Injecting only into specific scopes sounds like a good practice, snippet for the linked plugin:
withCredentials([usernamePassword(credentialsId: 'amazon', usernameVariable: 'USERNAME', passwordVariable: 'PASSWORD')]) {
// available as an env variable, but will be masked if you try to print it out any which way
// note: single quotes prevent Groovy interpolation; expansion is by Bourne Shell, which is what you want
sh 'echo $PASSWORD'
// also available as a Groovy variable
echo USERNAME
// or inside double quotes for string interpolation
echo "username is $USERNAME"
}
We will need this for Transifex automation https://github.com/ipfs/jenkins-libs/pull/28Would something like Credentials Binding Plugin do the trick? (Injecting Secrets into Jenkins Build Jobs)
Injecting only into specific scopes sounds like a good practice, snippet for the linked plugin: