How Bamboo server encrypts password when entered in DeployOnTomcat Task

Deepali W February 27, 2019

I am using Bamboo Spec v6.8 to create Plan and task to checkout, maven build and deploy on remote Tomcat server using following way:

Task deployTask = new AnyTask(
new AtlassianModule("com.atlassian.bamboo.plugins.tomcat.bamboo-tomcat-plugin:deployAppTask"))
.description("DeployOnTomcat")
.configuration(new MapBuilder().put("appVersion", "").put("tomcatUrl", MY_TOMCAT_URL)
.put("warFilePath", MY_WAR_FILE_PATH)
.put("tomcatUsername", MY_TOMCAT_USER).put("deploymentTag", "")
.put("encTomcatPassword", MY_TOMCAT_PASSWORD)
.put("appContext", "/" + jobDetails.getProjectName().trim().toLowerCase())
.put("tomcat6", "").build());

Here problem is I need to pass encrypted password in MY_TOMCAT_PASSWORD place.

How do I encrypt it? I suppose Bamboo uses Base64 to decode it.

When I use java.util.Base64 to encode password it returns value which is not working on bamboo to deploy app on tomcat and gives error like:

error   27-Feb-2019 09:46:47   Error occurred while running Task 'DeployOnTomcat(3)' of type com.atlassian.bamboo.plugins.tomcat.bamboo-tomcat-plugin:deployAppTask.
error   27-Feb-2019 09:46:47   com.atlassian.bamboo.security.EncryptionException: Failed to decrypt.
error   27-Feb-2019 09:46:47           at com.atlassian.bamboo.security.EncryptionServiceImpl.decrypt(EncryptionServiceImpl.java:72) 
.....
.....
error   27-Feb-2019 09:46:47   Caused by: javax.crypto.IllegalBlockSizeException: Input length must be multiple of 8 when decrypting with padded cipher
error   27-Feb-2019 09:46:47           at com.sun.crypto.provider.CipherCore.doFinal(CipherCore.java:936)
error   27-Feb-2019 09:46:47           at com.sun.crypto.provider.CipherCore.doFinal(CipherCore.java:847)
error   27-Feb-2019 09:46:47           at com.sun.crypto.provider.DESedeCipher.engineDoFinal(DESedeCipher.java:294)
error   27-Feb-2019 09:46:47           at javax.crypto.Cipher.doFinal(Cipher.java:2164)
error   27-Feb-2019 09:46:47           at com.atlassian.bamboo.security.EncryptionServiceImpl.decrypt(EncryptionServiceImpl.java:70)

 

1 answer

1 vote
Daniel Santos
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
March 1, 2019

Hi @Deepali W

Each Bamboo instance will have a different encrypted result for the same password. It depends on the instance encryption keys.

At the moment we are missing a REST API to generate the encrypted data you need in your specs project. There is a feature request for this at [BAM-20131] Rest API endpoint to encrypt variables content.

As a workaround:

  1. Go to a Bamboo plan, add the Tomcat Deploy task
  2. Fill the minimum task details (and the needed password)
  3. Save the task 
  4. Click in Plan configuration than in Actions >> View plan as java specs
  5. Then copy the encrypted password generated

I hope that can help you while the endpoint is not available.

Suggest an answer

Log in or Sign up to answer
TAGS
AUG Leaders

Atlassian Community Events