As users of Pipeline it is painful using scripts run through the Script Security engine, because there are frequent Script Approvals needed due to unapproved method calls.  In many cases the methods are safe, just not enumerated on the existing whitelist. 

      Generally we've tried to solve this by building a comprehensive list of method signatures, but what if we made it easier to whitelist groups of methods, by adding wildcard options for methods. 

      The simplest implementation would be to just allow * to stand in for any sequence of characters in one of the EnumeratingWhitelist entry fields - simpler than supporting full regex.

          [JENKINS-46692] Support Wildcard Whitelists

          Sam Van Oort added a comment - - edited

          One solution to bypass the poor O( n ) performance of evaluating these wildcards for each wildcard entry is to use a cache to bypass the need for explicit checking against each rule. 

          Sam Van Oort added a comment - - edited One solution to bypass the poor O( n ) performance of evaluating these wildcards for each wildcard entry is to use a cache to bypass the need for explicit checking against each rule. 

          Sam Van Oort added a comment -

          There's already some wildcarding support and IMO that's adequate.  Also it has been pointed out that wildcarding is not necessarily safe to use. 

          Sam Van Oort added a comment - There's already some wildcarding support and IMO that's adequate.  Also it has been pointed out that wildcarding is not necessarily safe to use. 

            svanoort Sam Van Oort
            svanoort Sam Van Oort
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated:
              Resolved: