代码之家 › 专栏 › 技术社区 › Frak

如何比较用户输入的密码和凭据密码短语

jenkins-groovy jenkins-pipeline groovy jenkins

Frak · 技术社区 · 6 年前

我有一个脚本管道,它使用 input 函数,并将其与用户保存的凭据密码短语进行比较。如果用户输入是类型 string 然后它就起作用了。但是,当我将输入类型更改为 password (因此,当用户键入它时,它在屏幕上不可见),它会失败,并出现断言错误。

我确保输入与凭据文件中的密码匹配的密码。

我正在使用Jenkins 2.83和最新的凭据插件和凭据绑定插件。

脚本:

node 
{
    stage ("Collect User Input")
    {
        userInput = input(  id: 'Input-username', 
                            message: 'Select username', 
                            ok: 'Continue', 
                            parameters: [choice(choices: 'user1\nuser2\nuser3', description: '', name: 'username'),
                                         password(defaultValue: '', description: 'Enter your private key passphrase ', name: 'password')
                                         ], 
                            submitterParameter: 'approver')


        println("User Input is: " + userInput)

        withCredentials(bindings: [sshUserPrivateKey(credentialsId: 'my-test-key', 
                                                   keyFileVariable: 'cred_keyfile',
                                                passphraseVariable: 'cred_passphrase',
                                                  usernameVariable: 'cred_username' )])
        {
            assert userInput.password==cred_passphrase
        }
    }
}

我得到错误:

hudson.remoting.ProxyException: Assertion failed: 

assert userInput.password==cred_passphrase

    at org.codehaus.groovy.runtime.InvokerHelper.assertFailed(InvokerHelper.java:404)
    at org.codehaus.groovy.runtime.ScriptBytecodeAdapter.assertFailed(ScriptBytecodeAdapter.java:650)
    at com.cloudbees.groovy.cps.impl.AssertBlock$ContinuationImpl.fail(AssertBlock.java:47)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.lang.reflect.Method.invoke(Method.java:498)
    at com.cloudbees.groovy.cps.impl.ContinuationPtr$ContinuationImpl.receive(ContinuationPtr.java:72)
    at com.cloudbees.groovy.cps.impl.ConstantBlock.eval(ConstantBlock.java:21)
    at com.cloudbees.groovy.cps.Next.step(Next.java:83)
    at com.cloudbees.groovy.cps.Continuable$1.call(Continuable.java:174)
    at com.cloudbees.groovy.cps.Continuable$1.call(Continuable.java:163)
    at org.codehaus.groovy.runtime.GroovyCategorySupport$ThreadCategoryInfo.use(GroovyCategorySupport.java:122)
    at org.codehaus.groovy.runtime.GroovyCategorySupport.use(GroovyCategorySupport.java:261)
    at com.cloudbees.groovy.cps.Continuable.run0(Continuable.java:163)
    at org.jenkinsci.plugins.workflow.cps.SandboxContinuable.access$101(SandboxContinuable.java:34)
    at org.jenkinsci.plugins.workflow.cps.SandboxContinuable.lambda$run0$0(SandboxContinuable.java:59)
    at org.jenkinsci.plugins.scriptsecurity.sandbox.groovy.GroovySandbox.runInSandbox(GroovySandbox.java:108)
    at org.jenkinsci.plugins.workflow.cps.SandboxContinuable.run0(SandboxContinuable.java:58)
    at org.jenkinsci.plugins.workflow.cps.CpsThread.runNextChunk(CpsThread.java:174)
    at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup.run(CpsThreadGroup.java:332)
    at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup.access$200(CpsThreadGroup.java:83)
    at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup$2.call(CpsThreadGroup.java:244)
    at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup$2.call(CpsThreadGroup.java:232)
    at org.jenkinsci.plugins.workflow.cps.CpsVmExecutorService$2.call(CpsVmExecutorService.java:64)
    at java.util.concurrent.FutureTask.run(FutureTask.java:266)
    at hudson.remoting.SingleLaneExecutorService$1.run(SingleLaneExecutorService.java:112)
    at jenkins.util.ContextResettingExecutorService$1.run(ContextResettingExecutorService.java:28)
    at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
    at java.util.concurrent.FutureTask.run(FutureTask.java:266)
    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
    at java.lang.Thread.run(Thread.java:748)
Finished: FAILURE

但是,如果我更改 暗语 将参数输入到 一串 ,它的工作原理是:

string(defaultValue: '', description: 'Enter your private key passphrase here', name: 'password')

所以我的问题是,我应该如何访问/处理输入参数 暗语 变量/名称?

1 回复 | 直到 6 年前

Szymon Stepniak 6 年前

您的断言失败,因为输入类型 password 返回的不是字符串,而是 hudson.util.Secret 对象如果要将输入密码与 cred_passphrase 您应该这样做:

hudson.util.Secret.fromString(cred_passphrase) == userInput.password

转换是很重要的 cred\u密码短语 具有 Secret.fromString(data) 到a 哈德逊。util。秘密 对象,因为变量 cred\u密码短语 将您的密码短语作为纯文本保存在 String 。

下面你可以找到一个完整的例子。

node {
    stage ("Collect User Input") {
        userInput = input(  id: 'Input-username', 
                            message: 'Select username', 
                            ok: 'Continue', 
                            parameters: [choice(choices: 'user1\nuser2\nuser3', description: '', name: 'username'),
                                         password(defaultValue: '', description: 'Enter your private key passphrase ', name: 'password')
                                         ], 
                            submitterParameter: 'approver')


        println("User Input is: " + userInput)

        withCredentials(bindings: [sshUserPrivateKey(credentialsId: 'my-test-key', 
                                                   keyFileVariable: 'cred_keyfile',
                                                passphraseVariable: 'cred_passphrase',
                                                  usernameVariable: 'cred_username' )])
        {
            assert hudson.util.Secret.fromString(cred_passphrase) == userInput.password
        }
    }
}