decodeBase64 it not working in casc secrets

[ns-mjames]

Jenkins and plugins versions report

Environment

prod

What Operating System are you using (both controller, and any agents involved in the problem)?

Linux

Reproduction steps

I'm trying to inject base64 encoded ssh private key from env variables into jenkins credentials store using casc plugins. Inline my casc config.

root@jenkins-deployment-5f99bd74b7-qc2js:/# cat /usr/share/jenkins/casc_configs/secrets.yml
credentials:
  system:
    domainCredentials:
      - credentials:
          - basicSSHUserPrivateKey:
              id: "infrastructure1"
              privateKeySource:
                directEntry:
                  privateKey: |
                    ${decodeBase64:${PRIVATE_KEY_BASE64}}
              scope: GLOBAL
              username: "admin-user"
              usernameSecret: true

I can confirm that PRIVATE_KEY_BASE64 is indeed set as env variable before I run java -jar /opt/jenkins-cli.jar -s http://localhost:8080/ -auth admin:admin reload-jcasc-configuration

Expected Results

Password should be injected into jenkins credentials

Actual Results

root@jenkins-deployment-5f99bd74b7-qc2js:/# java -jar /opt/jenkins-cli.jar -s http://localhost:8080/ -auth admin:admin  reload-jcasc-configuration

ERROR: Illegal base64 character 24

Anything else?

I tried readFileBase64, which is able to read from file and inject into jenkins credentials store. I have also tried exact same config provided in https://github.com/jenkinsci/configuration-as-code-plugin/blob/de7cffe5cb4b1bde9a55ae7cd32acb183f5d6ba4/integrations/src/test/resources/io/jenkins/plugins/casc/SSHCredentialsTest_Singleline_Key.yml and that also not working

[ns-mjames]

any update on this ?