-
Improvement
-
Resolution: Fixed
-
Minor
-
None
We can use the existing Script Security Plug-in to let users be able to secure their scripts.
- relates to
-
JENKINS-39742 Active Choice Plugin should honor ParameterDefinition serializability (was: Active Choice Plugin in Pipelines throw NotSerializableException)
-
- Resolved
-
[JENKINS-28732] Add support to the script security plug-in to Active Choices
Installed 1.642.3, active-choices and restarted the server. Creating a job with two parameters, using the example above.
Working fine. Now `mvn clean test package` and then installing the snapshot over the current version, and testing the job again.
INFO: Jenkins is fully up and running Mar 19, 2016 7:23:37 PM org.biouno.unochoice.model.GroovyScript eval WARNING: Error executing fallback script java.lang.IllegalStateException: you need to call configuring or a related method before using GroovyScript at org.jenkinsci.plugins.scriptsecurity.sandbox.groovy.SecureGroovyScript.evaluate(SecureGroovyScript.java:144) at org.biouno.unochoice.model.GroovyScript.eval(GroovyScript.java:158) at org.biouno.unochoice.util.ScriptCallback.call(ScriptCallback.java:97) ... Mar 19, 2016 7:23:38 PM org.biouno.unochoice.AbstractScriptableParameter eval SEVERE: Error executing script for dynamic parameter java.lang.RuntimeException: Failed to evaluate fallback script: you need to call configuring or a related method before using GroovyScript at org.biouno.unochoice.model.GroovyScript.eval(GroovyScript.java:161) at org.biouno.unochoice.util.ScriptCallback.call(ScriptCallback.java:97) at org.biouno.unochoice.AbstractScriptableParameter.eval(AbstractScriptableParameter.java:216) at org.biouno.unochoice.AbstractScriptableParameter.getChoices(AbstractScriptableParameter.java:179) at org.biouno.unochoice.AbstractScriptableParameter.getChoices(AbstractScriptableParameter.java:167) ...
Downgraded back to 1.4, parameters working fine again, no errors in the console. Installing a new version, where readResolve also calls configuringWithNonKeyItem.
Everything working, except that the entries are not popping up in the approval list. Even though my script fails to eval and I can see in the logs:
Mar 19, 2016 7:42:44 PM FINEST org.biouno.unochoice.model.GroovyScript Fallback to default script... org.jenkinsci.plugins.scriptsecurity.sandbox.RejectedAccessException: unclassified field java.lang.Class instance at org.jenkinsci.plugins.scriptsecurity.sandbox.groovy.SandboxInterceptor.rejectField(SandboxInterceptor.java:180) at org.jenkinsci.plugins.scriptsecurity.sandbox.groovy.SandboxInterceptor.onGetProperty(SandboxInterceptor.java:172) at org.kohsuke.groovy.sandbox.impl.Checker$4.call(Checker.java:153) at org.kohsuke.groovy.sandbox.impl.Checker.checkedGetProperty(Checker.java:150) at org.kohsuke.groovy.sandbox.impl.Checker$checkedGetProperty.callStatic(Unknown Source) at org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCallStatic(CallSiteArray.java:50) at org.codehaus.groovy.runtime.callsite.AbstractCallSite.callStatic(AbstractCallSite.java:157) at org.codehaus.groovy.runtime.callsite.AbstractCallSite.callStatic(AbstractCallSite.java:177) at Script1.run(Script1.groovy:1) at org.jenkinsci.plugins.scriptsecurity.sandbox.groovy.GroovySandbox.run(GroovySandbox.java:139) at org.jenkinsci.plugins.scriptsecurity.sandbox.groovy.SecureGroovyScript.evaluate(Se
Code changed in jenkins
User: Bruno P. Kinoshita
Path:
src/main/java/org/biouno/unochoice/model/GroovyScript.java
http://jenkins-ci.org/commit/active-choices-plugin/8a0b0b16f79cde2c8a44fd87e57021c8f9963b12
Log:
JENKINS-28732 Configure the parameter after reading old format.
1.5-alpha-1 released to the experimental plug-in update center.
https://jenkins-ci.org/blog/2013/09/23/experimental-plugins-update-center/
All done, will send announcements later today (Sunday) after I've installed the plug-in in our test bed server.
Final test is to install latest active-choices, create some jobs, then update to the snapshot. If backward compatibility is working fine, then will