chriskilding
commented
1 year ago Hi, you are correct that at the moment generic multi-field credentials (stored in JSON) are not natively supported within the plugin; you must use the readJson method instead for that.
If you just want to use the standard credential types (SSH key, username+password, certificate) however, those are supported - see the README for details.
If you use Jenkins Configuration as Code, and you really do need support for arbitrary multi-field credential types outside of the standard ones (e.g. vendor specific credentials which consist of two or more secret fields), you have another option in the form of the https://github.com/jenkinsci/aws-secrets-manager-secret-source-plugin. That plugin is the low-level counterpart of this one and works at the level of casc.yaml.
You mention that you use 'many' secrets per job - how many are you typically using? (Depending on the problem you're running into, there may potentially be a usability limitation with the withCredentials API - which would affect more credentials providers than just this one.)
jjaaskel
What feature do you want to see added?
Under advance usage within the readme it suggests that multi-field credentials support isn't available yet. For us, we use key value secrets within secrets manager (stored as json) and currently use the readJson method. While this is ok if our pipeline only needed 1-2 secrets we however use many. It seems impractical to use withCredentials and readJson on every step that requires secrets. Additionally making the credential string available as an env var seems to me like a fairly big security concern given that the secret could just be echod out with printenv. Is there an alternative I method for using this I am not seeing or is there room for an enhancement of this plugin? thanks.
Upstream changes
No response