-
New Feature
-
Resolution: Fixed
-
Major
Although you are required to have RUN_SCRIPTS to push anything to workflowLibs, the code is run under the same sandbox settings as the main Pipeline scripts. In the case of a Pipeline script using whole-script approval, it makes sense to be checking RUN_SCRIPTS for libraries. But in the case of Pipeline scripts configured to use the Groovy sandbox, the workflowLibs code is also run in the sandbox—a pointless restriction, since only a trusted user could have written that code. You would expect that the library code would be trusted and run in a privileged mode, so it could safely encapsulate otherwise unsafe method calls.
- is blocking
-
JENKINS-32731 Allow plugins to contribute to Pipeline global library
-
- Resolved
-
- is related to
-
-
- Resolved
-
- relates to
-
JENKINS-31155 Workflow shared library improvements
-
- Closed
-
-
-
- Resolved
-
- links to
[JENKINS-34650] Allow global libraries to bypass the sandbox
| Link |
New:
This issue is related to |
| Remote Link | New: This issue links to "PR 2 (Web Link)" [ 14275 ] |
| Epic Link | New: JENKINS-35391 [ 171184 ] |
| Remote Link | New: This issue links to "Groovy CPS change (Web Link)" [ 14658 ] |
| Workflow | Original: JNJira [ 170820 ] | New: JNJira + In-Review [ 184058 ] |
| Remote Link | New: This issue links to "workflow-cps-plugin PR #33 (Web Link)" [ 14662 ] |
| Remote Link | New: This issue links to "workflow-cps-global-lib-plugin #8 (Web Link)" [ 14663 ] |
| Link |
New:
This issue relates to |
| Status | Original: Open [ 1 ] | New: In Progress [ 3 ] |
| Status | Original: In Progress [ 3 ] | New: In Review [ 10005 ] |