Using masked passwords with the Active Choices Plug-in

The Mask Passwords Plug-in allow users to automatically mask passwords in the console. You can also create global passwords, which is similar to what you can do in other plug-ins such as the EnvInject Plug-in.

The main difference is that any parameter defined in the global parameters section, is automatically masked, should it appears in the console output.

The plug-in has a Builder that iterates through the parameters to annotate the console output. You can read the code that does that here.

But if you need the value from that global parameter, in one of your Active Choices parameters, you can still mimic what that builder is doing. Here is an example.

// Assuming you have a global parameter called "build_password"

import com.michelin.cio.hudson.plugins.maskpasswords.*;

// getting global masked password...
maskPasswordsConfig = MaskPasswordsConfig.getInstance()
varPasswordPairs = maskPasswordsConfig.getGlobalVarPasswordPairs()

// default to empty
myPassword = ''
// check if we have a global pair with that password
varPasswordPairs.each { pair ->
    if (pair.getVar().equals("build_password")) {
        // this will use Jenkins' Secret class to decrypt it...
        myPassword = pair.password
    }
}

// use your myPassword variable after here