Issue
I have some Jenkins runtime options with sensitive data like httpsKeyStorePassword and I want to avoid their exposure in the system process, for example, using ps -ef | grep java.
Resolution
It’s possible to add the --config flag as a Jenkins option when launching the client and indicate a file where you can set the Jenkins options you need.
For example:
YOUR CONFIGURATION LIKE JENKINS_JAVA_OPTIONS=[...] ... --config=PATH_TO_YOUR_FILE_WHERE_FLAGS_ARE_SET
An example of the content of PATH_TO_YOUR_FILE_WHERE_FLAGS_ARE_SET:
httpsPort=SOME_PORT httpsKeyStore=CERTIFICATE_PATH httpsKeyStorePassword=SOME_PASSWORD
This article is part of our Knowledge Base and is provided for guidance-based purposes only. The solutions or workarounds described here are not officially supported by CloudBees and may not be applicable in all environments. Use at your own discretion, and test changes in a safe environment before applying them to production systems.