团队, 我想根据所选的选择设置凭据。有什么提示如何实现这一点吗?
parameters {
choice( choices: ['ChooseOne', 'team1', 'team2',], name: 'JenkinsInstance')
}
steps {
container('main') {
withCredentials([[$class: 'VaultUsernamePasswordCredentialBinding', credentialsId: 'jenkins-team1-api-token' , passwordVariable: 'JENKINS_USER_TOKEN', usernameVariable: 'JENKINS_USERNAME']]) {
sh '''
echo "Creating UsernamePassword credentials ID..."
src/jenkins/jenkins-build-agent/create-creds.sh
'''.stripIndent()
}
}
}
}
我想要的是,如果选择 team2,则加载其他信用。
steps {
container('main') {
if choice.param == team1
withCredentials([[$class: 'VaultUsernamePasswordCredentialBinding', credentialsId: 'jenkins-team1-api-token' , passwordVariable: 'JENKINS_USER_TOKEN', usernameVariable: 'JENKINS_USERNAME']])
if choice.param == team2
withCredentials([[$class: 'VaultUsernamePasswordCredentialBinding', credentialsId: 'jenkins-team2-api-token' , passwordVariable: 'JENKINS_USER_TOKEN', usernameVariable: 'JENKINS_USERNAME']])
{
sh '''
echo "Creating UsernamePassword credentials ID..."
src/jenkins/jenkins-build-agent/create-creds.sh
'''.stripIndent()
}
}
}
}
你应该能够做得更简单:
parameters {
choice name: 'JenkinsInstance',
choices: ['ChooseOne', 'team1', 'team2']
}
// ...
steps {
container('main') {
withCredentials(
[[
$class: 'VaultUsernamePasswordCredentialBinding',
credentialsId: "jenkins-${params.JenkinsInstance}-api-token",
passwordVariable: 'JENKINS_USER_TOKEN',
usernameVariable: 'JENKINS_USERNAME'
]]
) {
sh script: 'src/jenkins/jenkins-build-agent/create-creds.sh',
label: 'Creating UsernamePassword credentials ID...'
}
}
}
请注意
credentialsId
值周围的双引号。
在默认用户名/密码凭据类型(不是 Hashicorp Vault 的)的情况下,如果您可以修改 shell 脚本以使用
<credential_variable_name>_USR
和 <credential_variablw_name>_PSW
变量,这会变得更加简单:
environment {
JENKINS_CREDENDIALS = credentials("jenkins-${params.JenkinsInstance}-api-token")
}
// ...
steps {
container('main') {
{
sh script: 'src/jenkins/jenkins-build-agent/create-creds.sh',
label: 'Creating UsernamePassword credentials ID...'
}
}
}
另请注意使用
label
步骤的 sh
参数,而不是在脚本中调用 echo
,这样更干净。