[JENKINS-50509] Docker Traceability plugin is affected by JEP-200

It is a follow-up to the investigation of ~~JENKINS-50480~~...

1) Docker Traceability API library has no Whitelist manifest entry, so the classes in it will be likely rejected. There is a critical class for fingerprinting: https://github.com/jenkinsci/docker-traceability-plugin/blob/49141a86d41269799e00161a02ac72e9aa9a3a15/docker-traceability-api/src/main/java/org/jenkinsci/plugins/docker/traceability/api/DockerTraceabilityReport.java#L51
2) Docker Traceability includes shaded versions of Docker Java classes. Since shading happens in a separate JAR, it likely also needs whittelisting

relates to

JENKINS-50480 UnsupportedOperationException: Refusing to marshal com.github.dockerjava.api.*

Oleg Nenashev created issue - 2018-04-02 09:52

Oleg Nenashev made changes - 2018-04-02 09:52

Link

New: This issue relates to ~~JENKINS-50480~~ [ ~~JENKINS-50480~~ ]

Jesse Glick made changes - 2018-04-02 15:42

Labels

New: JEP-200

Darin McGrew made changes - 2018-04-05 17:31

Summary

Original: Docket Traceability plugin is affected by JEP-200

New: Docker Traceability plugin is affected by JEP-200

Jenkins