0

I'm coding this function in Jenkins to query Artifactory:

def curlDockerArtifact(URL, registryName, moduleName, tag, token) {
 def controlURI = "${URL}/artifactory/api/storage/${registryName}/${moduleName}/${tag}"
 def result = sh(script: """
 curl -I -H \'Authorization: Bearer $token\' \
 https://$controlURI -o /dev/null -w \'%{http_code}\' -s
 """, returnStdout: true)
}

But I get this warning which I'm tying to avoid.

Warning: A secret was passed to "sh" using Groovy string interpolation, which is insecure.

I tried using single quotes but the variables don't get correctly interpreted from Groovy. Any idea how to fix/refactor the code?

asked Feb 20, 2022 at 16:15
0

1 Answer 1

1

You have to keep double quotes like you do, but you need to escape the $ sign for the token. Like this :

curl -I -H \'Authorization: Bearer \$token\'

The groovy will not interpolate the variable and the correct value will be passed on the shell level.

More informations : https://www.jenkins.io/doc/book/pipeline/jenkinsfile/#interpolation-of-sensitive-environment-variables

answered Feb 21, 2022 at 15:06
Sign up to request clarification or add additional context in comments.

3 Comments

Doesn't work. That way the token variable is always null.
so a second solution is to use triple singles quotes for the script, and don't escape the $.
Still not working.

Your Answer

Draft saved
Draft discarded

Sign up or log in

Sign up using Google
Sign up using Email and Password

Post as a guest

Required, but never shown

Post as a guest

Required, but never shown

By clicking "Post Your Answer", you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.