I created a powershell script to run DB2 queries in Jenkins

withCredentials([usernamePassword(credentialsId: 'cred-id', usernameVariable: 'ID', passwordVariable: 'PASSWORD')]) {
    $cn = new-object system.data.OleDb.OleDbConnection("Server=Server; Provider=IBMDADB2;DSN=DBName;User Id=$ID;Password=$PASSWORD");
    $ds = new-object "System.Data.DataSet" "ds"
    $q = "myQuery"
    $da = new-object "System.Data.OleDb.OleDbDataAdapter" ($q, $cn)
    $da.Fill($ds) 
    $cn.close()
}

If I run the script and hard code my credentials, it run fine.

With withCredentials(), I am getting the following error: Security processing failed with reason "15" ("PROCESSING FAILURE")

From some research, the error seems to be because DB2 can't handle encrypted data. Is there a way to overcome this error?

EDIT: I tried to add

$SecurePassword = ConvertTo-SecureString $PASSWORD -AsPlainText -Force
$BSTR = [System.Runtime.InteropServices.Marshal]::SecureStringToBSTR($SecurePassword)
$UnsecurePassword = [System.Runtime.InteropServices.Marshal]::PtrToStringAuto($BSTR)

at the beginning of my powershell script, but it still throws the same error even though the credential work fine if used in plain text

CodePudding user response：

If I understand the docs for the Credentials Binding Jenkins plugin correctly, the variables designated in the withCredentials() call become environment variables, so as to enable their use across process boundaries.
Note that the values of these environment variables are not encrypted, so no extra (decryption) effort is required on the part of the target process.

Therefore, you need to use $env:^[1] instead of just $ to refer to these variables in PowerShell:

$cn = new-object system.data.OleDb.OleDbConnection "Server=Server; Provider=IBMDADB2;DSN=DBName;User Id=$env:ID;Password=$env:PASSWORD"

^{[1] See the conceptual about_Environment_Variables help topic.}