- Map Jenkins env vars to GitHub Actions env vars
- Convert Jenkins variables into GitHub Actions secrets
- Remove variables from the generated workflow

- The custom transformer runs during the import/dry-run and modifies the resulting workflow’s
envsection. - You author rules in a small Ruby DSL file that the importer evaluates to translate or remove variables.
- This process is especially useful for mapping credential references to GitHub Actions secrets.
ss-pipeline-transformer.rb).
| Transformer directive | Purpose | Example |
|---|---|---|
env "NAME", "value" | Map a literal value | env "MONGO_USERNAME", "superuser" |
env "NAME", secret("KEY") | Use a GitHub Actions secret | env "MONGO_PASSWORD", secret("mongo_db_password") |
env "NAME", nil | Remove a variable from output | env "MONGO_DB_CREDS", nil |
- The importer converts SCM polling to a GitHub Actions cron schedule automatically.
- Credential references stored in Jenkins credential stores are typically not transformed by default. Those appear as commented placeholders with the message
# This item has no matching transformer. - Use a custom transformer to explicitly map these variables to literals or
secrets.
ss-pipeline-transformer.rb) and use env directives to add mappings, mark values as secrets, or remove variables.
Example transformer (Ruby DSL):
secret("mongo_db_password")indicates the importer should reference the GitHub Actions secret namedmongo_db_password.- Setting a variable to
nilremoves it from the generated workflow.
If you see a message such as:it usually means the transformer path is incorrect relative to your current working directory. Verify the file exists (for example
ls ss-pipeline-transformer.rb) and either run the command from that directory or supply an absolute path to --custom-transformers.env section reflects the mappings and secrets:
- Keep transformer files in your project repository and reference them with a relative or absolute path to avoid “not found” errors.
- Prefer mapping credentials to GitHub Actions secrets rather than hard-coding sensitive values.
- Use regular expressions cautiously to avoid accidentally removing environment variables you need.
- Use
env "NAME", "value"to map literals,env "NAME", secret("KEY")to map to GitHub Actions secrets, andenv "NAME", nilto remove variables from the generated workflow. - If the importer cannot find your custom transformer, verify the path and working directory or use an absolute path.
- This article focuses on env var transformation; other Jenkins-specific constructs (e.g., complex credential bindings or specialized plugins) may require additional custom handling and are covered separately.