Interview › Scripting (Bash, Groovy)
How do you use environment variables and credentials in a Groovy pipeline? [Advanced]
Answer
I use the environment block for non-secret environment variables and withCredentials for secrets. Jenkins credentials should be scoped to the smallest required block and never printed or interpolated into logs unnecessarily.
Technical explanation
environment variables in Declarative Pipeline are available to steps in the pipeline or stage scope.
withCredentials binds secrets temporarily and masks them in logs when used correctly.
Avoid Groovy string interpolation of secrets in command strings; prefer single-quoted shell scripts so expansion happens in the shell with masking.
Hands-on example
pipeline {
agent any
environment {
REGISTRY = 'registry.example.com'
}
stages {
stage('Push') {
steps {
withCredentials([usernamePassword(credentialsId: 'registry-creds', usernameVariable: 'USER', passwordVariable: 'PASS')]) {
sh 'echo "$PASS" | docker login "$REGISTRY" -u "$USER" --password-stdin'
}
}
}
}
}
Check how well your resume matches the role with our free resume checker— match score, ATS check, and the skills you're missing.
More Scripting (Bash, Groovy) interview questions
- What is the purpose of the shebang line, and what does #!/bin/bash do? [Basic]
- What is the difference between sh and bash? [Basic]
- How do you make a script executable and run it? [Basic]
- What is the difference between running a script with ./script.sh, bash script.sh, and source script.sh? [Basic]
- What does sourcing a script do differently from executing it? [Basic]
- How do you declare a variable in Bash, and why are spaces around = not allowed? [Basic]
- What is the difference between $var and ${var}? [Basic]
- What is the difference between single quotes and double quotes in Bash? [Basic]