Details
-
Bug
-
Status: Resolved (View Workflow)
-
Major
-
Resolution: Fixed
-
Jenkins 2.19.1
Pipeline 2.4
Pipeline: Groovy 2.23
Active Choices Plug-in: 1.5.1
-
-
script-security 1.72
Description
Since upgrading to Pipeline: Active Choices Plug-in: 1.5.1 the Groovy script is no longer serializable and therefore throws NotSerializableException when input is requested.
Stacktrace
java.io.NotSerializableException: org.jenkinsci.plugins.scriptsecurity.sandbox.groovy.SecureGroovyScript at org.jboss.marshalling.river.RiverMarshaller.doWriteObject(RiverMarshaller.java:860) at org.jboss.marshalling.river.RiverMarshaller.doWriteFields(RiverMarshaller.java:1032) at org.jboss.marshalling.river.RiverMarshaller.doWriteSerializableObject(RiverMarshaller.java:988) at org.jboss.marshalling.river.RiverMarshaller.doWriteObject(RiverMarshaller.java:854) at org.jboss.marshalling.river.RiverMarshaller.doWriteFields(RiverMarshaller.java:1032) at org.jboss.marshalling.river.RiverMarshaller.doWriteSerializableObject(RiverMarshaller.java:988) at org.jboss.marshalling.river.RiverMarshaller.doWriteSerializableObject(RiverMarshaller.java:967) at org.jboss.marshalling.river.RiverMarshaller.doWriteObject(RiverMarshaller.java:854) at org.jboss.marshalling.river.RiverMarshaller.doWriteObject(RiverMarshaller.java:569) at org.jboss.marshalling.river.RiverMarshaller.doWriteFields(RiverMarshaller.java:1032) at org.jboss.marshalling.river.RiverMarshaller.doWriteSerializableObject(RiverMarshaller.java:988) at org.jboss.marshalling.river.RiverMarshaller.doWriteObject(RiverMarshaller.java:854) at org.jboss.marshalling.river.RiverMarshaller.doWriteFields(RiverMarshaller.java:1032) at org.jboss.marshalling.river.RiverMarshaller.doWriteSerializableObject(RiverMarshaller.java:988) at org.jboss.marshalling.river.RiverMarshaller.doWriteObject(RiverMarshaller.java:854) at org.jboss.marshalling.river.RiverMarshaller.doWriteFields(RiverMarshaller.java:1032) at org.jboss.marshalling.river.RiverMarshaller.doWriteSerializableObject(RiverMarshaller.java:988) at org.jboss.marshalling.river.RiverMarshaller.doWriteObject(RiverMarshaller.java:854) at org.jboss.marshalling.river.BlockMarshaller.doWriteObject(BlockMarshaller.java:65) at org.jboss.marshalling.river.BlockMarshaller.writeObject(BlockMarshaller.java:56) at org.jboss.marshalling.MarshallerObjectOutputStream.writeObjectOverride(MarshallerObjectOutputStream.java:50) at org.jboss.marshalling.river.RiverObjectOutputStream.writeObjectOverride(RiverObjectOutputStream.java:179) at java.io.ObjectOutputStream.writeObject(ObjectOutputStream.java:344) at java.util.TreeMap.writeObject(TreeMap.java:2434) at sun.reflect.GeneratedMethodAccessor357.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:483) at org.jboss.marshalling.reflect.SerializableClass.callWriteObject(SerializableClass.java:271) at org.jboss.marshalling.river.RiverMarshaller.doWriteSerializableObject(RiverMarshaller.java:976) at org.jboss.marshalling.river.RiverMarshaller.doWriteObject(RiverMarshaller.java:854) at org.jboss.marshalling.river.RiverMarshaller.doWriteFields(RiverMarshaller.java:1032) at org.jboss.marshalling.river.RiverMarshaller.doWriteSerializableObject(RiverMarshaller.java:988) at org.jboss.marshalling.river.RiverMarshaller.doWriteObject(RiverMarshaller.java:854) at org.jboss.marshalling.AbstractObjectOutput.writeObject(AbstractObjectOutput.java:58) at org.jboss.marshalling.AbstractMarshaller.writeObject(AbstractMarshaller.java:111) at org.jenkinsci.plugins.workflow.support.pickles.serialization.RiverWriter.writeObject(RiverWriter.java:132) at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup.saveProgram(CpsThreadGroup.java:433) at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup.saveProgram(CpsThreadGroup.java:412) at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup.run(CpsThreadGroup.java:357) at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup.access$100(CpsThreadGroup.java:78) at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup$2.call(CpsThreadGroup.java:236) at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup$2.call(CpsThreadGroup.java:224) at org.jenkinsci.plugins.workflow.cps.CpsVmExecutorService$2.call(CpsVmExecutorService.java:63) at java.util.concurrent.FutureTask.run(FutureTask.java:266) at hudson.remoting.SingleLaneExecutorService$1.run(SingleLaneExecutorService.java:112) at jenkins.util.ContextResettingExecutorService$1.run(ContextResettingExecutorService.java:28) at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511) at java.util.concurrent.FutureTask.run(FutureTask.java:266) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) at java.lang.Thread.run(Thread.java:745) Caused by: an exception which occurred: in field secureFallbackScript in field script in field parameters in field input in field step in field threads in object org.jenkinsci.plugins.workflow.cps.CpsThreadGroup@7145f3ac
Pipeline Code
node {
def inputValues
def yesNo = readFile(env.JENKINS_ROOT + '/dropdowns/yesno.txt')
stage('Build Properties') {
inputValues = input(
id: 'userInput', message: 'AutoDeploy', ok: 'GO GO GO',
parameters: [
[
$class: 'ChoiceParameter', choiceType: 'PT_RADIO', description: 'Auto-deploy after upload', filterable: false, name: 'autodeploy', randomName: 'choice-para-9552882322810329', script: [$class: 'GroovyScript', fallbackScript: [classpath: [], sandbox: true, script: ''], script: [classpath: [], sandbox: true, script: yesNo]]
]
]
)
}
}
EDIT: Further analysis
The "Serializable chain" seems to be broken:
- Active Choice Plugin parameters implement Serializable via ParameterDefinition inheritance
- Those implementation can happen to contain a non-transient GroovyScript
- GroovyScript implements Serializable (via Script) but also contains a non-transient SecureGroovyScript
- SecureGroovyScript does not implement Serializable
The Pipeline/Pipeline-input-step plugin happens to be one of the components making actual use of the ParameterDefinition implements Serializable contract but this issue isn't strictly tied to pipelines.
Attachments
Issue Links
- relates to
-
JENKINS-28732 Add support to the script security plug-in to Active Choices
-
- Closed
-
- links to
Activity
The problem seems more related to compliance to hudson.model.ParameterDefinition contract which implements Serializable instead of being specific to Pipelines:
active-choice-plugin parameter implementations contain a non-transient org.biouno.unochoice.model.GroovyScript field (when using Groovy script) which itself contain a non-transient non-Serializable org.jenkinsci.plugins.scriptsecurity.sandbox.groovy.SecureGroovyScript field (as of script-security 1.27), breaking the whole "Serializable chain". A Pipeline script here merely assumes the parameter is compliant to the core "parameter" contract.
Would it be a valid reason to re-open this issue (and maybe rename it to Active Choice Plugin should honor ParameterDefinition serializability)?
In case there are DOM issues for the UI part, I guess another JIRA issue should be created.
Frédéric Chuong
added a comment - - edited The problem seems more related to compliance to hudson.model.ParameterDefinition contract which implements Serializable instead of being specific to Pipelines:
active-choice-plugin parameter implementations contain a non-transient org.biouno.unochoice.model.GroovyScript field (when using Groovy script) which itself contain a non-transient non-Serializable org.jenkinsci.plugins.scriptsecurity.sandbox.groovy.SecureGroovyScript field (as of script-security 1.27), breaking the whole "Serializable chain". A Pipeline script here merely assumes the parameter is compliant to the core "parameter" contract.
Would it be a valid reason to re-open this issue (and maybe rename it to Active Choice Plugin should honor ParameterDefinition serializability )?
In case there are DOM issues for the UI part, I guess another JIRA issue should be created. Hi fchuong,
I marked the issue as resolved as I thought it was related strictly to the pipelines support.
You have a good argument 
I'm keen to spend some time investigating how we could fix it (we just need - probably - look at some other plug-in that does that) and then can discuss pipeline support in a separate issue as you suggested.
Feel free to move the issue to the status you find more appropriate. We had a BioUno meeting recently, and I am going to triage issues in the next days to prepare a new release. This one looks like a low hanging fruit to include.
Cheers
Bruno
Frédéric Chuong
added a comment - Thanks kinow, I'll update the issue details accordingly.
As a first guess, the simplest approach (from the Active Choice Plugin point of view) would be checking with script-security maintainers to see whether SecureGroovyScript could be enhanced to implement Serializable. If that is possible, then it would be a matter of upgrading the script-security dependency to fix this issue.
Frédéric Chuong
added a comment - Thanks kinow , I'll update the issue details accordingly.
As a first guess, the simplest approach (from the Active Choice Plugin point of view) would be checking with script-security maintainers to see whether SecureGroovyScript could be enhanced to implement Serializable . If that is possible, then it would be a matter of upgrading the script-security dependency to fix this issue. Introduced in JENKINS-28732?
I think SecureGroovyScript could be made Serializable.
…at least when sandbox: true. Otherwise it is going to be too complicated to reason about.
chris starling
added a comment - I'm wondering if pipeline support has been added since this ticket, or is there a plan to add support for it?
chris starling
added a comment - I'm wondering if pipeline support has been added since this ticket, or is there a plan to add support for it? 
shagun jian
added a comment - I am also facing this issue, was the fix for NotSerializableException been released?
shagun jian
added a comment - I am also facing this issue, was the fix for NotSerializableException been released? 
Ben Courliss
added a comment - Would be nice to see if this could be fixed. Would love to use ActiveChoices in my declarative pipelines. Ran into this issue today so I'm falling back to a freestyle job.
Ben Courliss
added a comment - Would be nice to see if this could be fixed. Would love to use ActiveChoices in my declarative pipelines. Ran into this issue today so I'm falling back to a freestyle job. A fix for the serialization errors was released in version 1.72 of Script Security plugin.
Thanks for the note dnusbaum! Will try to update it before next release of active-choices.
Will upgrade to 1.72 in 2.3, https://github.com/jenkinsci/active-choices-plugin/pull/34
Sorry, there is no support to Pipeline/Workflow in Active Choices at the moment. The plug-in relies on the Jenkins UI, more specifically on the browser DOM. Without that (IOW within a pipeline context) its behavior is unexpected.
In case you can confirm this issue happens regardless of the pipeline plug-in, i.e. for a normal freestyle job, going to the build with parameter screen, feel free to re-open it.
Thanks