JenkinsFile SandBox error raised if the pipeline definition uses Enumerations:

      Caused by: org.jenkinsci.plugins.scriptsecurity.sandbox.RejectedAccessException: unclassified staticMethod package.EnumX $INIT java.lang.String java.lang.Integer
      

          [JENKINS-33023] Enums are not supported in sandbox

          krzyk added a comment - - edited

          Same thing happens with Strings:

          Caused by: org.jenkinsci.plugins.scriptsecurity.sandbox.RejectedAccessException: unclassified staticMethod Build $INIT java.lang.String java.lang.Integer
          

          I think this happens on call to this function:

          def commitHash() {
              sh 'git rev-parse HEAD > GIT_COMMIT'
              return readFile('GIT_COMMIT').trim()
          }
          

          krzyk added a comment - - edited Same thing happens with Strings: Caused by: org.jenkinsci.plugins.scriptsecurity.sandbox.RejectedAccessException: unclassified staticMethod Build $INIT java.lang. String java.lang. Integer I think this happens on call to this function: def commitHash() { sh 'git rev-parse HEAD > GIT_COMMIT' return readFile( 'GIT_COMMIT' ).trim() }

          Code changed in jenkins
          User: Jesse Glick
          Path:
          src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/GroovyCallSiteSelector.java
          src/test/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/SandboxInterceptorTest.java
          http://jenkins-ci.org/commit/script-security-plugin/5b4623a06fe580a7beca083948fc9d99adac1b76
          Log:
          Merge pull request #58 from magnusr/feature/enums

          [FIXED JENKINS-33023] Support enum initializers

          Compare: https://github.com/jenkinsci/script-security-plugin/compare/65d1e7d0e721...5b4623a06fe5

          SCM/JIRA link daemon added a comment - Code changed in jenkins User: Jesse Glick Path: src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/GroovyCallSiteSelector.java src/test/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/SandboxInterceptorTest.java http://jenkins-ci.org/commit/script-security-plugin/5b4623a06fe580a7beca083948fc9d99adac1b76 Log: Merge pull request #58 from magnusr/feature/enums [FIXED JENKINS-33023] Support enum initializers Compare: https://github.com/jenkinsci/script-security-plugin/compare/65d1e7d0e721...5b4623a06fe5

          Jesse Glick added a comment -

          You say it passed in Jenkins 1.x but fails in 2.x? Perhaps a matter of Groovy 1.x vs. 2.x (the bundled version was updated).

          Jesse Glick added a comment - You say it passed in Jenkins 1.x but fails in 2.x? Perhaps a matter of Groovy 1.x vs. 2.x (the bundled version was updated).

          krzyk added a comment -

          I also confirm that the problem appeared when I upgraded to Jenkins 2.x

          krzyk added a comment - I also confirm that the problem appeared when I upgraded to Jenkins 2.x

          Code changed in jenkins
          User: Jesse Glick
          Path:
          src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/whitelists/EnumeratingWhitelist.java
          src/main/resources/org/jenkinsci/plugins/scriptsecurity/sandbox/whitelists/generic-whitelist
          src/test/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/SandboxInterceptorTest.java
          http://jenkins-ci.org/commit/script-security-plugin/c5443401bbe7984bacc731f331fa4b35c5f481dd
          Log:
          JENKINS-33023 Making sure we can really use enums without extra whitelisting.

          SCM/JIRA link daemon added a comment - Code changed in jenkins User: Jesse Glick Path: src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/whitelists/EnumeratingWhitelist.java src/main/resources/org/jenkinsci/plugins/scriptsecurity/sandbox/whitelists/generic-whitelist src/test/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/SandboxInterceptorTest.java http://jenkins-ci.org/commit/script-security-plugin/c5443401bbe7984bacc731f331fa4b35c5f481dd Log: JENKINS-33023 Making sure we can really use enums without extra whitelisting.

          Code changed in jenkins
          User: Jesse Glick
          Path:
          src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/whitelists/EnumeratingWhitelist.java
          src/main/resources/org/jenkinsci/plugins/scriptsecurity/sandbox/whitelists/generic-whitelist
          src/test/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/SandboxInterceptorTest.java
          http://jenkins-ci.org/commit/script-security-plugin/00d5aaf7a1a6d8a719183ff946f2c986d85178d3
          Log:
          Merge pull request #61 from jglick/enums-cleanup

          JENKINS-33023 Making sure we can really use enums without extra whitelisting

          Compare: https://github.com/jenkinsci/script-security-plugin/compare/cbcf93730504...00d5aaf7a1a6

          SCM/JIRA link daemon added a comment - Code changed in jenkins User: Jesse Glick Path: src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/whitelists/EnumeratingWhitelist.java src/main/resources/org/jenkinsci/plugins/scriptsecurity/sandbox/whitelists/generic-whitelist src/test/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/SandboxInterceptorTest.java http://jenkins-ci.org/commit/script-security-plugin/00d5aaf7a1a6d8a719183ff946f2c986d85178d3 Log: Merge pull request #61 from jglick/enums-cleanup JENKINS-33023 Making sure we can really use enums without extra whitelisting Compare: https://github.com/jenkinsci/script-security-plugin/compare/cbcf93730504...00d5aaf7a1a6

          Code changed in jenkins
          User: Jesse Glick
          Path:
          src/main/resources/org/jenkinsci/plugins/scriptsecurity/sandbox/whitelists/generic-whitelist
          src/test/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/SandboxInterceptorTest.java
          http://jenkins-ci.org/commit/script-security-plugin/57d6eb30126ea3dbebc71e67cc5719e799fb6d83
          Log:
          JENKINS-33023 Expanding test case to show that binary enums are OK too.

          SCM/JIRA link daemon added a comment - Code changed in jenkins User: Jesse Glick Path: src/main/resources/org/jenkinsci/plugins/scriptsecurity/sandbox/whitelists/generic-whitelist src/test/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/SandboxInterceptorTest.java http://jenkins-ci.org/commit/script-security-plugin/57d6eb30126ea3dbebc71e67cc5719e799fb6d83 Log: JENKINS-33023 Expanding test case to show that binary enums are OK too.

          Marcus Klein added a comment -

          I tried to use the simplest form of an enumeration in Java:

          enum Thing {
            FIRST,
            SECOND;
          }
          Thing thing = Thing.FIRST;
          

          This gives me a sandbox error:

          org.jenkinsci.plugins.scriptsecurity.sandbox.RejectedAccessException: Scripts not permitted to use new java.util.LinkedHashMap
          	at org.jenkinsci.plugins.scriptsecurity.sandbox.whitelists.StaticWhitelist.rejectNew(StaticWhitelist.java:184)
          	at org.jenkinsci.plugins.scriptsecurity.sandbox.groovy.SandboxInterceptor.onNewInstance(SandboxInterceptor.java:148)
          	at org.kohsuke.groovy.sandbox.impl.Checker$3.call(Checker.java:197)
          	at org.kohsuke.groovy.sandbox.impl.Checker.checkedConstructor(Checker.java:202)
          	at org.kohsuke.groovy.sandbox.impl.Checker$checkedConstructor$0.callStatic(Unknown Source)
          	at org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCallStatic(CallSiteArray.java:56)
          	at org.codehaus.groovy.runtime.callsite.AbstractCallSite.callStatic(AbstractCallSite.java:194)
          	at org.codehaus.groovy.runtime.callsite.AbstractCallSite.callStatic(AbstractCallSite.java:214)
          	at Thing.<init>(WorkflowScript)
          	at Thing.$INIT(WorkflowScript)
          	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
          	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
          	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
          	at java.lang.reflect.Method.invoke(Method.java:498)
          	at org.codehaus.groovy.reflection.CachedMethod.invoke(CachedMethod.java:93)
          	at groovy.lang.MetaMethod.doMethodInvoke(MetaMethod.java:325)
          	at org.codehaus.groovy.runtime.callsite.StaticMetaMethodSite.invoke(StaticMetaMethodSite.java:46)
          	at org.codehaus.groovy.runtime.callsite.StaticMetaMethodSite.callStatic(StaticMetaMethodSite.java:102)
          	at org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCallStatic(CallSiteArray.java:56)
          	at org.codehaus.groovy.runtime.callsite.AbstractCallSite.callStatic(AbstractCallSite.java:194)
          	at org.kohsuke.groovy.sandbox.impl.Checker$2.call(Checker.java:188)
          	at org.kohsuke.groovy.sandbox.GroovyInterceptor.onStaticCall(GroovyInterceptor.java:35)
          	at org.jenkinsci.plugins.scriptsecurity.sandbox.groovy.SandboxInterceptor.onStaticCall(SandboxInterceptor.java:158)
          	at org.kohsuke.groovy.sandbox.impl.Checker$2.call(Checker.java:186)
          	at org.kohsuke.groovy.sandbox.impl.Checker.checkedStaticCall(Checker.java:190)
          	at org.kohsuke.groovy.sandbox.impl.Checker$checkedStaticCall.callStatic(Unknown Source)
          	at org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCallStatic(CallSiteArray.java:56)
          	at org.codehaus.groovy.runtime.callsite.AbstractCallSite.callStatic(AbstractCallSite.java:194)
          	at org.codehaus.groovy.runtime.callsite.AbstractCallSite.callStatic(AbstractCallSite.java:222)
          	at Thing.<clinit>(WorkflowScript)
          	at sun.misc.Unsafe.ensureClassInitialized(Native Method)
          	at sun.reflect.UnsafeFieldAccessorFactory.newFieldAccessor(UnsafeFieldAccessorFactory.java:43)
          	at sun.reflect.ReflectionFactory.newFieldAccessor(ReflectionFactory.java:156)
          	at java.lang.reflect.Field.acquireFieldAccessor(Field.java:1088)
          	at java.lang.reflect.Field.getFieldAccessor(Field.java:1069)
          	at java.lang.reflect.Field.get(Field.java:393)
          	at org.codehaus.groovy.reflection.CachedField.getProperty(CachedField.java:54)
          	at groovy.lang.MetaClassImpl.getProperty(MetaClassImpl.java:1803)
          	at groovy.lang.MetaClassImpl.getProperty(MetaClassImpl.java:3758)
          	at org.codehaus.groovy.runtime.InvokerHelper.getProperty(InvokerHelper.java:177)
          	at org.codehaus.groovy.runtime.ScriptBytecodeAdapter.getProperty(ScriptBytecodeAdapter.java:456)
          	at org.kohsuke.groovy.sandbox.impl.Checker$6.call(Checker.java:286)
          	at org.kohsuke.groovy.sandbox.GroovyInterceptor.onGetProperty(GroovyInterceptor.java:68)
          	at org.jenkinsci.plugins.scriptsecurity.sandbox.groovy.SandboxInterceptor.onGetProperty(SandboxInterceptor.java:368)
          	at org.kohsuke.groovy.sandbox.impl.Checker$6.call(Checker.java:284)
          	at org.kohsuke.groovy.sandbox.impl.Checker.checkedGetProperty(Checker.java:288)
          	at com.cloudbees.groovy.cps.sandbox.SandboxInvoker.getProperty(SandboxInvoker.java:29)
          	at com.cloudbees.groovy.cps.impl.PropertyAccessBlock.rawGet(PropertyAccessBlock.java:20)
          Caused: java.lang.ExceptionInInitializerError
          	at sun.misc.Unsafe.ensureClassInitialized(Native Method)
          	at sun.reflect.UnsafeFieldAccessorFactory.newFieldAccessor(UnsafeFieldAccessorFactory.java:43)
          	at sun.reflect.ReflectionFactory.newFieldAccessor(ReflectionFactory.java:156)
          	at java.lang.reflect.Field.acquireFieldAccessor(Field.java:1088)
          	at java.lang.reflect.Field.getFieldAccessor(Field.java:1069)
          	at java.lang.reflect.Field.get(Field.java:393)
          	at org.codehaus.groovy.reflection.CachedField.getProperty(CachedField.java:54)
          	at groovy.lang.MetaClassImpl.getProperty(MetaClassImpl.java:1803)
          	at groovy.lang.MetaClassImpl.getProperty(MetaClassImpl.java:3758)
          	at org.codehaus.groovy.runtime.InvokerHelper.getProperty(InvokerHelper.java:177)
          	at org.codehaus.groovy.runtime.ScriptBytecodeAdapter.getProperty(ScriptBytecodeAdapter.java:456)
          	at org.kohsuke.groovy.sandbox.impl.Checker$6.call(Checker.java:286)
          	at org.kohsuke.groovy.sandbox.GroovyInterceptor.onGetProperty(GroovyInterceptor.java:68)
          	at org.jenkinsci.plugins.scriptsecurity.sandbox.groovy.SandboxInterceptor.onGetProperty(SandboxInterceptor.java:368)
          	at org.kohsuke.groovy.sandbox.impl.Checker$6.call(Checker.java:284)
          	at org.kohsuke.groovy.sandbox.impl.Checker.checkedGetProperty(Checker.java:288)
          	at com.cloudbees.groovy.cps.sandbox.SandboxInvoker.getProperty(SandboxInvoker.java:29)
          	at com.cloudbees.groovy.cps.impl.PropertyAccessBlock.rawGet(PropertyAccessBlock.java:20)
          	at WorkflowScript.run(WorkflowScript:6)
          	at ___cps.transform___(Native Method)
          	at com.cloudbees.groovy.cps.impl.PropertyishBlock$ContinuationImpl.get(PropertyishBlock.java:74)
          	at com.cloudbees.groovy.cps.LValueBlock$GetAdapter.receive(LValueBlock.java:30)
          	at com.cloudbees.groovy.cps.impl.PropertyishBlock$ContinuationImpl.fixName(PropertyishBlock.java:66)
          	at sun.reflect.GeneratedMethodAccessor371.invoke(Unknown Source)
          	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
          	at java.lang.reflect.Method.invoke(Method.java:498)
          	at com.cloudbees.groovy.cps.impl.ContinuationPtr$ContinuationImpl.receive(ContinuationPtr.java:72)
          	at com.cloudbees.groovy.cps.impl.ConstantBlock.eval(ConstantBlock.java:21)
          	at com.cloudbees.groovy.cps.Next.step(Next.java:83)
          	at com.cloudbees.groovy.cps.Continuable$1.call(Continuable.java:174)
          	at com.cloudbees.groovy.cps.Continuable$1.call(Continuable.java:163)
          	at org.codehaus.groovy.runtime.GroovyCategorySupport$ThreadCategoryInfo.use(GroovyCategorySupport.java:122)
          	at org.codehaus.groovy.runtime.GroovyCategorySupport.use(GroovyCategorySupport.java:261)
          	at com.cloudbees.groovy.cps.Continuable.run0(Continuable.java:163)
          	at org.jenkinsci.plugins.workflow.cps.SandboxContinuable.access$001(SandboxContinuable.java:19)
          	at org.jenkinsci.plugins.workflow.cps.SandboxContinuable$1.call(SandboxContinuable.java:35)
          	at org.jenkinsci.plugins.workflow.cps.SandboxContinuable$1.call(SandboxContinuable.java:32)
          	at org.jenkinsci.plugins.scriptsecurity.sandbox.groovy.GroovySandbox.runInSandbox(GroovySandbox.java:108)
          	at org.jenkinsci.plugins.workflow.cps.SandboxContinuable.run0(SandboxContinuable.java:32)
          	at org.jenkinsci.plugins.workflow.cps.CpsThread.runNextChunk(CpsThread.java:174)
          	at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup.run(CpsThreadGroup.java:331)
          	at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup.access$100(CpsThreadGroup.java:82)
          	at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup$2.call(CpsThreadGroup.java:243)
          	at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup$2.call(CpsThreadGroup.java:231)
          	at org.jenkinsci.plugins.workflow.cps.CpsVmExecutorService$2.call(CpsVmExecutorService.java:64)
          	at java.util.concurrent.FutureTask.run(FutureTask.java:266)
          	at hudson.remoting.SingleLaneExecutorService$1.run(SingleLaneExecutorService.java:131)
          	at jenkins.util.ContextResettingExecutorService$1.run(ContextResettingExecutorService.java:28)
          	at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
          	at java.util.concurrent.FutureTask.run(FutureTask.java:266)
          	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
          	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
          

          Adding a public constructor solves the sandbox problem:

          enum Thing {
            FIRST,
            SECOND;
            public Thing() {}
          }
          Thing thing = Thing.FIRST;
          

          Is this desired behaviour?

          Marcus Klein added a comment - I tried to use the simplest form of an enumeration in Java: enum Thing { FIRST, SECOND; } Thing thing = Thing.FIRST; This gives me a sandbox error: org.jenkinsci.plugins.scriptsecurity.sandbox.RejectedAccessException: Scripts not permitted to use new java.util.LinkedHashMap at org.jenkinsci.plugins.scriptsecurity.sandbox.whitelists.StaticWhitelist.rejectNew(StaticWhitelist.java:184) at org.jenkinsci.plugins.scriptsecurity.sandbox.groovy.SandboxInterceptor.onNewInstance(SandboxInterceptor.java:148) at org.kohsuke.groovy.sandbox.impl.Checker$3.call(Checker.java:197) at org.kohsuke.groovy.sandbox.impl.Checker.checkedConstructor(Checker.java:202) at org.kohsuke.groovy.sandbox.impl.Checker$checkedConstructor$0.callStatic(Unknown Source) at org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCallStatic(CallSiteArray.java:56) at org.codehaus.groovy.runtime.callsite.AbstractCallSite.callStatic(AbstractCallSite.java:194) at org.codehaus.groovy.runtime.callsite.AbstractCallSite.callStatic(AbstractCallSite.java:214) at Thing.<init>(WorkflowScript) at Thing.$INIT(WorkflowScript) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:498) at org.codehaus.groovy.reflection.CachedMethod.invoke(CachedMethod.java:93) at groovy.lang.MetaMethod.doMethodInvoke(MetaMethod.java:325) at org.codehaus.groovy.runtime.callsite.StaticMetaMethodSite.invoke(StaticMetaMethodSite.java:46) at org.codehaus.groovy.runtime.callsite.StaticMetaMethodSite.callStatic(StaticMetaMethodSite.java:102) at org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCallStatic(CallSiteArray.java:56) at org.codehaus.groovy.runtime.callsite.AbstractCallSite.callStatic(AbstractCallSite.java:194) at org.kohsuke.groovy.sandbox.impl.Checker$2.call(Checker.java:188) at org.kohsuke.groovy.sandbox.GroovyInterceptor.onStaticCall(GroovyInterceptor.java:35) at org.jenkinsci.plugins.scriptsecurity.sandbox.groovy.SandboxInterceptor.onStaticCall(SandboxInterceptor.java:158) at org.kohsuke.groovy.sandbox.impl.Checker$2.call(Checker.java:186) at org.kohsuke.groovy.sandbox.impl.Checker.checkedStaticCall(Checker.java:190) at org.kohsuke.groovy.sandbox.impl.Checker$checkedStaticCall.callStatic(Unknown Source) at org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCallStatic(CallSiteArray.java:56) at org.codehaus.groovy.runtime.callsite.AbstractCallSite.callStatic(AbstractCallSite.java:194) at org.codehaus.groovy.runtime.callsite.AbstractCallSite.callStatic(AbstractCallSite.java:222) at Thing.<clinit>(WorkflowScript) at sun.misc.Unsafe.ensureClassInitialized(Native Method) at sun.reflect.UnsafeFieldAccessorFactory.newFieldAccessor(UnsafeFieldAccessorFactory.java:43) at sun.reflect.ReflectionFactory.newFieldAccessor(ReflectionFactory.java:156) at java.lang.reflect.Field.acquireFieldAccessor(Field.java:1088) at java.lang.reflect.Field.getFieldAccessor(Field.java:1069) at java.lang.reflect.Field.get(Field.java:393) at org.codehaus.groovy.reflection.CachedField.getProperty(CachedField.java:54) at groovy.lang.MetaClassImpl.getProperty(MetaClassImpl.java:1803) at groovy.lang.MetaClassImpl.getProperty(MetaClassImpl.java:3758) at org.codehaus.groovy.runtime.InvokerHelper.getProperty(InvokerHelper.java:177) at org.codehaus.groovy.runtime.ScriptBytecodeAdapter.getProperty(ScriptBytecodeAdapter.java:456) at org.kohsuke.groovy.sandbox.impl.Checker$6.call(Checker.java:286) at org.kohsuke.groovy.sandbox.GroovyInterceptor.onGetProperty(GroovyInterceptor.java:68) at org.jenkinsci.plugins.scriptsecurity.sandbox.groovy.SandboxInterceptor.onGetProperty(SandboxInterceptor.java:368) at org.kohsuke.groovy.sandbox.impl.Checker$6.call(Checker.java:284) at org.kohsuke.groovy.sandbox.impl.Checker.checkedGetProperty(Checker.java:288) at com.cloudbees.groovy.cps.sandbox.SandboxInvoker.getProperty(SandboxInvoker.java:29) at com.cloudbees.groovy.cps.impl.PropertyAccessBlock.rawGet(PropertyAccessBlock.java:20) Caused: java.lang.ExceptionInInitializerError at sun.misc.Unsafe.ensureClassInitialized(Native Method) at sun.reflect.UnsafeFieldAccessorFactory.newFieldAccessor(UnsafeFieldAccessorFactory.java:43) at sun.reflect.ReflectionFactory.newFieldAccessor(ReflectionFactory.java:156) at java.lang.reflect.Field.acquireFieldAccessor(Field.java:1088) at java.lang.reflect.Field.getFieldAccessor(Field.java:1069) at java.lang.reflect.Field.get(Field.java:393) at org.codehaus.groovy.reflection.CachedField.getProperty(CachedField.java:54) at groovy.lang.MetaClassImpl.getProperty(MetaClassImpl.java:1803) at groovy.lang.MetaClassImpl.getProperty(MetaClassImpl.java:3758) at org.codehaus.groovy.runtime.InvokerHelper.getProperty(InvokerHelper.java:177) at org.codehaus.groovy.runtime.ScriptBytecodeAdapter.getProperty(ScriptBytecodeAdapter.java:456) at org.kohsuke.groovy.sandbox.impl.Checker$6.call(Checker.java:286) at org.kohsuke.groovy.sandbox.GroovyInterceptor.onGetProperty(GroovyInterceptor.java:68) at org.jenkinsci.plugins.scriptsecurity.sandbox.groovy.SandboxInterceptor.onGetProperty(SandboxInterceptor.java:368) at org.kohsuke.groovy.sandbox.impl.Checker$6.call(Checker.java:284) at org.kohsuke.groovy.sandbox.impl.Checker.checkedGetProperty(Checker.java:288) at com.cloudbees.groovy.cps.sandbox.SandboxInvoker.getProperty(SandboxInvoker.java:29) at com.cloudbees.groovy.cps.impl.PropertyAccessBlock.rawGet(PropertyAccessBlock.java:20) at WorkflowScript.run(WorkflowScript:6) at ___cps.transform___(Native Method) at com.cloudbees.groovy.cps.impl.PropertyishBlock$ContinuationImpl.get(PropertyishBlock.java:74) at com.cloudbees.groovy.cps.LValueBlock$GetAdapter.receive(LValueBlock.java:30) at com.cloudbees.groovy.cps.impl.PropertyishBlock$ContinuationImpl.fixName(PropertyishBlock.java:66) at sun.reflect.GeneratedMethodAccessor371.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:498) at com.cloudbees.groovy.cps.impl.ContinuationPtr$ContinuationImpl.receive(ContinuationPtr.java:72) at com.cloudbees.groovy.cps.impl.ConstantBlock.eval(ConstantBlock.java:21) at com.cloudbees.groovy.cps.Next.step(Next.java:83) at com.cloudbees.groovy.cps.Continuable$1.call(Continuable.java:174) at com.cloudbees.groovy.cps.Continuable$1.call(Continuable.java:163) at org.codehaus.groovy.runtime.GroovyCategorySupport$ThreadCategoryInfo.use(GroovyCategorySupport.java:122) at org.codehaus.groovy.runtime.GroovyCategorySupport.use(GroovyCategorySupport.java:261) at com.cloudbees.groovy.cps.Continuable.run0(Continuable.java:163) at org.jenkinsci.plugins.workflow.cps.SandboxContinuable.access$001(SandboxContinuable.java:19) at org.jenkinsci.plugins.workflow.cps.SandboxContinuable$1.call(SandboxContinuable.java:35) at org.jenkinsci.plugins.workflow.cps.SandboxContinuable$1.call(SandboxContinuable.java:32) at org.jenkinsci.plugins.scriptsecurity.sandbox.groovy.GroovySandbox.runInSandbox(GroovySandbox.java:108) at org.jenkinsci.plugins.workflow.cps.SandboxContinuable.run0(SandboxContinuable.java:32) at org.jenkinsci.plugins.workflow.cps.CpsThread.runNextChunk(CpsThread.java:174) at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup.run(CpsThreadGroup.java:331) at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup.access$100(CpsThreadGroup.java:82) at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup$2.call(CpsThreadGroup.java:243) at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup$2.call(CpsThreadGroup.java:231) at org.jenkinsci.plugins.workflow.cps.CpsVmExecutorService$2.call(CpsVmExecutorService.java:64) at java.util.concurrent.FutureTask.run(FutureTask.java:266) at hudson.remoting.SingleLaneExecutorService$1.run(SingleLaneExecutorService.java:131) at jenkins.util.ContextResettingExecutorService$1.run(ContextResettingExecutorService.java:28) at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511) at java.util.concurrent.FutureTask.run(FutureTask.java:266) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) Adding a public constructor solves the sandbox problem: enum Thing { FIRST, SECOND; public Thing() {} } Thing thing = Thing.FIRST; Is this desired behaviour?

          Similar behavior in Jenkins 2.235.x, similar error "Scripts not permitted to use new java.util.LinkedHashMap" showing that jenkins is trying to use the LinkedHashMap in the background for plain-old enums. So same question, is this the desired behavior ?

          Uliul Carpatin added a comment - Similar behavior in Jenkins 2.235.x, similar error "Scripts not permitted to use new java.util.LinkedHashMap" showing that jenkins is trying to use the LinkedHashMap in the background for plain-old enums. So same question, is this the desired behavior ?

          Jesse Glick added a comment -

          Similar behavior

          Not helpful. The exact syntax matters. Each case is basically a distinct bug.

          Jesse Glick added a comment - Similar behavior Not helpful. The exact syntax matters. Each case is basically a distinct bug.

            Unassigned Unassigned
            valones Flávio Augusto Valones
            Votes:
            4 Vote for this issue
            Watchers:
            12 Start watching this issue

              Created:
              Updated: