[JENKINS-42551] Able to generate invalid declarative Jenkinsfiles - Jenkins Jira

XML

Word

Printable

Details

Type: Bug
Status: Closed (View Workflow)
Priority: Critical
Resolution: Fixed
Component/s: pipeline-model-definition-plugin
Labels:
None

Similar Issues:

Show

Description

In certain cases, it is possible to generate invalid Jenkinsfiles.

For one thing, we need to escape backslashes.

Additionally, I suggest during the JSON validation, we convert to declarative, and then also validate the declarative file, just to prevent invalid files from ever being created, since we can't actually load them into the editor again.

An example JSON request that generates invalid declarative:

{"pipeline":{"agent":{"type":"any"},"stages":[{"name":"Build","branches":[{"name":"default","steps":[{"name":"sh","arguments":[{"key":"script","value":{"isLiteral":true,"value":"echo 'hello\\'"}}]}]}]}]}}

Attachments

Issue Links

links to

PR #133

Activity

Ascending order - Click to sort in descending order

Keith Zantow created issue - 2017-03-07 18:03

Keith Zantow made changes - 2017-03-07 18:04

Field	Original Value	New Value
Description	In certain cases, it is possible to generate invalid Jenkinsfiles. I suggest during the JSON validation, we convert to declarative, and then also validate the declarative file, just to prevent invalid files from ever being created. An example JSON request that generates invalid declarative: {code:java} {"pipeline":{"agent":{"type":"any"},"stages":[{"name":"Build","branches":[{"name":"default","steps":[{"name":"sh","arguments":[{"key":"script","value":{"isLiteral":true,"value":"echo 'hello\\'"}}]}]}]}]}}{code}	In certain cases, it is possible to generate invalid Jenkinsfiles. For one thing, we need to escape backslashes. Additionally, I suggest during the JSON validation, we convert to declarative, and then also validate the declarative file, just to prevent invalid files from ever being created, since we can't actually load them into the editor again. An example JSON request that generates invalid declarative: {code:java} {"pipeline":{"agent":{"type":"any"},"stages":[{"name":"Build","branches":[{"name":"default","steps":[{"name":"sh","arguments":[{"key":"script","value":{"isLiteral":true,"value":"echo 'hello\\'"}}]}]}]}]}}{code}

Andrew Bayer added a comment - 2017-03-07 18:07

Aaaaah - string hell. Good thought.

Andrew Bayer added a comment - 2017-03-07 18:07 Aaaaah - string hell. Good thought.

Andrew Bayer made changes - 2017-03-09 23:35

Status

Open [ 1 ]

In Progress [ 3 ]

Andrew Bayer made changes - 2017-03-09 23:35

Status

In Progress [ 3 ]

In Review [ 10005 ]

Andrew Bayer added a comment - 2017-03-09 23:35

PR up at https://github.com/jenkinsci/pipeline-model-definition-plugin/pull/133

Andrew Bayer added a comment - 2017-03-09 23:35 PR up at https://github.com/jenkinsci/pipeline-model-definition-plugin/pull/133

Andrew Bayer made changes - 2017-03-09 23:35

Remote Link

This issue links to "PR #133 (Web Link)" [ 15656 ]

SCM/JIRA link daemon added a comment - 2017-03-13 16:25

Code changed in jenkins
User: Andrew Bayer
Path:
pipeline-model-definition/src/main/groovy/org/jenkinsci/plugins/pipeline/modeldefinition/parser/JSONParser.groovy
pipeline-model-definition/src/main/java/org/jenkinsci/plugins/pipeline/modeldefinition/endpoints/ModelConverterAction.java
pipeline-model-definition/src/main/resources/org/jenkinsci/plugins/pipeline/modeldefinition/Messages.properties
pipeline-model-definition/src/test/java/org/jenkinsci/plugins/pipeline/modeldefinition/validator/JSONValidationTest.java
pipeline-model-definition/src/test/resources/json/errors/jsonMismatchedQuotes.json
http://jenkins-ci.org/commit/pipeline-model-definition-plugin/c8d12fa9fd397d9443f4ea40e9d77035b2bd295f
Log:
[FIXED JENKINS-42551] Reject mismatched quotes and other invalid Groovy

So now the JSON string "hello
'" will cause a parse-time error. I
also tweaked JSON validation endpoint to also convert to Jenkinsfile
and validate that, so as to be sure we've actually got JSON that can
be a valid Jenkinsfile, even if it has some kind of gotcha in it like
the one fixed here.

SCM/JIRA link daemon added a comment - 2017-03-13 16:25 Code changed in jenkins User: Andrew Bayer Path: pipeline-model-definition/src/main/groovy/org/jenkinsci/plugins/pipeline/modeldefinition/parser/JSONParser.groovy pipeline-model-definition/src/main/java/org/jenkinsci/plugins/pipeline/modeldefinition/endpoints/ModelConverterAction.java pipeline-model-definition/src/main/resources/org/jenkinsci/plugins/pipeline/modeldefinition/Messages.properties pipeline-model-definition/src/test/java/org/jenkinsci/plugins/pipeline/modeldefinition/validator/JSONValidationTest.java pipeline-model-definition/src/test/resources/json/errors/jsonMismatchedQuotes.json http://jenkins-ci.org/commit/pipeline-model-definition-plugin/c8d12fa9fd397d9443f4ea40e9d77035b2bd295f Log: [FIXED JENKINS-42551] Reject mismatched quotes and other invalid Groovy So now the JSON string "hello '" will cause a parse-time error. I also tweaked JSON validation endpoint to also convert to Jenkinsfile and validate that , so as to be sure we've actually got JSON that can be a valid Jenkinsfile, even if it has some kind of gotcha in it like the one fixed here.

Andrew Bayer made changes - 2017-03-13 16:26

Resolution		Fixed [ 1 ]
Status	In Review [ 10005 ]	Resolved [ 5 ]

Liam Newman added a comment - 2019-10-23 03:21

Bulk closing resolved issues.

Liam Newman added a comment - 2019-10-23 03:21 Bulk closing resolved issues.

Liam Newman made changes - 2019-10-23 03:21

Status

Resolved [ 5 ]

Closed [ 6 ]

People

Assignee:: Andrew Bayer

Reporter:: Keith Zantow

Votes:: 0 Vote for this issue

Watchers:: 4 Start watching this issue

Dates

Created:: 2017-03-07 18:03

Updated:: 2019-10-23 03:21

Resolved:: 2017-03-13 16:26