
expression { | |
input message: 'Deploy to test system?' | |
return true | |
} | |
} | |
options { | |
timeout(time: 10, unit: 'MINUTES') | |
} | |
steps { | |
script { | |
sh "git config –local user.name 'Jenkins CI'" | |
sh "git config –local user.email 'jenkins@acme.com'" | |
sh "git remote set-url origin https://srv.acme.com/bitbucket/scm/proj/repo.git" | |
sh 'echo "machine srv.acme.com\nlogin ${JENKINS_GIT_USR}\npassword ${JENKINS_GIT_PSW}" > .netrc; chmod 600 ./.netrc; ' | |
sh "HOME=`pwd` git push –tags" | |