Upload secret file credentials to Jenkins with REST / CLI

Question

How can I create a Jenkins Credential via REST API or Jenkins CLI? The credential should be of type "secret file", instead of a username / password combination.

The question is similar to this question, but not the same or a duplicate.

Answer 1

You can do it as follows:

curl -X POST \
 https://jenkins.local/job/TEAM-FOLDER/credentials/store/folder/domain/_/createCredentials \
 -F secret=@/Users/maksym/secret \
 -F 'json={"": "4", "credentials": {"file": "secret", "id": "test", 
"description": "HELLO-curl", "stapler-class": 
"org.jenkinsci.plugins.plaincredentials.impl.FileCredentialsImpl", 
"$class": 
"org.jenkinsci.plugins.plaincredentials.impl.FileCredentialsImpl"}}'

just finished with it today https://www.linkedin.com/pulse/upload-jenkins-secret-file-credential-via-api-maksym-lushpenko/?trackingId=RDcgSk0KyvW5RxrBD2t1RA%3D%3D

Answer 2

To create Jenkins credentials via the CLI you can use the create-credentials-by-xml command:

java -jar jenkins-cli.jar -s <JENKINS_URL> create-credentials-by-xml  system::system::jenkins _ < credential-name.xml

The best way to know the syntax of this is to create a credential manually, and then dump it:

java -jar jenkins-cli.jar -s <JENKINS_URL> get-credentials-as-xml system::system::jenkins _ credential-name > credential-name.xml

Then you can use this XML example as a template, it should be self-explanatory.

Answer 3

If you want to update an existing secret file, the simplest way I found was to delete and re-create.

A delete request, to extend @lumaks answer (i.e. with the same hostname, folder name and credentials id), looks like:

curl -v -X POST \
-u "user:password" \
https://jenkins.local/job/TEAM-FOLDER/credentials/store/folder/domain/_/credential/test/doDelete

This will return either HTTP status code 302 Found or 404 Not Found for existing and non-existing creds file respectively.