Deal with Jenkins password encryption when stored in a SCM Deal with Jenkins password encryption when stored in a SCM jenkins jenkins

Deal with Jenkins password encryption when stored in a SCM


encryption version-control jenkins

Got it! Here is the result of my research.

My initial JENKINS_HOME/.gitignore file was as follows:

# Miscellaneous Jenkins litter*.log*.tmp*.old*.json# Generated Jenkins state/.owner/queue.xml/fingerprints//shelvedProjects//updates//logs/# Credentials/secrets/secret.key# Job statebuilds/workspace/modules/lastStablelastSuccessfulnextBuildNumber

But, taken from http://xn--thibaud-dya.fr/jenkins_credentials.html, Jenkins uses a JENKINS_HOME/secrets/master.key to encrypt all passwords, whether in the global settings or in SCM crendentials.This made me think that the same master.key file was used to decrypt passwords.

So I've tried to remove all credential-related entries from the .gitignore file, thus allowing to push them in my Git repo and then pull them on the machine B (another brand new Jenkins master) and... it works well! All passwords are stored encrypted and since all masters share the same master.key file, all passwords can be decrypted.

Hope it can help someone else!

Recent Posts
How can I color dots in a xy scatterplot according to column value?
How to update a claim in ASP.NET Identity?
What does {0} mean when initializing an object?
Accessing members of items in a JSONArray with Java
How to log SQL statements in Spring Boot?
Powershell Get-WebSite name parameter is ignored
How to detect scroll to bottom of html element
Java synchronized method
How to test controllers with CodeIgniter?
Detect Visual Composer
Matplotlib: Specify format of floats for tick labels
Rails join a list of strings with commas and "and" before the last