Jenkinsdevops~5 mins

Credentials for Git access in Jenkins - Commands & Configuration

Choose your learning style9 modes available

Learn Why Deep Visual Try Challenge Project Recall Time

Introduction

When Jenkins needs to get code from a Git repository, it must prove it has permission. Credentials are like keys that Jenkins uses to unlock the code safely without asking you every time.

When Jenkins runs a job that pulls code from a private Git repository.

When you want to automate builds without typing your Git username and password each time.

When you need to securely store Git access tokens or SSH keys for Jenkins pipelines.

When multiple Jenkins jobs use the same Git credentials and you want to manage them centrally.

When you want to avoid exposing your Git passwords in pipeline scripts.

Commands

This command adds Git credentials to Jenkins using an XML file. It securely stores the username and password or token Jenkins will use to access Git.

Terminal

jenkins-cli create-credentials-by-xml system::system::jenkins _ < git-credentials.xml

Expected OutputExpected

Credentials added successfully

→

system::system::jenkins - Specifies the Jenkins system scope for the credentials

→

_ - Indicates the credentials domain (default domain here)

This command lists all credentials stored in Jenkins under the system scope so you can verify your Git credentials were added.

Terminal

jenkins-cli list-credentials system::system::jenkins _

Expected OutputExpected

ID: git-credentials Description: Jenkins Git Access Type: Username with password

→

system::system::jenkins - Specifies the Jenkins system scope for the credentials

→

_ - Indicates the credentials domain (default domain here)

This command triggers a Jenkins pipeline job that uses the stored Git credentials to clone the repository without asking for username or password.

Terminal

jenkins-cli build my-pipeline

Expected OutputExpected

Started build #1 [Pipeline] git Cloning repository https://github.com/example/my-app.git Finished: SUCCESS

Key Concept

If you remember nothing else from this pattern, remember: Jenkins stores Git credentials securely so your pipelines can access private repositories without exposing passwords.

Common Mistakes

Adding Git credentials directly in pipeline scripts as plain text.

This exposes sensitive information and risks leaking passwords in logs or code repositories.

Store credentials securely in Jenkins Credentials Manager and reference them by ID in your pipeline.

Not specifying the correct scope or domain when adding credentials.

Jenkins may not find the credentials during the build, causing authentication failures.

Use the correct scope like 'system::system::jenkins' and domain '_' when adding or listing credentials.

Using username and password instead of SSH keys or personal access tokens.

Passwords can expire or require frequent changes, causing pipeline failures.

Prefer SSH keys or personal access tokens for more stable and secure Git access.

Summary

Add Git credentials securely to Jenkins using the CLI or UI.

Verify credentials are stored correctly before running pipelines.

Use stored credentials in Jenkins pipelines to access private Git repositories without exposing secrets.