From 434da9ea6c8557863de711e066012ed8a1a19448 Mon Sep 17 00:00:00 2001
From: viru0909-dev <gadekarvirendra4@gmail.com>
Date: Sun, 14 Dec 2025 18:35:42 +0530
Subject: [PATCH] Fix [JENKINS-72585]: Pass HTTPS keystore password via stdin
 using --paramsFromStdIn

---
 systemd/jenkins.sh | 26 ++++++++++++++++++++------
 1 file changed, 20 insertions(+), 6 deletions(-)

diff --git a/systemd/jenkins.sh b/systemd/jenkins.sh
index 3aadf778..57861fa3 100755
--- a/systemd/jenkins.sh
+++ b/systemd/jenkins.sh
@@ -69,7 +69,7 @@ infer_jenkins_opts() {
 	fi
 
 	if [ -n "${JENKINS_HTTPS_KEYSTORE_PASSWORD}" ]; then
-		inferred_jenkins_opts="${inferred_jenkins_opts} --httpsKeyStorePassword='${JENKINS_HTTPS_KEYSTORE_PASSWORD}'"
+		inferred_jenkins_opts="${inferred_jenkins_opts} --paramsFromStdIn"
 	fi
 
 	if [ -n "${JENKINS_HTTP2_PORT}" ]; then
@@ -109,6 +109,11 @@ main() {
 
 	infer_jenkins_opts
 
+	jenkins_secret_params=""
+	if [ -n "${JENKINS_HTTPS_KEYSTORE_PASSWORD}" ]; then
+		jenkins_secret_params="--httpsKeyStorePassword=${JENKINS_HTTPS_KEYSTORE_PASSWORD}"
+	fi
+
 	java_opts_tmp="${JAVA_OPTS}"
 	unset JAVA_OPTS
 	unset JENKINS_DEBUG_LEVEL
@@ -130,11 +135,20 @@ main() {
 	jenkins_war_tmp="${JENKINS_WAR}"
 	unset JENKINS_WAR
 	unset JENKINS_WEBROOT
-	eval exec \
-		"${java_cmd}" \
-		${java_opts_tmp} \
-		-jar "${jenkins_war_tmp}" \
-		${inferred_jenkins_opts}
+
+	if [ -n "${jenkins_secret_params}" ]; then
+		echo "${jenkins_secret_params}" | eval exec \
+			"${java_cmd}" \
+			${java_opts_tmp} \
+			-jar "${jenkins_war_tmp}" \
+			${inferred_jenkins_opts}
+	else
+		eval exec \
+			"${java_cmd}" \
+			${java_opts_tmp} \
+			-jar "${jenkins_war_tmp}" \
+			${inferred_jenkins_opts}
+	fi
 }
 
 if [ -z "${JENKINS_OPTS}" ]; then