1

I created a powershell script to run DB2 queries in Jenkins

withCredentials([usernamePassword(credentialsId: 'cred-id', usernameVariable: 'ID', passwordVariable: 'PASSWORD')]) { $cn = new-object system.data.OleDb.OleDbConnection("Server=Server; Provider=IBMDADB2;DSN=DBName;User Id=$ID;Password=$PASSWORD"); $ds = new-object "System.Data.DataSet" "ds" $q = "myQuery" $da = new-object "System.Data.OleDb.OleDbDataAdapter" ($q, $cn) $da.Fill($ds) $cn.close() }

If I run the script and hard code my credentials, it run fine.

With withCredentials(), I am getting the following error: Security processing failed with reason "15" ("PROCESSING FAILURE")

From some research, the error seems to be because DB2 can't handle encrypted data. Is there a way to overcome this error?

EDIT: I tried to add

$SecurePassword = ConvertTo-SecureString $PASSWORD -AsPlainText -Force $BSTR = [System.Runtime.InteropServices.Marshal]::SecureStringToBSTR($SecurePassword) $UnsecurePassword = [System.Runtime.InteropServices.Marshal]::PtrToStringAuto($BSTR)

at the beginning of my powershell script, but it still throws the same error even though the credential work fine if used in plain text

Improve this question
1
  • As an aside: It's best to pseudo method syntax: Instead of New-Object SomeType(arg1, ...), use New-Object SomeType [-ArgumentList] arg1, ... - PowerShell cmdlets, scripts and functions are invoked like shell commands, not like methods. That is, no parentheses around the argument list, and whitespace-separated arguments (, constructs an array as a single argument, as needed for -ArgumentList). However, method syntax is required if you use the PSv5+ [SomeType]::new() constructor-call method. See this answer Commented Mar 14, 2022 at 22:05

1 Answer 1

Reset to default
1

If I understand the docs for the Credentials Binding Jenkins plugin correctly, the variables designated in the withCredentials() call become environment variables, so as to enable their use across process boundaries.
Note that the values of these environment variables are not encrypted, so no extra (decryption) effort is required on the part of the target process.

Therefore, you need to use $env:[1] instead of just $ to refer to these variables in PowerShell:

$cn = new-object system.data.OleDb.OleDbConnection "Server=Server; Provider=IBMDADB2;DSN=DBName;User Id=$env:ID;Password=$env:PASSWORD"

[1] See the conceptual about_Environment_Variables help topic.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.