0
0
Jenkinsdevops~20 mins

WithCredentials block usage in Jenkins - Practice Problems & Coding Challenges

Choose your learning style9 modes available
LearnWhyDeepVisualTryChallengeProjectRecallTime
Challenge - 5 Problems
🎖️
WithCredentials Master
Get all challenges correct to earn this badge!
Test your skills under time pressure!
💻 Command Output
intermediate
2:00remaining
What is the output of this Jenkins pipeline snippet using withCredentials?

Consider this Jenkins pipeline snippet:

pipeline {
  agent any
  stages {
    stage('Print Secret') {
      steps {
        withCredentials([string(credentialsId: 'my-secret', variable: 'SECRET')]) {
          echo "Secret is: $SECRET"
        }
      }
    }
  }
}

Assuming the credential 'my-secret' contains the value 's3cr3t!', what will Jenkins print in the console?

Jenkins
pipeline {
  agent any
  stages {
    stage('Print Secret') {
      steps {
        withCredentials([string(credentialsId: 'my-secret', variable: 'SECRET')]) {
          echo "Secret is: $SECRET"
        }
      }
    }
  }
}
ASecret is: my-secret
BSecret is: s3cr3t!
CSecret is: null
DSecret is: $SECRET
Attempts:
2 left
💡 Hint

withCredentials injects the secret value into the environment variable.

Troubleshoot
intermediate
2:00remaining
Why does this Jenkins pipeline fail to access the secret inside withCredentials?

Look at this Jenkins pipeline snippet:

pipeline {
  agent any
  environment {
    SECRET = ''
  }
  stages {
    stage('Get Secret') {
      steps {
        withCredentials([string(credentialsId: 'my-secret', variable: 'SECRET')]) {
          echo "Secret is: $SECRET"
        }
      }
    }
  }
}

The pipeline prints: Secret is:

Why is the secret value empty?

Jenkins
pipeline {
  agent any
  environment {
    SECRET = ''
  }
  stages {
    stage('Get Secret') {
      steps {
        withCredentials([string(credentialsId: 'my-secret', variable: 'SECRET')]) {
          echo "Secret is: $SECRET"
        }
      }
    }
  }
}
AThe environment variable SECRET is overridden by the empty value in the environment block before withCredentials runs.
BThe credentialsId 'my-secret' does not exist in Jenkins credentials store.
CwithCredentials does not support string type credentials.
DThe echo command does not expand variables inside double quotes.
Attempts:
2 left
💡 Hint

Check how environment variables are set and overridden in Jenkins pipelines.

Configuration
advanced
2:00remaining
How to correctly use multiple credentials in a withCredentials block?

You want to use two credentials in a Jenkins pipeline: a username/password and a secret text. Which of the following withCredentials blocks correctly sets environment variables USER, PASS, and TOKEN?

Jenkins
withCredentials([usernamePassword(credentialsId: 'user-pass', usernameVariable: 'USER', passwordVariable: 'PASS'), string(credentialsId: 'token', variable: 'TOKEN')]) {
  // steps
}
AwithCredentials([usernamePassword(credentialsId: 'user-pass', usernameVariable: 'USER', passwordVariable: 'PASS'), string(credentialsId: 'token', variable: 'TOKEN')]) { /* steps */ }
BwithCredentials([usernamePassword(credentialsId: 'user-pass', userVariable: 'USER', passVariable: 'PASS'), string(credentialsId: 'token', variable: 'TOKEN')]) { /* steps */ }
CwithCredentials([usernamePassword(credentialsId: 'user-pass', usernameVariable: 'USER'), string(credentialsId: 'token', variable: 'TOKEN')]) { /* steps */ }
DwithCredentials([usernamePassword(credentialsId: 'user-pass', usernameVariable: 'USER', passwordVariable: 'PASS'), secretText(credentialsId: 'token', variable: 'TOKEN')]) { /* steps */ }
Attempts:
2 left
💡 Hint

Check the exact parameter names for usernamePassword and string credential types.

Best Practice
advanced
2:00remaining
What is the best practice for handling secrets in Jenkins pipelines using withCredentials?

Which of the following is the best practice when using withCredentials in Jenkins pipelines?

AUse environment block to set secret variables globally for all stages.
BStore secrets directly in pipeline scripts as plain text for easy access.
CPrint secret values in console logs for debugging purposes.
DUse withCredentials only around the steps that need the secret, not globally in the pipeline.
Attempts:
2 left
💡 Hint

Think about minimizing exposure of secrets.

🔀 Workflow
expert
2:00remaining
In which order are environment variables set when using withCredentials inside a pipeline with environment block?

Given this Jenkins pipeline snippet:

pipeline {
  agent any
  environment {
    TOKEN = 'env-token'
  }
  stages {
    stage('Use Credentials') {
      steps {
        withCredentials([string(credentialsId: 'secret-token', variable: 'TOKEN')]) {
          echo "Token is: $TOKEN"
        }
      }
    }
  }
}

What will be printed if the credential 'secret-token' has value 'cred-token'?

AToken is: $TOKEN
BToken is: env-token
CToken is: cred-token
DToken is: null
Attempts:
2 left
💡 Hint

Consider precedence of environment variables set by withCredentials vs pipeline environment block.