SCAN_CREDENTIALS_ID and GIT_SSH_CREDENTIALS_ID evironment variables

[doman18]

Every example and tutorial found in internet about using git credentials in pipelines uses environments or withCredentials sections. But in both cases we have to use fixed credentials id name. And as we know any fixed things used in pipelines are problematic. For example If Jenkinsfile has to be used in more than one Jenkins servers or when you have to refactor credential names.

We can get almost all git informations either from env variables, or by git commands or using checkoutInfo = checkout scm. The only thing we cant get are IDs of credentials used in jobs settings. These are credentials used for scan branches and default for checking out sources (or checking out over ssh if such option is set).

Ideally, plugin will provide

SCAN_CREDENTIALS_ID - used for scan branches and default for checking out sources GIT_SSH_CREDENTIALS_ID - present when Checkout over SSH section is added in jobs settings

Examples of uses (based on https://www.jenkins.io/doc/pipeline/examples/#push-git-repo)

• for scanner credentials

withCredentials([usernamePassword(credentialsId: env.GIT_CREDENTIALS_ID, passwordVariable: 'GIT_PASSWORD', usernameVariable: 'GIT_USERNAME')]) {
    sh("git tag -a some_tag -m 'Jenkins'")
    sh('git push https://${GIT_USERNAME}:${GIT_PASSWORD}@<REPO> --tags')
}

• for ssh checkout

// sshagent step from the SSH Agent plugin.
sshagent (credentials: [env.GIT_SSH_CREDENTIALS_ID]) {
    sh("git tag -a some_tag -m 'Jenkins'")
    sh('git push <REPO> --tags')
}

[doman18]

Ok, i just learned here how to get these data.

scm.userRemoteConfigs[0].credentialsId

This returns either SCAN_CREDENTIALS_ID or GIT_SSH_CREDENTIALS_ID if Checkout over SSH is set.

This topic helped a lot: https://community.jenkins.io/t/how-to-get-checkout-credentials-id-which-is-set-for-pipeline-or-multibranch-projects/867/7

However still some env variable would be much more strightforward in use.