Details
-
Type:
Bug
-
Status: Resolved (View Workflow)
-
Priority:
Minor
-
Resolution: Fixed
-
Component/s: permissive-script-security-plugin
-
Labels:None
-
Environment:jenkins 2.32.2 (server on redhat linux 7.2)
-
Similar Issues:
Description
Hi,
the plugin runs perfectly BUT it has a tendency to spam jenkins' log files with useless stacktraces.
These messages are on level 'INFO', for sure, but it's still a lot of noise for nothing.
INFO: Unsecure signature found: staticMethod org.jenkinsci.plugins.workflow.cps.Safepoint safepoint org.jenkinsci.plugins.scriptsecurity.sandbox.RejectedAccessException: Scripts not permitted to use staticMethod org.jenkinsci.plugins.workflow.cps.Safepoint safepoint at org.jenkinsci.plugins.scriptsecurity.sandbox.whitelists.StaticWhitelist.rejectStaticMethod(StaticWhitelist.java:190) at org.jenkinsci.plugins.permissivescriptsecurity.PermissiveWhitelist.permitsStaticMethod(PermissiveWhitelist.java:63) at org.jenkinsci.plugins.scriptsecurity.sandbox.whitelists.ProxyWhitelist.permitsStaticMethod(ProxyWhitelist.java:140) at org.jenkinsci.plugins.workflow.cps.GroovyClassLoaderWhitelist.permitsStaticMethod(GroovyClassLoaderWhitelist.java:60) at org.jenkinsci.plugins.scriptsecurity.sandbox.groovy.SandboxInterceptor.onStaticCall(SandboxInterceptor.java:139) at org.kohsuke.groovy.sandbox.impl.Checker$2.call(Checker.java:180) at org.kohsuke.groovy.sandbox.impl.Checker.checkedStaticCall(Checker.java:177) at org.kohsuke.groovy.sandbox.impl.Checker.checkedCall(Checker.java:91) at com.cloudbees.groovy.cps.sandbox.SandboxInvoker.methodCall(SandboxInvoker.java:16) at com.cloudbees.groovy.cps.impl.ContinuationGroup.methodCall(ContinuationGroup.java:57) at com.cloudbees.groovy.cps.impl.FunctionCallBlock$ContinuationImpl.dispatchOrArg(FunctionCallBlock.java:109) at com.cloudbees.groovy.cps.impl.FunctionCallBlock$ContinuationImpl.fixName(FunctionCallBlock.java:77) at sun.reflect.GeneratedMethodAccessor127.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:498) at com.cloudbees.groovy.cps.impl.ContinuationPtr$ContinuationImpl.receive(ContinuationPtr.java:72) at com.cloudbees.groovy.cps.impl.ConstantBlock.eval(ConstantBlock.java:21) at com.cloudbees.groovy.cps.Next.step(Next.java:58) at com.cloudbees.groovy.cps.Continuable.run0(Continuable.java:154) at org.jenkinsci.plugins.workflow.cps.SandboxContinuable.access$001(SandboxContinuable.java:18) at org.jenkinsci.plugins.workflow.cps.SandboxContinuable$1.call(SandboxContinuable.java:33) at org.jenkinsci.plugins.workflow.cps.SandboxContinuable$1.call(SandboxContinuable.java:30) at org.jenkinsci.plugins.scriptsecurity.sandbox.groovy.GroovySandbox.runInSandbox(GroovySandbox.java:108) at org.jenkinsci.plugins.workflow.cps.SandboxContinuable.run0(SandboxContinuable.java:30)
Have the exception message would be enough :
INFO: Unsecure signature found: staticMethod org.jenkinsci.plugins.workflow.cps.Safepoint safepoint org.jenkinsci.plugins.scriptsecurity.sandbox.RejectedAccessException: Scripts not permitted to use staticMethod org.jenkinsci.plugins.workflow.cps.Safepoint safepoint
It sure is a minor issue ... yet when looking for real errors in log files it's painful to skip all these stacks.
Why not adding the full log message when logging level set to DEBUG.
I believe one of the most recent plugin changes to Jenkins has changed this behavior since this used to work just fine but in the last week or so. Unfortunatly I'm not sure which plugin may be conflicting with the permissive script plugin.
Verisons:
Jenkins: 1.164.2 LTS
Permissive Script Security Plugin: 0.3
Script Security Plugin: 1.58
We have about 30 other plugins as well, just thought these would be the most relavent.