I have Terraform Ansible script that automates the deployment of a Jenkins server. However, I'd also like to pre-load that server with "Global" environment variables (Found in "Manage Jenkins" > "Configure System" > "Global Properties" > "Environment Variables"). I'm also looking to automatically set a few Jenkins credentials (found in "Manage Jenkins" > "Manage Credentials").
From what I understand, the credentials are stored encrypted in a file called /var/lib/jenkins/credentials.xml. And the global properties might be stored in config.xml in the same Jenkins directory, though the variables don't look very structured. I might be able to parse out the config.xml and add some values. But I'm wondering how I can create an encrypted secret that can be added to the credentials.xml.
Are there any tools or strategies for automating the creation of secrets and environment variables in Jenkins? I'm hoping that there's a better way to automate this other than parsing the xml documents. Any advice is much appreciated.
CodePudding user response:
You shouldn't be manually altering these files. You can use one of the following options to automate Credential and Global variable creation.
How to create Credentials from Jenkins CLI
# Change the following appropriately JENKINS_URL="http://localhost:8080" JENKINS_USER=admin JENKINS_USER_PASS=adminDownload the Jenkins CLI Jar
wget $JENKINS_URL/jnlpJars/jenkins-cli.jarCreate a file named
cred.xmlwith the following content.<com.cloudbees.plugins.credentials.impl.UsernamePasswordCredentialsImpl> <scope>GLOBAL</scope> <id>PassID</id> <username>Username</username> <password>password</password> <description>Description</description> </com.cloudbees.plugins.credentials.impl.UsernamePasswordCredentialsImpl>Create credentials
java -jar jenkins-cli.jar -s $JENKINS_URL -auth $JENKINS_USER:$JENKINS_USER_PASS create-credentials-by-xml system::system::jenkins _ < cred.xmlHow to create credentials with Jenkins Python API
Following is a simple sample to create Global credentials using Jenkins Python API.
from api4jenkins import Jenkins j = Jenkins('http://localhost:8080', auth=('admin', 'admin')) xmlPayload = '''<com.cloudbees.plugins.credentials.impl.UsernamePasswordCredentialsImpl> <id>user-id</id> <username>user</username> <password>upassword</password> <description>user id for testing</description> </com.cloudbees.plugins.credentials.impl.UsernamePasswordCredentialsImpl>''' j.credentials.create(xmlPayload)