[JIRA] [credentials-plugin] (JENKINS-27706) Credentials re-encrypting encrypted passwords

[wattw...@backcountry.com (JIRA)]

William Attwood created JENKINS-27706 Credentials re-encrypting encrypted passwords Issue Type: Bug Assignee: stephenconnolly Components: credentials-plugin Created: 01/Apr/15 8:15 PM Description: This is part of an automated deploy process. Vagrant fires off a VM, Ansible takes over, install Jenkins, plug-ins, copies over secrets folder, credentials.xml, all keys. These are from a blank instance where the credentials were added then all files copied to Ansible. However, the plug-in will see the passwords as not being encrypted, and will re-encrypt them on any credentials plug-in action. This is encrypting the encrypted passwords, which of course means no credentials work, sans the one modified or added. After the double encryption has happened, I've compared a file-by-file diff between the original Jenkins folder, and the one with double encrypted passwords. The only difference between the two is the credentials.xml file. If the keys, entire secrets folder remain the same, why is the plug-in re-encrypting encrypted passwords? diff jenkins jenkins2 diff jenkins/credentials.xml jenkins2/credentials.xml 2c2 < <com.cloudbees.plugins.credentials.SystemCredentialsProvider plugin="credentials@1.22"> — > <com.cloudbees.plugins.credentials.SystemCredentialsProvider plugin="credentials@1.9.4"> 9c9 < <com.cloudbees.jenkins.plugins.sshcredentials.impl.BasicSSHUserPrivateKey plugin="ssh-credentials@1.10"> — > <com.cloudbees.jenkins.plugins.sshcredentials.impl.BasicSSHUserPrivateKey plugin="ssh-credentials@1.6.1"> 14c14 < <passphrase>+Duk05r+llYpdKqlfHps7qD+sDeaTOnYYkRLv7WF84VpmJw8x+qInKcR6yUZLzke</passphrase> — > <passphrase>r/0KAmjSs1wS2HZUDvOCQA==</passphrase> 30c30 < <com.cloudbees.jenkins.plugins.sshcredentials.impl.BasicSSHUserPrivateKey plugin="ssh-credentials@1.10"> — > <com.cloudbees.jenkins.plugins.sshcredentials.impl.BasicSSHUserPrivateKey plugin="ssh-credentials@1.6.1"> 35c35 < <passphrase>+Duk05r+llYpdKqlfHps7qD+sDeaTOnYYkRLv7WF84VpmJw8x+qInKcR6yUZLzke</passphrase> — > <passphrase>r/0KAmjSs1wS2HZUDvOCQA==</passphrase> 51c51 < <com.cloudbees.jenkins.plugins.sshcredentials.impl.BasicSSHUserPrivateKey plugin="ssh-credentials@1.10"> — > <com.cloudbees.jenkins.plugins.sshcredentials.impl.BasicSSHUserPrivateKey plugin="ssh-credentials@1.6.1"> 56c56 < <passphrase>+Duk05r+llYpdKqlfHps7qD+sDeaTOnYYkRLv7WF84VpmJw8x+qInKcR6yUZLzke</passphrase> — > <passphrase>r/0KAmjSs1wS2HZUDvOCQA==</passphrase> 77c77 < <password>uoE/l9OHkPW0RybWyi2s+IdzBETX1qc93Xo2C17aPais8pKitvUl4stxhSll7bgGVSIqj2G4jOwAUoKuMiQKRA==</password> — > <password>Z2X9lpGTWZgDLL8Cg6hh6bftXHVznYrlOw5CCMrhljo=</password> 79c79 < <com.cloudbees.jenkins.plugins.sshcredentials.impl.BasicSSHUserPrivateKey plugin="ssh-credentials@1.10"> — > <com.cloudbees.jenkins.plugins.sshcredentials.impl.BasicSSHUserPrivateKey plugin="ssh-credentials@1.6.1"> 84c84 < <passphrase>+Duk05r+llYpdKqlfHps7qD+sDeaTOnYYkRLv7WF84VpmJw8x+qInKcR6yUZLzke</passphrase> — > <passphrase>r/0KAmjSs1wS2HZUDvOCQA==</passphrase> 100c100 < <com.cloudbees.jenkins.plugins.sshcredentials.impl.BasicSSHUserPrivateKey plugin="ssh-credentials@1.10"> — > <com.cloudbees.jenkins.plugins.sshcredentials.impl.BasicSSHUserPrivateKey plugin="ssh-credentials@1.6.1"> 105c105 < <passphrase>+Duk05r+llYpdKqlfHps7qD+sDeaTOnYYkRLv7WF84VpmJw8x+qInKcR6yUZLzke</passphrase> — > <passphrase>r/0KAmjSs1wS2HZUDvOCQA==</passphrase> 108c108 < <com.cloudbees.jenkins.plugins.sshcredentials.impl.BasicSSHUserPrivateKey plugin="ssh-credentials@1.10"> — > <com.cloudbees.jenkins.plugins.sshcredentials.impl.BasicSSHUserPrivateKey plugin="ssh-credentials@1.6.1"> 113c113 < <passphrase>+Duk05r+llYpdKqlfHps7qD+sDeaTOnYYkRLv7WF84VpmJw8x+qInKcR6yUZLzke</passphrase> — > <passphrase>r/0KAmjSs1wS2HZUDvOCQA==</passphrase> 116c116 < <com.cloudbees.jenkins.plugins.sshcredentials.impl.BasicSSHUserPrivateKey plugin="ssh-credentials@1.10"> — > <com.cloudbees.jenkins.plugins.sshcredentials.impl.BasicSSHUserPrivateKey plugin="ssh-credentials@1.6.1"> 121c121 < <passphrase>+Duk05r+llYpdKqlfHps7qD+sDeaTOnYYkRLv7WF84VpmJw8x+qInKcR6yUZLzke</passphrase> — > <passphrase>r/0KAmjSs1wS2HZUDvOCQA==</passphrase> 124c124 < <com.cloudbees.jenkins.plugins.sshcredentials.impl.BasicSSHUserPrivateKey plugin="ssh-credentials@1.10"> — > <com.cloudbees.jenkins.plugins.sshcredentials.impl.BasicSSHUserPrivateKey plugin="ssh-credentials@1.6.1"> 129c129 < <passphrase>+Duk05r+llYpdKqlfHps7qD+sDeaTOnYYkRLv7WF84VpmJw8x+qInKcR6yUZLzke</passphrase> — > <passphrase>r/0KAmjSs1wS2HZUDvOCQA==</passphrase> 137c137 < <password>00VxA93D/wXqzh09t7PqOsmZnTDeTGl3YDEl1s8UJ84jY9bOaL0GqOLiXZjjJstrVSIqj2G4jOwAUoKuMiQKRA==</password> — > <password>NwirBRVYNXBfSR2GsMPTkpAaMR6s9Ha9V8oQN0OSDa0=</password> 144c144 < <password>xWnBRp4mnKOxO04gjXqSr8+5q+1cMDZP06in/twkmu4=</password> — > <password>fLG0B67edIFdufD5c9xZY14sK9H9IQzao8aJ59jj88c=</password> Common subdirectories: jenkins/.java and jenkins2/.java Common subdirectories: jenkins/jb_jobs and jenkins2/jb_jobs Common subdirectories: jenkins/jobs and jenkins2/jobs Common subdirectories: jenkins/nodes and jenkins2/nodes Common subdirectories: jenkins/plugins and jenkins2/plugins Common subdirectories: jenkins/secrets and jenkins2/secrets Common subdirectories: jenkins/.ssh and jenkins2/.ssh Common subdirectories: jenkins/updates and jenkins2/updates Common subdirectories: jenkins/userContent and jenkins2/userContent Environment: Vagrant->Ansible->CentOS->Jenkins Project: Jenkins Priority: Major Reporter: William Attwood

This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators. For more information on JIRA, see: http://www.atlassian.com/software/jira

--
You received this message because you are subscribed to the Google Groups "Jenkins Issues" group.
To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.