无法在 Jenkins Git 插件中使用安全凭证

Question

I have a Jenkins pipeline in which I am using Git plugin to checkout the pipeline code from a shared library but I am facing the issues as below:

• SSH authentication and password authentication is disabled
• when I am using token with the repository URL in git plugin, it is visible in jenkins console output, is there any way to hide the token value from console output?
• when I am using a secret text as an input parameter, Git plugin not able to resolve the value of it, I have ${TOKEN}, $TOKEN, ${env.TOKEN),"$TOKEN" but its treating $ as some special character and getting the error as below:

fatal: unable to access ' https://%24 {TOKEN}@github.com

Moreover, I have tried using credential binding plugin with Git plugin but I am getting the below error with that

    fatal: could not read Username for 'https://github.xxx.com': terminal prompts disabled

PS: I dont have any such issues in my Enterprise Jenkins version(Cloudbees core), everything seems to be working as expected, I compared every configuration but not able to find anything:(

Thanks, Piyush

Answer 1

Sorry, I should have posted the answer.Yes I was able to resolve the issue using below:

In new version of Git client, the git client uses the GIT_ASKPASS method which creates a temporary script to execute when git ask for credentials during the build.

By default it runs inside Jenkins workspace, which is mounted on a filesystem on 'noexec' mode. We updated the noexec mode to exec and remounted the filesystem on host OS using the command and took the docker restart and now we can use Jenkins credentials for git authentication without any issues.

using mount command, check if your filesystem which Jenkins is using to run the temporary script has been mounted as noexec mode. if yes, remove and option, remount it and take the docker service restart if you were running Jenkins aa docker container.