-
Bug
-
Resolution: Duplicate
-
Minor
-
Jenkins Artifactory Plugin version: 2.14.0
Suse Enterprise Linux 12
Jenkins 2.102 (Windows Master - Linux Slave)
Pipeline build is failing after deploying artifact to Artifactory.
I have added JVM arg to both slave and master
-Dhudson.remoting.ClassFilter=org.jfrog.build.client.DeployDetails
Error from log:
java.lang.SecurityException: Rejected: org.jfrog.build.client.DeployDetails
at hudson.remoting.ClassFilter.check(ClassFilter.java:75)
at hudson.remoting.MultiClassLoaderSerializer$Input.resolveClass(MultiClassLoaderSerializer.java:129)
at java.io.ObjectInputStream.readNonProxyDesc(Unknown Source)
at java.io.ObjectInputStream.readClassDesc(Unknown Source)
at java.io.ObjectInputStream.readOrdinaryObject(Unknown Source)
at java.io.ObjectInputStream.readObject0(Unknown Source)
at java.io.ObjectInputStream.readObject(Unknown Source)
at java.util.ArrayList.readObject(Unknown Source)
at sun.reflect.GeneratedMethodAccessor123.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at java.io.ObjectStreamClass.invokeReadObject(Unknown Source)
at java.io.ObjectInputStream.readSerialData(Unknown Source)
at java.io.ObjectInputStream.readOrdinaryObject(Unknown Source)
at java.io.ObjectInputStream.readObject0(Unknown Source)
at java.io.ObjectInputStream.readObject(Unknown Source)
at hudson.remoting.UserRequest.deserialize(UserRequest.java:277)
at hudson.remoting.UserResponse.retrieve(UserRequest.java:310)
at hudson.remoting.Channel.call(Channel.java:909)
at hudson.FilePath.act(FilePath.java:998)
at hudson.FilePath.act(FilePath.java:987)
at org.jfrog.hudson.pipeline.types.buildInfo.BuildInfo.appendDeployableArtifacts(BuildInfo.java:159)
at org.jfrog.hudson.pipeline.steps.ArtifactoryMavenBuild$Execution.run(ArtifactoryMavenBuild.java:112)
at org.jfrog.hudson.pipeline.steps.ArtifactoryMavenBuild$Execution.run(ArtifactoryMavenBuild.java:61)
at org.jenkinsci.plugins.workflow.steps.AbstractSynchronousNonBlockingStepExecution$1$1.call(AbstractSynchronousNonBlockingStepExecution.java:47)
at hudson.security.ACL.impersonate(ACL.java:274)
at org.jenkinsci.plugins.workflow.steps.AbstractSynchronousNonBlockingStepExecution$1.run(AbstractSynchronousNonBlockingStepExecution.java:44)
at java.util.concurrent.Executors$RunnableAdapter.call(Unknown Source)
at java.util.concurrent.FutureTask.run(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
- duplicates
-
-
- Resolved
-
- is related to
-
-
- Resolved
-
-
JENKINS-49000 Add common Guava collection classes to the core's whitelist
-
- Resolved
-
- relates to
-
-
- Closed
-
- links to
[JENKINS-48991] Artifactory plugin affected by JEP in 2.102
I have attempted to use the
-Dhudson.remoting.ClassFilter.DEFAULTS_OVERRIDE_LOCATION JVM arg pointing to a file containing the following entries:
^bsh[.].*
^com[.]google[.]inject[.].*
^com[.]google[.]common[.]collect[.].*
^com[.]mchange[.]v2[.]c3p0[.].*
^com[.]sun[.]jndi[.].*
^com[.]sun[.]corba[.].*
^com[.]sun[.]javafx[.].*
^com[.]sun[.]org[.]apache[.]regex[.]internal[.].*
^java[.]awt[.].*
^java[.]lang[.]reflect[.]Method$
^java[.]rmi[.].*
^javax[.]management[.].*
^javax[.]naming[.].*
^javax[.]script[.].*
^javax[.]swing[.].*
^net[.]sf[.]json[.].*
^org[.]apache[.]commons[.]beanutils[.].*
^org[.]apache[.]commons[.]collections[.]functors[.].*
^org[.]apache[.]myfaces[.].*
^org[.]apache[.]wicket[.].*
.*org[.]apache[.]xalan.*
^org[.]codehaus[.]groovy[.]runtime[.].*
^org[.]hibernate[.].*
^org[.]python[.].*
^org[.]springframework[.](?!(\\p{Alnum}+[.])*\\p{Alnum}*Exception$).*
^org[.]jfrog[.]build[.]client[.].*
^sun[.]rmi[.].*
^javax[.]imageio[.].*
^java[.]util[.]ServiceLoader$
^java[.]net[.]URLClassLoader$
^java[.]security[.]SignedObject$
The linux slave complains about the springframework Exceptions regex so I had to remove that from the slave whitelist file.
Attempts to run the build again with the whitelist result in a slightly different error:
java.lang.SecurityException: Rejected: com.google.common.collect.ArrayListMultimap at hudson.remoting.ClassFilter.check(ClassFilter.java:64) at hudson.remoting.MultiClassLoaderSerializer$Input.resolveClass(MultiClassLoaderSerializer.java:124) at java.io.ObjectInputStream.readNonProxyDesc(ObjectInputStream.java:1826) at java.io.ObjectInputStream.readClassDesc(ObjectInputStream.java:1713) at java.io.ObjectInputStream.readOrdinaryObject(ObjectInputStream.java:2000) at java.io.ObjectInputStream.readObject0(ObjectInputStream.java:1535) at java.io.ObjectInputStream.defaultReadFields(ObjectInputStream.java:2245) at java.io.ObjectInputStream.readSerialData(ObjectInputStream.java:2169) at java.io.ObjectInputStream.readOrdinaryObject(ObjectInputStream.java:2027) at java.io.ObjectInputStream.readObject0(ObjectInputStream.java:1535) at java.io.ObjectInputStream.defaultReadFields(ObjectInputStream.java:2245) at java.io.ObjectInputStream.readSerialData(ObjectInputStream.java:2169) at java.io.ObjectInputStream.readOrdinaryObject(ObjectInputStream.java:2027) at java.io.ObjectInputStream.readObject0(ObjectInputStream.java:1535) at java.io.ObjectInputStream.readObject(ObjectInputStream.java:422) at hudson.remoting.UserRequest.deserialize(UserRequest.java:277) at hudson.remoting.UserRequest.perform(UserRequest.java:188) Also: hudson.remoting.Channel$CallSiteStackTrace: Remote call to artifactory_slave at hudson.remoting.Channel.attachCallSiteStackTrace(Channel.java:1696) at hudson.remoting.UserResponse.retrieve(UserRequest.java:313) at hudson.remoting.Channel.call(Channel.java:909) at hudson.FilePath.act(FilePath.java:998) at hudson.FilePath.act(FilePath.java:987) at org.jfrog.hudson.pipeline.types.buildInfo.BuildInfo.appendDeployableArtifacts(BuildInfo.java:159) at org.jfrog.hudson.pipeline.steps.ArtifactoryMavenBuild$Execution.run(ArtifactoryMavenBuild.java:112) at org.jfrog.hudson.pipeline.steps.ArtifactoryMavenBuild$Execution.run(ArtifactoryMavenBuild.java:61) at org.jenkinsci.plugins.workflow.steps.AbstractSynchronousNonBlockingStepExecution$1$1.call(AbstractSynchronousNonBlockingStepExecution.java:47) at hudson.security.ACL.impersonate(ACL.java:274) at org.jenkinsci.plugins.workflow.steps.AbstractSynchronousNonBlockingStepExecution$1.run(AbstractSynchronousNonBlockingStepExecution.java:44) at java.util.concurrent.Executors$RunnableAdapter.call(Unknown Source) at java.util.concurrent.FutureTask.run(Unknown Source) at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source) at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source) at java.lang.Thread.run(Unknown Source) Caused: java.lang.Error: Failed to deserialize the Callable object. at hudson.remoting.UserRequest.perform(UserRequest.java:194) at hudson.remoting.UserRequest.perform(UserRequest.java:53) at hudson.remoting.Request$2.run(Request.java:358) at hudson.remoting.InterceptingExecutorService$1.call(InterceptingExecutorService.java:72) at java.util.concurrent.FutureTask.run(FutureTask.java:266) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) at java.lang.Thread.run(Thread.java:748) Caused: java.io.IOException: Remote call on artifactory_slave failed at hudson.remoting.Channel.call(Channel.java:917) at hudson.FilePath.act(FilePath.java:998) Caused: java.io.IOException: remote file operation failed: /home/jenkins/workspace/CFA_WEBSITE_PIPELINE@tmp at hudson.remoting.Channel@74558682:artifactory_slave at hudson.FilePath.act(FilePath.java:1005) at hudson.FilePath.act(FilePath.java:987) at org.jfrog.hudson.pipeline.types.buildInfo.BuildInfo.appendDeployableArtifacts(BuildInfo.java:159) at org.jfrog.hudson.pipeline.steps.ArtifactoryMavenBuild$Execution.run(ArtifactoryMavenBuild.java:112) at org.jfrog.hudson.pipeline.steps.ArtifactoryMavenBuild$Execution.run(ArtifactoryMavenBuild.java:61) at org.jenkinsci.plugins.workflow.steps.AbstractSynchronousNonBlockingStepExecution$1$1.call(AbstractSynchronousNonBlockingStepExecution.java:47) at hudson.security.ACL.impersonate(ACL.java:274) at org.jenkinsci.plugins.workflow.steps.AbstractSynchronousNonBlockingStepExecution$1.run(AbstractSynchronousNonBlockingStepExecution.java:44) at java.util.concurrent.Executors$RunnableAdapter.call(Unknown Source) at java.util.concurrent.FutureTask.run(Unknown Source) at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source) at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source) at java.lang.Thread.run(Unknown Source)
Nicholas Tones
added a comment - - edited I have attempted to use the
-Dhudson.remoting.ClassFilter.DEFAULTS_OVERRIDE_LOCATION JVM arg pointing to a file containing the following entries:
^bsh[.].*
^com[.]google[.]inject[.].*
^com[.]google[.]common[.]collect[.].*
^com[.]mchange[.]v2[.]c3p0[.].*
^com[.]sun[.]jndi[.].*
^com[.]sun[.]corba[.].*
^com[.]sun[.]javafx[.].*
^com[.]sun[.]org[.]apache[.]regex[.]internal[.].*
^java[.]awt[.].*
^java[.]lang[.]reflect[.]Method$
^java[.]rmi[.].*
^javax[.]management[.].*
^javax[.]naming[.].*
^javax[.]script[.].*
^javax[.]swing[.].*
^net[.]sf[.]json[.].*
^org[.]apache[.]commons[.]beanutils[.].*
^org[.]apache[.]commons[.]collections[.]functors[.].*
^org[.]apache[.]myfaces[.].*
^org[.]apache[.]wicket[.].*
.*org[.]apache[.]xalan.*
^org[.]codehaus[.]groovy[.]runtime[.].*
^org[.]hibernate[.].*
^org[.]python[.].*
^org[.]springframework[.](?!(\\p{Alnum}+[.])*\\p{Alnum}*Exception$).*
^org[.]jfrog[.]build[.]client[.].*
^sun[.]rmi[.].*
^javax[.]imageio[.].*
^java[.]util[.]ServiceLoader$
^java[.]net[.]URLClassLoader$
^java[.]security[.]SignedObject$
The linux slave complains about the springframework Exceptions regex so I had to remove that from the slave whitelist file.
Attempts to run the build again with the whitelist result in a slightly different error:
java.lang.SecurityException: Rejected: com.google.common.collect.ArrayListMultimap
at hudson.remoting.ClassFilter.check(ClassFilter.java:64)
at hudson.remoting.MultiClassLoaderSerializer$Input.resolveClass(MultiClassLoaderSerializer.java:124)
at java.io.ObjectInputStream.readNonProxyDesc(ObjectInputStream.java:1826)
at java.io.ObjectInputStream.readClassDesc(ObjectInputStream.java:1713)
at java.io.ObjectInputStream.readOrdinaryObject(ObjectInputStream.java:2000)
at java.io.ObjectInputStream.readObject0(ObjectInputStream.java:1535)
at java.io.ObjectInputStream.defaultReadFields(ObjectInputStream.java:2245)
at java.io.ObjectInputStream.readSerialData(ObjectInputStream.java:2169)
at java.io.ObjectInputStream.readOrdinaryObject(ObjectInputStream.java:2027)
at java.io.ObjectInputStream.readObject0(ObjectInputStream.java:1535)
at java.io.ObjectInputStream.defaultReadFields(ObjectInputStream.java:2245)
at java.io.ObjectInputStream.readSerialData(ObjectInputStream.java:2169)
at java.io.ObjectInputStream.readOrdinaryObject(ObjectInputStream.java:2027)
at java.io.ObjectInputStream.readObject0(ObjectInputStream.java:1535)
at java.io.ObjectInputStream.readObject(ObjectInputStream.java:422)
at hudson.remoting.UserRequest.deserialize(UserRequest.java:277)
at hudson.remoting.UserRequest.perform(UserRequest.java:188)
Also: hudson.remoting.Channel$CallSiteStackTrace: Remote call to artifactory_slave
at hudson.remoting.Channel.attachCallSiteStackTrace(Channel.java:1696)
at hudson.remoting.UserResponse.retrieve(UserRequest.java:313)
at hudson.remoting.Channel.call(Channel.java:909)
at hudson.FilePath.act(FilePath.java:998)
at hudson.FilePath.act(FilePath.java:987)
at org.jfrog.hudson.pipeline.types.buildInfo.BuildInfo.appendDeployableArtifacts(BuildInfo.java:159)
at org.jfrog.hudson.pipeline.steps.ArtifactoryMavenBuild$Execution.run(ArtifactoryMavenBuild.java:112)
at org.jfrog.hudson.pipeline.steps.ArtifactoryMavenBuild$Execution.run(ArtifactoryMavenBuild.java:61)
at org.jenkinsci.plugins.workflow.steps.AbstractSynchronousNonBlockingStepExecution$1$1.call(AbstractSynchronousNonBlockingStepExecution.java:47)
at hudson.security.ACL.impersonate(ACL.java:274)
at org.jenkinsci.plugins.workflow.steps.AbstractSynchronousNonBlockingStepExecution$1.run(AbstractSynchronousNonBlockingStepExecution.java:44)
at java.util.concurrent.Executors$RunnableAdapter.call(Unknown Source)
at java.util.concurrent.FutureTask.run(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
at java.lang. Thread .run(Unknown Source)
Caused: java.lang.Error: Failed to deserialize the Callable object.
at hudson.remoting.UserRequest.perform(UserRequest.java:194)
at hudson.remoting.UserRequest.perform(UserRequest.java:53)
at hudson.remoting.Request$2.run(Request.java:358)
at hudson.remoting.InterceptingExecutorService$1.call(InterceptingExecutorService.java:72)
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at java.lang. Thread .run( Thread .java:748)
Caused: java.io.IOException: Remote call on artifactory_slave failed
at hudson.remoting.Channel.call(Channel.java:917)
at hudson.FilePath.act(FilePath.java:998)
Caused: java.io.IOException: remote file operation failed: /home/jenkins/workspace/CFA_WEBSITE_PIPELINE@tmp at hudson.remoting.Channel@74558682:artifactory_slave
at hudson.FilePath.act(FilePath.java:1005)
at hudson.FilePath.act(FilePath.java:987)
at org.jfrog.hudson.pipeline.types.buildInfo.BuildInfo.appendDeployableArtifacts(BuildInfo.java:159)
at org.jfrog.hudson.pipeline.steps.ArtifactoryMavenBuild$Execution.run(ArtifactoryMavenBuild.java:112)
at org.jfrog.hudson.pipeline.steps.ArtifactoryMavenBuild$Execution.run(ArtifactoryMavenBuild.java:61)
at org.jenkinsci.plugins.workflow.steps.AbstractSynchronousNonBlockingStepExecution$1$1.call(AbstractSynchronousNonBlockingStepExecution.java:47)
at hudson.security.ACL.impersonate(ACL.java:274)
at org.jenkinsci.plugins.workflow.steps.AbstractSynchronousNonBlockingStepExecution$1.run(AbstractSynchronousNonBlockingStepExecution.java:44)
at java.util.concurrent.Executors$RunnableAdapter.call(Unknown Source)
at java.util.concurrent.FutureTask.run(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
at java.lang. Thread .run(Unknown Source)
Some bits (Remoting failure) are already addressed in JENKINS-48983. Looking into the XStream issue
ntones I have added the missing collections class to https://github.com/jenkinsci/artifactory-plugin/pull/30 . Will also submit a PR to the core.
Would it be possible to take the plugin snapshot from https://ci.jenkins.io/blue/organizations/jenkins/Plugins%2Fartifactory-plugin/detail/PR-30/3/artifacts and try it on your instance?
Nicholas Tones
added a comment - oleg_nenashev sure will give it a go and get back to you ASAP Nicholas Tones
added a comment - oleg_nenashev just attempted the build again and got the following error:
java.lang.SecurityException: Rejected: com.google.common.collect.AbstractListMultimap
at hudson.remoting.ClassFilter.check(ClassFilter.java:75)
at hudson.remoting.MultiClassLoaderSerializer$Input.resolveClass(MultiClassLoaderSerializer.java:129)
at java.io.ObjectInputStream.readNonProxyDesc(Unknown Source)
at java.io.ObjectInputStream.readClassDesc(Unknown Source)
at java.io.ObjectInputStream.readNonProxyDesc(Unknown Source)
at java.io.ObjectInputStream.readClassDesc(Unknown Source)
at java.io.ObjectInputStream.readOrdinaryObject(Unknown Source)
at java.io.ObjectInputStream.readObject0(Unknown Source)
at java.io.ObjectInputStream.defaultReadFields(Unknown Source)
at java.io.ObjectInputStream.readSerialData(Unknown Source)
at java.io.ObjectInputStream.readOrdinaryObject(Unknown Source)
at java.io.ObjectInputStream.readObject0(Unknown Source)
at java.io.ObjectInputStream.readObject(Unknown Source)
at java.util.ArrayList.readObject(Unknown Source)
at sun.reflect.GeneratedMethodAccessor96.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at java.io.ObjectStreamClass.invokeReadObject(Unknown Source)
at java.io.ObjectInputStream.readSerialData(Unknown Source)
at java.io.ObjectInputStream.readOrdinaryObject(Unknown Source)
at java.io.ObjectInputStream.readObject0(Unknown Source)
at java.io.ObjectInputStream.readObject(Unknown Source)
at hudson.remoting.UserRequest.deserialize(UserRequest.java:277)
at hudson.remoting.UserResponse.retrieve(UserRequest.java:310)
at hudson.remoting.Channel.call(Channel.java:909)
at hudson.FilePath.act(FilePath.java:998)
at hudson.FilePath.act(FilePath.java:987)
at org.jfrog.hudson.pipeline.types.buildInfo.BuildInfo.appendDeployableArtifacts(BuildInfo.java:160)
at org.jfrog.hudson.pipeline.steps.ArtifactoryMavenBuild$Execution.run(ArtifactoryMavenBuild.java:112)
at org.jfrog.hudson.pipeline.steps.ArtifactoryMavenBuild$Execution.run(ArtifactoryMavenBuild.java:61)
at org.jenkinsci.plugins.workflow.steps.AbstractSynchronousNonBlockingStepExecution$1$1.call(AbstractSynchronousNonBlockingStepExecution.java:47)
at hudson.security.ACL.impersonate(ACL.java:274)
at org.jenkinsci.plugins.workflow.steps.AbstractSynchronousNonBlockingStepExecution$1.run(AbstractSynchronousNonBlockingStepExecution.java:44)
at java.util.concurrent.Executors$RunnableAdapter.call(Unknown Source)
at java.util.concurrent.FutureTask.run(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
Finished: FAILURE
Nicholas Tones
added a comment - oleg_nenashev just attempted the build again and got the following error:
java.lang.SecurityException: Rejected: com.google.common.collect.AbstractListMultimap
at hudson.remoting.ClassFilter.check(ClassFilter.java:75)
at hudson.remoting.MultiClassLoaderSerializer$Input.resolveClass(MultiClassLoaderSerializer.java:129)
at java.io.ObjectInputStream.readNonProxyDesc(Unknown Source)
at java.io.ObjectInputStream.readClassDesc(Unknown Source)
at java.io.ObjectInputStream.readNonProxyDesc(Unknown Source)
at java.io.ObjectInputStream.readClassDesc(Unknown Source)
at java.io.ObjectInputStream.readOrdinaryObject(Unknown Source)
at java.io.ObjectInputStream.readObject0(Unknown Source)
at java.io.ObjectInputStream.defaultReadFields(Unknown Source)
at java.io.ObjectInputStream.readSerialData(Unknown Source)
at java.io.ObjectInputStream.readOrdinaryObject(Unknown Source)
at java.io.ObjectInputStream.readObject0(Unknown Source)
at java.io.ObjectInputStream.readObject(Unknown Source)
at java.util.ArrayList.readObject(Unknown Source)
at sun.reflect.GeneratedMethodAccessor96.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at java.io.ObjectStreamClass.invokeReadObject(Unknown Source)
at java.io.ObjectInputStream.readSerialData(Unknown Source)
at java.io.ObjectInputStream.readOrdinaryObject(Unknown Source)
at java.io.ObjectInputStream.readObject0(Unknown Source)
at java.io.ObjectInputStream.readObject(Unknown Source)
at hudson.remoting.UserRequest.deserialize(UserRequest.java:277)
at hudson.remoting.UserResponse.retrieve(UserRequest.java:310)
at hudson.remoting.Channel.call(Channel.java:909)
at hudson.FilePath.act(FilePath.java:998)
at hudson.FilePath.act(FilePath.java:987)
at org.jfrog.hudson.pipeline.types.buildInfo.BuildInfo.appendDeployableArtifacts(BuildInfo.java:160)
at org.jfrog.hudson.pipeline.steps.ArtifactoryMavenBuild$Execution.run(ArtifactoryMavenBuild.java:112)
at org.jfrog.hudson.pipeline.steps.ArtifactoryMavenBuild$Execution.run(ArtifactoryMavenBuild.java:61)
at org.jenkinsci.plugins.workflow.steps.AbstractSynchronousNonBlockingStepExecution$1$1.call(AbstractSynchronousNonBlockingStepExecution.java:47)
at hudson.security.ACL.impersonate(ACL.java:274)
at org.jenkinsci.plugins.workflow.steps.AbstractSynchronousNonBlockingStepExecution$1.run(AbstractSynchronousNonBlockingStepExecution.java:44)
at java.util.concurrent.Executors$RunnableAdapter.call(Unknown Source)
at java.util.concurrent.FutureTask.run(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
at java.lang. Thread .run(Unknown Source)
Finished: FAILURE
Nicholas Tones
added a comment - oleg_nenashev the master server log has the following:
Jan 17, 2018 12:26:51 PM jenkins.security.ClassFilterImpl lambda$isBlacklisted$1 WARNING: com.google.common.collect.AbstractListMultimap in file:/E:/jenkins/war/WEB-INF/lib/guava-11.0.1.jar might be dangerous, so rejecting; see https://jenkins.io/redirect/class-filter/ Jan 17, 2018 12:26:51 PM org.jenkinsci.plugins.workflow.graph.FlowNode persistSafe WARNING: failed to save actions for FlowNode id=24 java.io.IOException: java.lang.RuntimeException: Failed to serialize org.jenkinsci.plugins.workflow.support.storage.SimpleXStreamFlowNodeStorage$Tag#actions for class org.jenkinsci.plugins.workflow.support.storage.SimpleXStreamFlowNodeStorage$Tag at hudson.XmlFile.write(XmlFile.java:201) at org.jenkinsci.plugins.workflow.support.storage.SimpleXStreamFlowNodeStorage.saveActions(SimpleXStreamFlowNodeStorage.java:111) at org.jenkinsci.plugins.workflow.cps.CpsFlowExecution$TimingFlowNodeStorage.saveActions(CpsFlowExecution.java:1490) at org.jenkinsci.plugins.workflow.cps.CpsFlowExecution.saveActions(CpsFlowExecution.java:1014) at org.jenkinsci.plugins.workflow.graph.FlowNode.save(FlowNode.java:446) at org.jenkinsci.plugins.workflow.graph.FlowNode.persistSafe(FlowNode.java:452) at org.jenkinsci.plugins.workflow.graph.FlowNode.access$100(FlowNode.java:61) at org.jenkinsci.plugins.workflow.graph.FlowNode$1.add(FlowNode.java:411) at org.jenkinsci.plugins.workflow.graph.FlowNode$1.add(FlowNode.java:401) at java.util.AbstractList.add(Unknown Source) at hudson.model.Actionable.addAction(Actionable.java:155) at org.jenkinsci.plugins.workflow.cps.FlowHead.markIfFail(FlowHead.java:144) at org.jenkinsci.plugins.workflow.cps.CpsStepContext$2.onSuccess(CpsStepContext.java:439) at org.jenkinsci.plugins.workflow.cps.CpsStepContext$2.onSuccess(CpsStepContext.java:395) at org.jenkinsci.plugins.workflow.cps.CpsFlowExecution$4$1.run(CpsFlowExecution.java:746) at org.jenkinsci.plugins.workflow.cps.CpsVmExecutorService$1.run(CpsVmExecutorService.java:35) at java.util.concurrent.Executors$RunnableAdapter.call(Unknown Source) at java.util.concurrent.FutureTask.run(Unknown Source) at hudson.remoting.SingleLaneExecutorService$1.run(SingleLaneExecutorService.java:131) at jenkins.util.ContextResettingExecutorService$1.run(ContextResettingExecutorService.java:28) at java.util.concurrent.Executors$RunnableAdapter.call(Unknown Source) at java.util.concurrent.FutureTask.run(Unknown Source) at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source) at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source) at java.lang.Thread.run(Unknown Source) Caused by: java.lang.RuntimeException: Failed to serialize org.jenkinsci.plugins.workflow.support.storage.SimpleXStreamFlowNodeStorage$Tag#actions for class org.jenkinsci.plugins.workflow.support.storage.SimpleXStreamFlowNodeStorage$Tag at hudson.util.RobustReflectionConverter$2.writeField(RobustReflectionConverter.java:256) at hudson.util.RobustReflectionConverter$2.visit(RobustReflectionConverter.java:224) at com.thoughtworks.xstream.converters.reflection.PureJavaReflectionProvider.visitSerializableFields(PureJavaReflectionProvider.java:138) at hudson.util.RobustReflectionConverter.doMarshal(RobustReflectionConverter.java:209) at hudson.util.RobustReflectionConverter.marshal(RobustReflectionConverter.java:150) at com.thoughtworks.xstream.core.AbstractReferenceMarshaller.convert(AbstractReferenceMarshaller.java:69) at com.thoughtworks.xstream.core.TreeMarshaller.convertAnother(TreeMarshaller.java:58) at com.thoughtworks.xstream.core.TreeMarshaller.convertAnother(TreeMarshaller.java:43) at com.thoughtworks.xstream.core.TreeMarshaller.start(TreeMarshaller.java:82) at com.thoughtworks.xstream.core.AbstractTreeMarshallingStrategy.marshal(AbstractTreeMarshallingStrategy.java:37) at com.thoughtworks.xstream.XStream.marshal(XStream.java:1026) at com.thoughtworks.xstream.XStream.marshal(XStream.java:1015) at com.thoughtworks.xstream.XStream.toXML(XStream.java:988) at hudson.XmlFile.write(XmlFile.java:194) ... 24 more Caused by: java.lang.RuntimeException: Failed to serialize org.jenkinsci.plugins.workflow.cps.actions.ArgumentsActionImpl#arguments for class org.jenkinsci.plugins.workflow.cps.actions.ArgumentsActionImpl at hudson.util.RobustReflectionConverter$2.writeField(RobustReflectionConverter.java:256) at hudson.util.RobustReflectionConverter$2.visit(RobustReflectionConverter.java:224) at com.thoughtworks.xstream.converters.reflection.PureJavaReflectionProvider.visitSerializableFields(PureJavaReflectionProvider.java:138) at hudson.util.RobustReflectionConverter.doMarshal(RobustReflectionConverter.java:209) at hudson.util.RobustReflectionConverter.marshal(RobustReflectionConverter.java:150) at com.thoughtworks.xstream.core.AbstractReferenceMarshaller.convert(AbstractReferenceMarshaller.java:69) at com.thoughtworks.xstream.core.TreeMarshaller.convertAnother(TreeMarshaller.java:58) at com.thoughtworks.xstream.core.TreeMarshaller.convertAnother(TreeMarshaller.java:43) at com.thoughtworks.xstream.core.AbstractReferenceMarshaller$1.convertAnother(AbstractReferenceMarshaller.java:88) at com.thoughtworks.xstream.converters.collections.AbstractCollectionConverter.writeItem(AbstractCollectionConverter.java:64) at com.thoughtworks.xstream.converters.collections.ArrayConverter.marshal(ArrayConverter.java:45) at com.thoughtworks.xstream.core.AbstractReferenceMarshaller.convert(AbstractReferenceMarshaller.java:69) at com.thoughtworks.xstream.core.TreeMarshaller.convertAnother(TreeMarshaller.java:58) at com.thoughtworks.xstream.core.AbstractReferenceMarshaller$1.convertAnother(AbstractReferenceMarshaller.java:84) at hudson.util.RobustReflectionConverter.marshallField(RobustReflectionConverter.java:265) at hudson.util.RobustReflectionConverter$2.writeField(RobustReflectionConverter.java:252) ... 37 more Caused by: java.lang.RuntimeException: Failed to serialize org.jfrog.hudson.pipeline.types.MavenBuild#deployer for class org.jfrog.hudson.pipeline.types.MavenBuild at hudson.util.RobustReflectionConverter$2.writeField(RobustReflectionConverter.java:256) at hudson.util.RobustReflectionConverter$2.visit(RobustReflectionConverter.java:224) at com.thoughtworks.xstream.converters.reflection.PureJavaReflectionProvider.visitSerializableFields(PureJavaReflectionProvider.java:138) at hudson.util.RobustReflectionConverter.doMarshal(RobustReflectionConverter.java:209) at hudson.util.RobustReflectionConverter.marshal(RobustReflectionConverter.java:150) at com.thoughtworks.xstream.core.AbstractReferenceMarshaller.convert(AbstractReferenceMarshaller.java:69) at com.thoughtworks.xstream.core.TreeMarshaller.convertAnother(TreeMarshaller.java:58) at com.thoughtworks.xstream.core.TreeMarshaller.convertAnother(TreeMarshaller.java:43) at com.thoughtworks.xstream.core.AbstractReferenceMarshaller$1.convertAnother(AbstractReferenceMarshaller.java:88) at com.thoughtworks.xstream.converters.collections.AbstractCollectionConverter.writeItem(AbstractCollectionConverter.java:64) at com.thoughtworks.xstream.converters.collections.MapConverter.marshal(MapConverter.java:79) at com.thoughtworks.xstream.core.AbstractReferenceMarshaller.convert(AbstractReferenceMarshaller.java:69) at com.thoughtworks.xstream.core.TreeMarshaller.convertAnother(TreeMarshaller.java:58) at com.thoughtworks.xstream.core.AbstractReferenceMarshaller$1.convertAnother(AbstractReferenceMarshaller.java:84) at hudson.util.RobustReflectionConverter.marshallField(RobustReflectionConverter.java:265) at hudson.util.RobustReflectionConverter$2.writeField(RobustReflectionConverter.java:252) ... 52 more Caused by: java.lang.RuntimeException: Failed to serialize org.jfrog.hudson.pipeline.types.deployers.Deployer#artifactDeploymentPatterns for class org.jfrog.hudson.pipeline.types.deployers.MavenDeployer at hudson.util.RobustReflectionConverter$2.writeField(RobustReflectionConverter.java:256) at hudson.util.RobustReflectionConverter$2.visit(RobustReflectionConverter.java:224) at com.thoughtworks.xstream.converters.reflection.PureJavaReflectionProvider.visitSerializableFields(PureJavaReflectionProvider.java:138) at hudson.util.RobustReflectionConverter.doMarshal(RobustReflectionConverter.java:209) at hudson.util.RobustReflectionConverter.marshal(RobustReflectionConverter.java:150) at com.thoughtworks.xstream.core.AbstractReferenceMarshaller.convert(AbstractReferenceMarshaller.java:69) at com.thoughtworks.xstream.core.TreeMarshaller.convertAnother(TreeMarshaller.java:58) at com.thoughtworks.xstream.core.AbstractReferenceMarshaller$1.convertAnother(AbstractReferenceMarshaller.java:84) at hudson.util.RobustReflectionConverter.marshallField(RobustReflectionConverter.java:265) at hudson.util.RobustReflectionConverter$2.writeField(RobustReflectionConverter.java:252) ... 67 more Caused by: java.lang.RuntimeException: Failed to serialize org.jfrog.hudson.pipeline.types.Filter#patternFilter for class org.jfrog.hudson.pipeline.types.Filter at hudson.util.RobustReflectionConverter$2.writeField(RobustReflectionConverter.java:256) at hudson.util.RobustReflectionConverter$2.visit(RobustReflectionConverter.java:224) at com.thoughtworks.xstream.converters.reflection.PureJavaReflectionProvider.visitSerializableFields(PureJavaReflectionProvider.java:138) at hudson.util.RobustReflectionConverter.doMarshal(RobustReflectionConverter.java:209) at hudson.util.RobustReflectionConverter.marshal(RobustReflectionConverter.java:150) at com.thoughtworks.xstream.core.AbstractReferenceMarshaller.convert(AbstractReferenceMarshaller.java:69) at com.thoughtworks.xstream.core.TreeMarshaller.convertAnother(TreeMarshaller.java:58) at com.thoughtworks.xstream.core.AbstractReferenceMarshaller$1.convertAnother(AbstractReferenceMarshaller.java:84) at hudson.util.RobustReflectionConverter.marshallField(RobustReflectionConverter.java:265) at hudson.util.RobustReflectionConverter$2.writeField(RobustReflectionConverter.java:252) ... 76 more Caused by: java.lang.UnsupportedOperationException: Refusing to marshal org.jfrog.build.extractor.clientConfiguration.IncludeExcludePatterns for security reasons; see https://jenkins.io/redirect/class-filter/ at hudson.util.XStream2$BlacklistedTypesConverter.marshal(XStream2.java:530) at com.thoughtworks.xstream.core.AbstractReferenceMarshaller.convert(AbstractReferenceMarshaller.java:69) at com.thoughtworks.xstream.core.TreeMarshaller.convertAnother(TreeMarshaller.java:58) at com.thoughtworks.xstream.core.AbstractReferenceMarshaller$1.convertAnother(AbstractReferenceMarshaller.java:84) at hudson.util.RobustReflectionConverter.marshallField(RobustReflectionConverter.java:265) at hudson.util.RobustReflectionConverter$2.writeField(RobustReflectionConverter.java:252) ... 85 more
Nicholas Tones
added a comment - oleg_nenashev the master server log has the following:
Jan 17, 2018 12:26:51 PM jenkins.security.ClassFilterImpl lambda$isBlacklisted$1
WARNING: com.google.common.collect.AbstractListMultimap in file:/E:/jenkins/war/WEB-INF/lib/guava-11.0.1.jar might be dangerous, so rejecting; see https: //jenkins.io/redirect/ class- filter/
Jan 17, 2018 12:26:51 PM org.jenkinsci.plugins.workflow.graph.FlowNode persistSafe
WARNING: failed to save actions for FlowNode id=24
java.io.IOException: java.lang.RuntimeException: Failed to serialize org.jenkinsci.plugins.workflow.support.storage.SimpleXStreamFlowNodeStorage$Tag#actions for class org.jenkinsci.plugins.workflow.support.storage.SimpleXStreamFlowNodeStorage$Tag
at hudson.XmlFile.write(XmlFile.java:201)
at org.jenkinsci.plugins.workflow.support.storage.SimpleXStreamFlowNodeStorage.saveActions(SimpleXStreamFlowNodeStorage.java:111)
at org.jenkinsci.plugins.workflow.cps.CpsFlowExecution$TimingFlowNodeStorage.saveActions(CpsFlowExecution.java:1490)
at org.jenkinsci.plugins.workflow.cps.CpsFlowExecution.saveActions(CpsFlowExecution.java:1014)
at org.jenkinsci.plugins.workflow.graph.FlowNode.save(FlowNode.java:446)
at org.jenkinsci.plugins.workflow.graph.FlowNode.persistSafe(FlowNode.java:452)
at org.jenkinsci.plugins.workflow.graph.FlowNode.access$100(FlowNode.java:61)
at org.jenkinsci.plugins.workflow.graph.FlowNode$1.add(FlowNode.java:411)
at org.jenkinsci.plugins.workflow.graph.FlowNode$1.add(FlowNode.java:401)
at java.util.AbstractList.add(Unknown Source)
at hudson.model.Actionable.addAction(Actionable.java:155)
at org.jenkinsci.plugins.workflow.cps.FlowHead.markIfFail(FlowHead.java:144)
at org.jenkinsci.plugins.workflow.cps.CpsStepContext$2.onSuccess(CpsStepContext.java:439)
at org.jenkinsci.plugins.workflow.cps.CpsStepContext$2.onSuccess(CpsStepContext.java:395)
at org.jenkinsci.plugins.workflow.cps.CpsFlowExecution$4$1.run(CpsFlowExecution.java:746)
at org.jenkinsci.plugins.workflow.cps.CpsVmExecutorService$1.run(CpsVmExecutorService.java:35)
at java.util.concurrent.Executors$RunnableAdapter.call(Unknown Source)
at java.util.concurrent.FutureTask.run(Unknown Source)
at hudson.remoting.SingleLaneExecutorService$1.run(SingleLaneExecutorService.java:131)
at jenkins.util.ContextResettingExecutorService$1.run(ContextResettingExecutorService.java:28)
at java.util.concurrent.Executors$RunnableAdapter.call(Unknown Source)
at java.util.concurrent.FutureTask.run(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
at java.lang. Thread .run(Unknown Source)
Caused by: java.lang.RuntimeException: Failed to serialize org.jenkinsci.plugins.workflow.support.storage.SimpleXStreamFlowNodeStorage$Tag#actions for class org.jenkinsci.plugins.workflow.support.storage.SimpleXStreamFlowNodeStorage$Tag
at hudson.util.RobustReflectionConverter$2.writeField(RobustReflectionConverter.java:256)
at hudson.util.RobustReflectionConverter$2.visit(RobustReflectionConverter.java:224)
at com.thoughtworks.xstream.converters.reflection.PureJavaReflectionProvider.visitSerializableFields(PureJavaReflectionProvider.java:138)
at hudson.util.RobustReflectionConverter.doMarshal(RobustReflectionConverter.java:209)
at hudson.util.RobustReflectionConverter.marshal(RobustReflectionConverter.java:150)
at com.thoughtworks.xstream.core.AbstractReferenceMarshaller.convert(AbstractReferenceMarshaller.java:69)
at com.thoughtworks.xstream.core.TreeMarshaller.convertAnother(TreeMarshaller.java:58)
at com.thoughtworks.xstream.core.TreeMarshaller.convertAnother(TreeMarshaller.java:43)
at com.thoughtworks.xstream.core.TreeMarshaller.start(TreeMarshaller.java:82)
at com.thoughtworks.xstream.core.AbstractTreeMarshallingStrategy.marshal(AbstractTreeMarshallingStrategy.java:37)
at com.thoughtworks.xstream.XStream.marshal(XStream.java:1026)
at com.thoughtworks.xstream.XStream.marshal(XStream.java:1015)
at com.thoughtworks.xstream.XStream.toXML(XStream.java:988)
at hudson.XmlFile.write(XmlFile.java:194)
... 24 more
Caused by: java.lang.RuntimeException: Failed to serialize org.jenkinsci.plugins.workflow.cps.actions.ArgumentsActionImpl#arguments for class org.jenkinsci.plugins.workflow.cps.actions.ArgumentsActionImpl
at hudson.util.RobustReflectionConverter$2.writeField(RobustReflectionConverter.java:256)
at hudson.util.RobustReflectionConverter$2.visit(RobustReflectionConverter.java:224)
at com.thoughtworks.xstream.converters.reflection.PureJavaReflectionProvider.visitSerializableFields(PureJavaReflectionProvider.java:138)
at hudson.util.RobustReflectionConverter.doMarshal(RobustReflectionConverter.java:209)
at hudson.util.RobustReflectionConverter.marshal(RobustReflectionConverter.java:150)
at com.thoughtworks.xstream.core.AbstractReferenceMarshaller.convert(AbstractReferenceMarshaller.java:69)
at com.thoughtworks.xstream.core.TreeMarshaller.convertAnother(TreeMarshaller.java:58)
at com.thoughtworks.xstream.core.TreeMarshaller.convertAnother(TreeMarshaller.java:43)
at com.thoughtworks.xstream.core.AbstractReferenceMarshaller$1.convertAnother(AbstractReferenceMarshaller.java:88)
at com.thoughtworks.xstream.converters.collections.AbstractCollectionConverter.writeItem(AbstractCollectionConverter.java:64)
at com.thoughtworks.xstream.converters.collections.ArrayConverter.marshal(ArrayConverter.java:45)
at com.thoughtworks.xstream.core.AbstractReferenceMarshaller.convert(AbstractReferenceMarshaller.java:69)
at com.thoughtworks.xstream.core.TreeMarshaller.convertAnother(TreeMarshaller.java:58)
at com.thoughtworks.xstream.core.AbstractReferenceMarshaller$1.convertAnother(AbstractReferenceMarshaller.java:84)
at hudson.util.RobustReflectionConverter.marshallField(RobustReflectionConverter.java:265)
at hudson.util.RobustReflectionConverter$2.writeField(RobustReflectionConverter.java:252)
... 37 more
Caused by: java.lang.RuntimeException: Failed to serialize org.jfrog.hudson.pipeline.types.MavenBuild#deployer for class org.jfrog.hudson.pipeline.types.MavenBuild
at hudson.util.RobustReflectionConverter$2.writeField(RobustReflectionConverter.java:256)
at hudson.util.RobustReflectionConverter$2.visit(RobustReflectionConverter.java:224)
at com.thoughtworks.xstream.converters.reflection.PureJavaReflectionProvider.visitSerializableFields(PureJavaReflectionProvider.java:138)
at hudson.util.RobustReflectionConverter.doMarshal(RobustReflectionConverter.java:209)
at hudson.util.RobustReflectionConverter.marshal(RobustReflectionConverter.java:150)
at com.thoughtworks.xstream.core.AbstractReferenceMarshaller.convert(AbstractReferenceMarshaller.java:69)
at com.thoughtworks.xstream.core.TreeMarshaller.convertAnother(TreeMarshaller.java:58)
at com.thoughtworks.xstream.core.TreeMarshaller.convertAnother(TreeMarshaller.java:43)
at com.thoughtworks.xstream.core.AbstractReferenceMarshaller$1.convertAnother(AbstractReferenceMarshaller.java:88)
at com.thoughtworks.xstream.converters.collections.AbstractCollectionConverter.writeItem(AbstractCollectionConverter.java:64)
at com.thoughtworks.xstream.converters.collections.MapConverter.marshal(MapConverter.java:79)
at com.thoughtworks.xstream.core.AbstractReferenceMarshaller.convert(AbstractReferenceMarshaller.java:69)
at com.thoughtworks.xstream.core.TreeMarshaller.convertAnother(TreeMarshaller.java:58)
at com.thoughtworks.xstream.core.AbstractReferenceMarshaller$1.convertAnother(AbstractReferenceMarshaller.java:84)
at hudson.util.RobustReflectionConverter.marshallField(RobustReflectionConverter.java:265)
at hudson.util.RobustReflectionConverter$2.writeField(RobustReflectionConverter.java:252)
... 52 more
Caused by: java.lang.RuntimeException: Failed to serialize org.jfrog.hudson.pipeline.types.deployers.Deployer#artifactDeploymentPatterns for class org.jfrog.hudson.pipeline.types.deployers.MavenDeployer
at hudson.util.RobustReflectionConverter$2.writeField(RobustReflectionConverter.java:256)
at hudson.util.RobustReflectionConverter$2.visit(RobustReflectionConverter.java:224)
at com.thoughtworks.xstream.converters.reflection.PureJavaReflectionProvider.visitSerializableFields(PureJavaReflectionProvider.java:138)
at hudson.util.RobustReflectionConverter.doMarshal(RobustReflectionConverter.java:209)
at hudson.util.RobustReflectionConverter.marshal(RobustReflectionConverter.java:150)
at com.thoughtworks.xstream.core.AbstractReferenceMarshaller.convert(AbstractReferenceMarshaller.java:69)
at com.thoughtworks.xstream.core.TreeMarshaller.convertAnother(TreeMarshaller.java:58)
at com.thoughtworks.xstream.core.AbstractReferenceMarshaller$1.convertAnother(AbstractReferenceMarshaller.java:84)
at hudson.util.RobustReflectionConverter.marshallField(RobustReflectionConverter.java:265)
at hudson.util.RobustReflectionConverter$2.writeField(RobustReflectionConverter.java:252)
... 67 more
Caused by: java.lang.RuntimeException: Failed to serialize org.jfrog.hudson.pipeline.types.Filter#patternFilter for class org.jfrog.hudson.pipeline.types.Filter
at hudson.util.RobustReflectionConverter$2.writeField(RobustReflectionConverter.java:256)
at hudson.util.RobustReflectionConverter$2.visit(RobustReflectionConverter.java:224)
at com.thoughtworks.xstream.converters.reflection.PureJavaReflectionProvider.visitSerializableFields(PureJavaReflectionProvider.java:138)
at hudson.util.RobustReflectionConverter.doMarshal(RobustReflectionConverter.java:209)
at hudson.util.RobustReflectionConverter.marshal(RobustReflectionConverter.java:150)
at com.thoughtworks.xstream.core.AbstractReferenceMarshaller.convert(AbstractReferenceMarshaller.java:69)
at com.thoughtworks.xstream.core.TreeMarshaller.convertAnother(TreeMarshaller.java:58)
at com.thoughtworks.xstream.core.AbstractReferenceMarshaller$1.convertAnother(AbstractReferenceMarshaller.java:84)
at hudson.util.RobustReflectionConverter.marshallField(RobustReflectionConverter.java:265)
at hudson.util.RobustReflectionConverter$2.writeField(RobustReflectionConverter.java:252)
... 76 more
Caused by: java.lang.UnsupportedOperationException: Refusing to marshal org.jfrog.build.extractor.clientConfiguration.IncludeExcludePatterns for security reasons; see https: //jenkins.io/redirect/ class- filter/
at hudson.util.XStream2$BlacklistedTypesConverter.marshal(XStream2.java:530)
at com.thoughtworks.xstream.core.AbstractReferenceMarshaller.convert(AbstractReferenceMarshaller.java:69)
at com.thoughtworks.xstream.core.TreeMarshaller.convertAnother(TreeMarshaller.java:58)
at com.thoughtworks.xstream.core.AbstractReferenceMarshaller$1.convertAnother(AbstractReferenceMarshaller.java:84)
at hudson.util.RobustReflectionConverter.marshallField(RobustReflectionConverter.java:265)
at hudson.util.RobustReflectionConverter$2.writeField(RobustReflectionConverter.java:252)
... 85 more
ntones Thanks a lot. I will update the whitelists and investigate the code more.
"Rejected: com.google.common.collect.AbstractListMultimap" is something I do not understand. It seems this class in not actually abstract in one of Guava versions
I have definitely reviewed IncludeExcludePatterns. Mayber there are multiple classes with such name.... Will check in 1h
ntones you can temporarily run with the startup option -Djenkins.security.ClassFilterImpl.SUPPRESS_WHITELIST=true which will log all the violations without interrupting plugin functions, which is useful for gathering a list of class names that need to be whitelisted. Remove such an option as soon as possible and replace with -Dhudson.remoting.ClassFilter=pkg.ClassName1,pkg.ClassName2,… for a specific whitelist, pending a plugin release with a fix.
BTW I have updated the PR. The current version works for me in some cases, but it's definitely not enough to cover all usage paths in the plugin
AbstractListMultimap is abstract for sure: http://grepcode.com/file/repo1.maven.org/maven2/com.google.guava/guava/11.0.1/com/google/common/collect/AbstractListMultimap.java?av=f
jglick IIUC it may happen only if we have custom messaging for anonymous classes which loses some info, WDYT?
AbstractSetMultimap was already whitelisted; this could be too. Serialization will pay attention to abstract supertypes when they are Serializable IIRC.
Ajit Surana
added a comment - Is this resolved? I'm facing the following error -
ERROR: Rejected: org.jfrog.build.api.Artifact java.lang.SecurityException: Rejected: org.jfrog.build.api.Artifact at hudson.remoting.ClassFilter.check(ClassFilter.java:75)
We have a master slave Jenkins system. I tried to add the -Dhudson.remoting.ClassFilter.DEFAULTS_OVERRIDE_LOCATION= parameter with appropriate file during slave start up to safeguard the org.jfrog.build.api.Artifact class but it does not work.
The file content is as follows (Please note: I know it may stop other plugins to work but my focus was to make org.jfrog.build.api.Artifact working first).
^org[.]jfrog[.]build[.]api[.].* ^org[.]jfrog[.]build[.]api[.].Artifact
I can see if I give some wrong content to the file, an exception is being thrown during start up so I'm sure that this file is loaded during slave startup. But still unsure by this mechanism does not work.
One more point: I'm only trying these options with slave node and master is untouched. Can this issue resolved by changing the master node similarly? Any help would be appreciated.
Ajit Surana
added a comment - Is this resolved? I'm facing the following error -
ERROR: Rejected: org.jfrog.build.api.Artifact
java.lang.SecurityException: Rejected: org.jfrog.build.api.Artifact
at hudson.remoting.ClassFilter.check(ClassFilter.java:75)
We have a master slave Jenkins system. I tried to add the -Dhudson.remoting.ClassFilter.DEFAULTS_OVERRIDE_LOCATION= parameter with appropriate file during slave start up to safeguard the org.jfrog.build.api.Artifact class but it does not work.
The file content is as follows (Please note: I know it may stop other plugins to work but my focus was to make org.jfrog.build.api.Artifact working first).
^org[.]jfrog[.]build[.]api[.].*
^org[.]jfrog[.]build[.]api[.].Artifact
I can see if I give some wrong content to the file, an exception is being thrown during start up so I'm sure that this file is loaded during slave startup. But still unsure by this mechanism does not work.
One more point: I'm only trying these options with slave node and master is untouched. Can this issue resolved by changing the master node similarly? Any help would be appreciated. 
kgiloo
added a comment - for me, the options below do the workaround
(as suggested in https://github.com/jenkinsci/artifactory-plugin/pull/30)
JENKINS_JAVA_OPTIONS="-Dhudson.remoting.ClassFilter=org.jfrog.build.api.Artifact,org.jfrog.build.api.BaseBuildFileBean,org.jfrog.build.api.BaseBuildBean"
kgiloo
added a comment - for me, the options below do the workaround
(as suggested in https://github.com/jenkinsci/artifactory-plugin/pull/30 )
JENKINS_JAVA_OPTIONS="-Dhudson.remoting.ClassFilter=org.jfrog.build.api.Artifact,org.jfrog.build.api.BaseBuildFileBean,org.jfrog.build.api.BaseBuildBean"
I ran the following command to start the slave node as I've only access to slave node (a Windows node):
C:\Users\jenkins\Desktop\Artifactory>java -Dhudson.remoting.ClassFilter=org.jfrog.build.api.Artifact -jar agent.jar -jnlpUrl https://localjenkins.com/sds/computer/jenkinsw104/slave-agent.jnlp -secret f9404edf68730facd646cb20b86a310db4296a89b4a8b62ff74e0d3ea5a4ef0b
It still gives the error:
ERROR: Rejected: org.jfrog.build.api.Artifact java.lang.SecurityException: Rejected: org.jfrog.build.api.Artifact at hudson.remoting.ClassFilter.check(ClassFilter.java:75)
Did you add the JENKINS_JAVA_OPTIONS in /etc/sysconfig/jenkins in the Master node? Or in the slave node if having Jenkins master-slave configuration?
Ajit Surana
added a comment - - edited I ran the following command to start the slave node as I've only access to slave node (a Windows node):
C:\Users\jenkins\Desktop\Artifactory>java -Dhudson.remoting.ClassFilter=org.jfrog.build.api.Artifact -jar agent.jar -jnlpUrl https://localjenkins.com/sds/computer/jenkinsw104/slave-agent.jnlp -secret f9404edf68730facd646cb20b86a310db4296a89b4a8b62ff74e0d3ea5a4ef0b
It still gives the error:
ERROR: Rejected: org.jfrog.build.api.Artifact
java.lang.SecurityException: Rejected: org.jfrog.build.api.Artifact
at hudson.remoting.ClassFilter.check(ClassFilter.java:75)
Did you add the JENKINS_JAVA_OPTIONS in /etc/sysconfig/jenkins in the Master node? Or in the slave node if having Jenkins master-slave configuration? kgiloo
added a comment - ajitsurana startup on master Yes, options need to be added to the master-side only. Agents still use a blacklist instead of whitelist, no plans to change it soon.
Ajit Surana
added a comment - kgiloo, oleg_nenashev: Thanks for your prompt response. I will modify the master as per the suggestion.
Ajit Surana
added a comment - kgiloo , oleg_nenashev : Thanks for your prompt response. I will modify the master as per the suggestion. 
Further to this on the master I am seeing the following errors reported for this pipeline build:
Jan 17, 2018 10:17:43 AM org.jenkinsci.plugins.workflow.graph.FlowNode persistSafe
WARNING: failed to save actions for FlowNode id=24
java.io.IOException: java.lang.RuntimeException: Failed to serialize org.jenkinsci.plugins.workflow.support.storage.SimpleXStreamFlowNodeStorage$Tag#actions for class org.jenkinsci.plugins.workflow.support.storage.SimpleXStreamFlowNodeStorage$Tag
at hudson.XmlFile.write(XmlFile.java:201)
at org.jenkinsci.plugins.workflow.support.storage.SimpleXStreamFlowNodeStorage.saveActions(SimpleXStreamFlowNodeStorage.java:111)
at org.jenkinsci.plugins.workflow.cps.CpsFlowExecution$TimingFlowNodeStorage.saveActions(CpsFlowExecution.java:1490)
at org.jenkinsci.plugins.workflow.cps.CpsFlowExecution.saveActions(CpsFlowExecution.java:1014)
at org.jenkinsci.plugins.workflow.graph.FlowNode.save(FlowNode.java:446)
at org.jenkinsci.plugins.workflow.graph.FlowNode.persistSafe(FlowNode.java:452)
at org.jenkinsci.plugins.workflow.graph.FlowNode.access$100(FlowNode.java:61)
at org.jenkinsci.plugins.workflow.graph.FlowNode$1.add(FlowNode.java:411)
at org.jenkinsci.plugins.workflow.graph.FlowNode$1.add(FlowNode.java:401)
at java.util.AbstractList.add(Unknown Source)
at hudson.model.Actionable.addAction(Actionable.java:155)
at org.jenkinsci.plugins.workflow.cps.FlowHead.markIfFail(FlowHead.java:144)
at org.jenkinsci.plugins.workflow.cps.CpsStepContext$2.onSuccess(CpsStepContext.java:439)
at org.jenkinsci.plugins.workflow.cps.CpsStepContext$2.onSuccess(CpsStepContext.java:395)
at org.jenkinsci.plugins.workflow.cps.CpsFlowExecution$4$1.run(CpsFlowExecution.java:746)
at org.jenkinsci.plugins.workflow.cps.CpsVmExecutorService$1.run(CpsVmExecutorService.java:35)
at java.util.concurrent.Executors$RunnableAdapter.call(Unknown Source)
at java.util.concurrent.FutureTask.run(Unknown Source)
at hudson.remoting.SingleLaneExecutorService$1.run(SingleLaneExecutorService.java:131)
at jenkins.util.ContextResettingExecutorService$1.run(ContextResettingExecutorService.java:28)
at java.util.concurrent.Executors$RunnableAdapter.call(Unknown Source)
at java.util.concurrent.FutureTask.run(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
Caused by: java.lang.RuntimeException: Failed to serialize org.jenkinsci.plugins.workflow.support.storage.SimpleXStreamFlowNodeStorage$Tag#actions for class org.jenkinsci.plugins.workflow.support.storage.SimpleXStreamFlowNodeStorage$Tag
at hudson.util.RobustReflectionConverter$2.writeField(RobustReflectionConverter.java:256)
at hudson.util.RobustReflectionConverter$2.visit(RobustReflectionConverter.java:224)
at com.thoughtworks.xstream.converters.reflection.PureJavaReflectionProvider.visitSerializableFields(PureJavaReflectionProvider.java:138)
at hudson.util.RobustReflectionConverter.doMarshal(RobustReflectionConverter.java:209)
at hudson.util.RobustReflectionConverter.marshal(RobustReflectionConverter.java:150)
at com.thoughtworks.xstream.core.AbstractReferenceMarshaller.convert(AbstractReferenceMarshaller.java:69)
at com.thoughtworks.xstream.core.TreeMarshaller.convertAnother(TreeMarshaller.java:58)
at com.thoughtworks.xstream.core.TreeMarshaller.convertAnother(TreeMarshaller.java:43)
at com.thoughtworks.xstream.core.TreeMarshaller.start(TreeMarshaller.java:82)
at com.thoughtworks.xstream.core.AbstractTreeMarshallingStrategy.marshal(AbstractTreeMarshallingStrategy.java:37)
at com.thoughtworks.xstream.XStream.marshal(XStream.java:1026)
at com.thoughtworks.xstream.XStream.marshal(XStream.java:1015)
at com.thoughtworks.xstream.XStream.toXML(XStream.java:988)
at hudson.XmlFile.write(XmlFile.java:194)
... 24 more
Caused by: java.lang.RuntimeException: Failed to serialize org.jenkinsci.plugins.workflow.cps.actions.ArgumentsActionImpl#arguments for class org.jenkinsci.plugins.workflow.cps.actions.ArgumentsActionImpl
at hudson.util.RobustReflectionConverter$2.writeField(RobustReflectionConverter.java:256)
at hudson.util.RobustReflectionConverter$2.visit(RobustReflectionConverter.java:224)
at com.thoughtworks.xstream.converters.reflection.PureJavaReflectionProvider.visitSerializableFields(PureJavaReflectionProvider.java:138)
at hudson.util.RobustReflectionConverter.doMarshal(RobustReflectionConverter.java:209)
at hudson.util.RobustReflectionConverter.marshal(RobustReflectionConverter.java:150)
at com.thoughtworks.xstream.core.AbstractReferenceMarshaller.convert(AbstractReferenceMarshaller.java:69)
at com.thoughtworks.xstream.core.TreeMarshaller.convertAnother(TreeMarshaller.java:58)
at com.thoughtworks.xstream.core.TreeMarshaller.convertAnother(TreeMarshaller.java:43)
at com.thoughtworks.xstream.core.AbstractReferenceMarshaller$1.convertAnother(AbstractReferenceMarshaller.java:88)
at com.thoughtworks.xstream.converters.collections.AbstractCollectionConverter.writeItem(AbstractCollectionConverter.java:64)
at com.thoughtworks.xstream.converters.collections.ArrayConverter.marshal(ArrayConverter.java:45)
at com.thoughtworks.xstream.core.AbstractReferenceMarshaller.convert(AbstractReferenceMarshaller.java:69)
at com.thoughtworks.xstream.core.TreeMarshaller.convertAnother(TreeMarshaller.java:58)
at com.thoughtworks.xstream.core.AbstractReferenceMarshaller$1.convertAnother(AbstractReferenceMarshaller.java:84)
at hudson.util.RobustReflectionConverter.marshallField(RobustReflectionConverter.java:265)
at hudson.util.RobustReflectionConverter$2.writeField(RobustReflectionConverter.java:252)
... 37 more
Caused by: java.lang.RuntimeException: Failed to serialize org.jfrog.hudson.pipeline.types.MavenBuild#deployer for class org.jfrog.hudson.pipeline.types.MavenBuild
at hudson.util.RobustReflectionConverter$2.writeField(RobustReflectionConverter.java:256)
at hudson.util.RobustReflectionConverter$2.visit(RobustReflectionConverter.java:224)
at com.thoughtworks.xstream.converters.reflection.PureJavaReflectionProvider.visitSerializableFields(PureJavaReflectionProvider.java:138)
at hudson.util.RobustReflectionConverter.doMarshal(RobustReflectionConverter.java:209)
at hudson.util.RobustReflectionConverter.marshal(RobustReflectionConverter.java:150)
at com.thoughtworks.xstream.core.AbstractReferenceMarshaller.convert(AbstractReferenceMarshaller.java:69)
at com.thoughtworks.xstream.core.TreeMarshaller.convertAnother(TreeMarshaller.java:58)
at com.thoughtworks.xstream.core.TreeMarshaller.convertAnother(TreeMarshaller.java:43)
at com.thoughtworks.xstream.core.AbstractReferenceMarshaller$1.convertAnother(AbstractReferenceMarshaller.java:88)
at com.thoughtworks.xstream.converters.collections.AbstractCollectionConverter.writeItem(AbstractCollectionConverter.java:64)
at com.thoughtworks.xstream.converters.collections.MapConverter.marshal(MapConverter.java:79)
at com.thoughtworks.xstream.core.AbstractReferenceMarshaller.convert(AbstractReferenceMarshaller.java:69)
at com.thoughtworks.xstream.core.TreeMarshaller.convertAnother(TreeMarshaller.java:58)
at com.thoughtworks.xstream.core.AbstractReferenceMarshaller$1.convertAnother(AbstractReferenceMarshaller.java:84)
at hudson.util.RobustReflectionConverter.marshallField(RobustReflectionConverter.java:265)
at hudson.util.RobustReflectionConverter$2.writeField(RobustReflectionConverter.java:252)
... 52 more
Caused by: java.lang.RuntimeException: Failed to serialize org.jfrog.hudson.pipeline.types.deployers.Deployer#properties for class org.jfrog.hudson.pipeline.types.deployers.MavenDeployer
at hudson.util.RobustReflectionConverter$2.writeField(RobustReflectionConverter.java:256)
at hudson.util.RobustReflectionConverter$2.visit(RobustReflectionConverter.java:224)
at com.thoughtworks.xstream.converters.reflection.PureJavaReflectionProvider.visitSerializableFields(PureJavaReflectionProvider.java:138)
at hudson.util.RobustReflectionConverter.doMarshal(RobustReflectionConverter.java:209)
at hudson.util.RobustReflectionConverter.marshal(RobustReflectionConverter.java:150)
at com.thoughtworks.xstream.core.AbstractReferenceMarshaller.convert(AbstractReferenceMarshaller.java:69)
at com.thoughtworks.xstream.core.TreeMarshaller.convertAnother(TreeMarshaller.java:58)
at com.thoughtworks.xstream.core.AbstractReferenceMarshaller$1.convertAnother(AbstractReferenceMarshaller.java:84)
at hudson.util.RobustReflectionConverter.marshallField(RobustReflectionConverter.java:265)
at hudson.util.RobustReflectionConverter$2.writeField(RobustReflectionConverter.java:252)
... 67 more
Caused by: java.lang.UnsupportedOperationException: Refusing to marshal com.google.common.collect.ArrayListMultimap for security reasons; see https://jenkins.io/redirect/class-filter/
at hudson.util.XStream2$BlacklistedTypesConverter.marshal(XStream2.java:530)
at com.thoughtworks.xstream.core.AbstractReferenceMarshaller.convert(AbstractReferenceMarshaller.java:69)
at com.thoughtworks.xstream.core.TreeMarshaller.convertAnother(TreeMarshaller.java:58)
at com.thoughtworks.xstream.core.AbstractReferenceMarshaller$1.convertAnother(AbstractReferenceMarshaller.java:84)
at hudson.util.RobustReflectionConverter.marshallField(RobustReflectionConverter.java:265)
at hudson.util.RobustReflectionConverter$2.writeField(RobustReflectionConverter.java:252)
... 76 more