Whitelisting plugin symbols

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

Whitelisting plugin symbols

Mark Waite-2
I implemented symbol whitelisting for many of the fields in the git plugin as part of the git plugin 4.1.0 release.  Unfortunately, I've found one case where I am still required to approve a script that uses a symbol, even when other uses of that same symbol are allowed without approval.

The working cases are all references directly inside the Jenkinsfile.  For example, I can do the following assignment with no script approval:

def userRemoteConfigsIn = scm.userRemoteConfigs

def userRemoteConfigsIn_url           = scm.userRemoteConfigs[0].url
def userRemoteConfigsIn_name          = scm.userRemoteConfigs[0].name
def userRemoteConfigsIn_refspec       = scm.userRemoteConfigs[0].refspec
def userRemoteConfigsIn_credentialsId = scm.userRemoteConfigs[0].credentialsId

def branchesIn = scm.branches

def branchesIn_name = scm.branches[0].name

Those assignments work great and do not require script approval.

Unfortunately, referencing the same symbol from a Pipeline shared library fails.  The failing code is described in https://issues.jenkins-ci.org/browse/JENKINS-60826

It basically looks like this:

@Library(value='globalPipelineLibraryMarkEWaite', changelog=false) _
import com.markwaite.Assert
import com.markwaite.Build
import com.markwaite.GitUtils
def branch1='JENKINS-37156'
def branch2='master'
def branch3='JENKINS-06203'

node('git-1.8+ && !cloud') {
  stage('Checkout') {
    def my_utils = new com.markwaite.GitUtils()
    def new_refspec = my_utils.adjustRemoteConfig(scm.userRemoteConfigs[0], branch2)
}

Any pointers to suggest what I've done wrong that would cause a reference from within the Jenkinsfile to be whitelisted and another to a method defined in a separate file to not be whitelisted?

-- 
Thanks!
Mark Waite

--
You received this message because you are subscribed to the Google Groups "Jenkins Developers" group.
To unsubscribe from this group and stop receiving emails from it, send an email to [hidden email].
To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-dev/CAO49JtEiYk5cuTHwpqWsJk8RgaCTbjVbdQdBx0S0crFHsLErVA%40mail.gmail.com.