More verbose documentation on 'credentialsId' & Pipeline Syntax Support

[thedevopsguyblog]

Describe your use-case which is not covered by existing documentation.

Hello,

Great work on this plugin - very useful!

I'm trying to use this plugin in a declarative-pipeline but running into issues around implementing credentialsId.

I think a common use case is handling credentials with credentials-binding

Could I please have some guidance around what the correct syantax is - alot of the documentation uses vault roles instead of the typical 'username:password' that would be used in cURL.

//declarative syntax
stage('Submit CR'){
    steps{
        script{
            def response = serviceNow_createChange serviceNowConfiguration:[
                instance: "${instandId}",
                producerId: "${sysId}"
                ]
                withCredentials([usernamePassword(credentialsId: 'ADMIN-ACCOUNT', usernameVariable: 'snowID', passwordVariable: 'snowPswrd')]) {
                    credentialsId: "${snowId}:${snowPswrd}"
                }
                def jsonSlurper = new JsonSlurper()
                def createResponse = jsonSlurper.parseText(response.content)
                def sysId = createResponse.result.sys_id
                def changeNumber = createResponse.result.number
                echo changeNumber
        }
    }
}

Here is the result from my most recent build...

java.lang.NullPointerException
    at java.base/java.util.Objects.requireNonNull(Objects.java:221)
    at com.cloudbees.plugins.credentials.matchers.IdMatcher.<init>(IdMatcher.java:58)
    at com.cloudbees.plugins.credentials.CredentialsMatchers.withId(CredentialsMatchers.java:135)
    at org.jenkinsci.plugins.servicenow.util.CredentialsUtil.findCredentials(CredentialsUtil.java:30)
    at org.jenkinsci.plugins.servicenow.credentials.CredentialsUtilCredentialsProvider.getCredentials(CredentialsUtilCredentialsProvider.java:12)
    at org.jenkinsci.plugins.servicenow.ServiceNowExecution.<init>(ServiceNowExecution.java:71)
    at org.jenkinsci.plugins.servicenow.ServiceNowExecution.<init>(ServiceNowExecution.java:60)
    at org.jenkinsci.plugins.servicenow.ServiceNowExecution.from(ServiceNowExecution.java:48)
    at org.jenkinsci.plugins.servicenow.workflow.CreateChangeStep$Execution.run(CreateChangeStep.java:72)
    at org.jenkinsci.plugins.servicenow.workflow.CreateChangeStep$Execution.run(CreateChangeStep.java:49)
    at org.jenkinsci.plugins.workflow.steps.SynchronousNonBlockingStepExecution.lambda$start$0(SynchronousNonBlockingStepExecution.java:47)
    at java.base/java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:515)
    at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264)
    at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)
    at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
    at java.base/java.lang.Thread.run(Thread.java:829)

PS: Are there any plans to uplift the documentation around Piepline Syntax support?

Reference any relevant documentation, other materials or issues/pull requests that can be used for inspiration.

No response

[thedevopsguyblog]

Ok, i've solved my null pointer error, i was missing a , after declaring serviceNowConfiguration.

But this still leaves me in the same position - passing username:passwrd securely to credentialsId

I've tried this...

script{
    withCredentials([usernamePassword(credentialsId: 'ADMIN-ACCOUNT', usernameVariable: 'snowID', passwordVariable: 'snowPswrd')]) {
        serviceNow_createChange serviceNowConfiguration:[
            instance: "${instandId}",,
            producerId: "${sysId}"
            ],
            credentialsId: "${snowId}:${snowPswrd}"
    }
}

A couple of issues with this approach...

1. "A secret was passed to "serviceNow_createChange" using Groovy String interpolation, which is insecure."
2. I can't define a def inside withCredentials

The other thing i tried was wrapping just credentialsId inside withCredentials but that ended up actually exposing my username and password in the console log < very bad!

So still stuck on how to pass username:password to credentialsId