Closed bsloan-icl closed 11 months ago
I can't see anything wrong from a glance.
Can you retrieve it fine from the CLI, copying and pasting exactly from the Jenkins config?
I think the issue is that it's missing a "/" before "secrets/" in the passphrase variable. The URL specified in our config is https://name-of-keyvault.vault.azure.net with no "/" on the end. If we add a trailing "/" to the end of the URL, the passphrase is retrieved successfully.
The documentation doesn't explicitly state a trailing "/" is required so it would be easy for end users to miss.
Right it should work either way, that's a bug, are you interested in contributing a fix?
Yeah I can have a look. Should be a relatively straightforward fix
Jenkins and plugins versions report
Environment
```text Jenkins: 2.414.3 OS: Linux - 5.15.90.1-microsoft-standard-WSL2 Java: 11.0.20.1 - Eclipse Adoptium (OpenJDK 64-Bit Server VM) --- apache-httpcomponents-client-4-api:4.5.14-208.v438351942757 azure-credentials:293.vb_d506148f506 azure-keyvault:214.vf667264ea_ccd azure-sdk:157.v855da_0b_eb_dc2 bouncycastle-api:2.29 branch-api:2.1128.v717130d4f816 caffeine-api:3.1.8-133.v17b_1ff2e0599 cloudbees-folder:6.858.v898218f3609d commons-lang3-api:3.13.0-62.v7d18e55f51e2 credentials:1307.v3757c78f17c3 credentials-binding:642.v737c34dea_6c2 display-url-api:2.200.vb_9327d658781 durable-task:523.va_a_22cf15d5e0 git:5.2.0 git-client:4.5.0 github:1.37.3.1 github-api:1.316-451.v15738eef3414 github-branch-source:1741.va_3028eb_9fd21 instance-identity:185.v303dc7c645f9 ionicons-api:56.v1b_1c8c49374e jackson2-api:2.15.3-366.vfe8d1fa_f8c87 jakarta-activation-api:2.0.1-3 jakarta-mail-api:2.0.1-3 javax-activation-api:1.2.0-6 javax-mail-api:1.6.2-9 jaxb:2.3.9-1 jjwt-api:0.11.5-77.v646c772fddb_0 mailer:463.vedf8358e006b_ mina-sshd-api-common:2.11.0-86.v836f585d47fa_ mina-sshd-api-core:2.11.0-86.v836f585d47fa_ okhttp-api:4.11.0-157.v6852a_a_fa_ec11 pipeline-build-step:516.v8ee60a_81c5b_9 pipeline-github-lib:42.v0739460cda_c4 pipeline-graph-analysis:202.va_d268e64deb_3 pipeline-groovy-lib:689.veec561a_dee13 pipeline-input-step:477.v339683a_8d55e pipeline-milestone-step:111.v449306f708b_7 pipeline-model-api:2.2150.v4cfd8916915c pipeline-model-definition:2.2150.v4cfd8916915c pipeline-model-extensions:2.2150.v4cfd8916915c pipeline-rest-api:2.34 pipeline-stage-step:305.ve96d0205c1c6 pipeline-stage-tags-metadata:2.2150.v4cfd8916915c pipeline-stage-view:2.34 plain-credentials:143.v1b_df8b_d3b_e48 scm-api:676.v886669a_199a_a_ script-security:1275.v23895f409fb_d snakeyaml-api:2.2-111.vc6598e30cc65 ssh-credentials:308.ve4497b_ccd8f4 ssh-slaves:2.916.vd17b_43357ce4 structs:325.vcb_307d2a_2782 token-macro:384.vf35b_f26814ec trilead-api:2.84.v72119de229b_7 variant:60.v7290fc0eb_b_cd workflow-aggregator:596.v8c21c963d92d workflow-api:1283.v99c10937efcb_ workflow-basic-steps:1042.ve7b_140c4a_e0c workflow-cps:3806.va_3a_6988277b_2 workflow-durable-task-step:1289.v4d3e7b_01546b_ workflow-job:1360.vc6700e3136f5 workflow-multibranch:756.v891d88f2cd46 workflow-scm-step:415.v434365564324 workflow-step-api:639.v6eca_cd8c04a_a_ workflow-support:865.v43e78cc44e0d ```What Operating System are you using (both controller, and any agents involved in the problem)?
Docker Desktop on Windows 10 with the jenkins/jenkins:lts-jdk11 image (currently Jenkins 2.414.3)
Reproduction steps
Expected Results
The SSH key should be added as a credential in Jenkins along with it's passphrase.
Actual Results
The SSH credential isn't visible in Jenkins. The passphrase is retrieved successfully from the key vault and created as a separate credential in Jenkins but not the SSH key. I've not used the AZURE_KEYVAULT_LABEL_SELECTOR to filter out any credentials.
The logs state that the passphrase credential does not exist in the key vault but it definitely does because it's being retrieved as a separate credential okay.
Anything else?
No response