Whitelisting plugin symbols

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view

Whitelisting plugin symbols

Mark Waite-2
I implemented symbol whitelisting for many of the fields in the git plugin as part of the git plugin 4.1.0 release.  Unfortunately, I've found one case where I am still required to approve a script that uses a symbol, even when other uses of that same symbol are allowed without approval.

The working cases are all references directly inside the Jenkinsfile.  For example, I can do the following assignment with no script approval:

def userRemoteConfigsIn = scm.userRemoteConfigs

def userRemoteConfigsIn_url           = scm.userRemoteConfigs[0].url
def userRemoteConfigsIn_name          = scm.userRemoteConfigs[0].name
def userRemoteConfigsIn_refspec       = scm.userRemoteConfigs[0].refspec
def userRemoteConfigsIn_credentialsId = scm.userRemoteConfigs[0].credentialsId

def branchesIn = scm.branches

def branchesIn_name = scm.branches[0].name

Those assignments work great and do not require script approval.

Unfortunately, referencing the same symbol from a Pipeline shared library fails.  The failing code is described in https://issues.jenkins-ci.org/browse/JENKINS-60826

It basically looks like this:

@Library(value='globalPipelineLibraryMarkEWaite', changelog=false) _
import com.markwaite.Assert
import com.markwaite.Build
import com.markwaite.GitUtils
def branch1='JENKINS-37156'
def branch2='master'
def branch3='JENKINS-06203'

node('git-1.8+ && !cloud') {
  stage('Checkout') {
    def my_utils = new com.markwaite.GitUtils()
    def new_refspec = my_utils.adjustRemoteConfig(scm.userRemoteConfigs[0], branch2)

Any pointers to suggest what I've done wrong that would cause a reference from within the Jenkinsfile to be whitelisted and another to a method defined in a separate file to not be whitelisted?

Mark Waite

You received this message because you are subscribed to the Google Groups "Jenkins Developers" group.
To unsubscribe from this group and stop receiving emails from it, send an email to [hidden email].
To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-dev/CAO49JtEiYk5cuTHwpqWsJk8RgaCTbjVbdQdBx0S0crFHsLErVA%40mail.gmail.com.