Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-50974

AWS CodeDeploy plug-in fails with new JEP-200 whitelist

      Jenkins version: 2.107.2

      CodeDeploy plug-in version: 1.19

      Amazon Web Services SDK plug-in version: 1.11.264

      error message:
      ERROR: Failed to parse POMs
      java.io.IOException: java.lang.RuntimeException: Failed to serialize hudson.maven.MavenModuleSet#publishers for class hudson.maven.MavenModuleSet
      at hudson.XmlFile.write(XmlFile.java:200)
      at hudson.model.AbstractItem.save(AbstractItem.java:483)
      at hudson.model.Job.save(Job.java:196)
      at hudson.model.AbstractProject.save(AbstractProject.java:289)
      at hudson.model.AbstractProject.setJDK(AbstractProject.java:893)
      at com.datalex.jdkparameter.JavaParameterBuildWrapper$1.tearDown(JavaParameterBuildWrapper.java:60)
      at hudson.maven.MavenModuleSetBuild$MavenModuleSetBuildExecution.doRun(MavenModuleSetBuild.java:902)
      at hudson.model.AbstractBuild$AbstractBuildExecution.run(AbstractBuild.java:504)
      at hudson.model.Run.execute(Run.java:1727)
      at hudson.maven.MavenModuleSetBuild.run(MavenModuleSetBuild.java:544)
      at hudson.model.ResourceController.execute(ResourceController.java:97)
      at hudson.model.Executor.run(Executor.java:429)
      Caused by: java.lang.RuntimeException: Failed to serialize hudson.maven.MavenModuleSet#publishers for class hudson.maven.MavenModuleSet
      at hudson.util.RobustReflectionConverter$2.writeField(RobustReflectionConverter.java:256)
      at hudson.util.RobustReflectionConverter$2.visit(RobustReflectionConverter.java:224)
      at com.thoughtworks.xstream.converters.reflection.PureJavaReflectionProvider.visitSerializableFields(PureJavaReflectionProvider.java:138)
      at hudson.util.RobustReflectionConverter.doMarshal(RobustReflectionConverter.java:209)
      at hudson.util.RobustReflectionConverter.marshal(RobustReflectionConverter.java:150)
      at com.thoughtworks.xstream.core.AbstractReferenceMarshaller.convert(AbstractReferenceMarshaller.java:69)
      at com.thoughtworks.xstream.core.TreeMarshaller.convertAnother(TreeMarshaller.java:58)
      at com.thoughtworks.xstream.core.TreeMarshaller.convertAnother(TreeMarshaller.java:43)
      at com.thoughtworks.xstream.core.TreeMarshaller.start(TreeMarshaller.java:82)
      at com.thoughtworks.xstream.core.AbstractTreeMarshallingStrategy.marshal(AbstractTreeMarshallingStrategy.java:37)
      at com.thoughtworks.xstream.XStream.marshal(XStream.java:1026)
      at com.thoughtworks.xstream.XStream.marshal(XStream.java:1015)
      at com.thoughtworks.xstream.XStream.toXML(XStream.java:988)
      at hudson.XmlFile.write(XmlFile.java:193)
      ... 11 more
      Caused by: java.lang.RuntimeException: Failed to serialize com.amazonaws.codedeploy.AWSCodeDeployPublisher#logger for class com.amazonaws.codedeploy.AWSCodeDeployPublisher
      at hudson.util.RobustReflectionConverter$2.writeField(RobustReflectionConverter.java:256)
      at hudson.util.RobustReflectionConverter$2.visit(RobustReflectionConverter.java:224)
      at com.thoughtworks.xstream.converters.reflection.PureJavaReflectionProvider.visitSerializableFields(PureJavaReflectionProvider.java:138)
      at hudson.util.RobustReflectionConverter.doMarshal(RobustReflectionConverter.java:209)
      at hudson.util.RobustReflectionConverter.marshal(RobustReflectionConverter.java:150)
      at com.thoughtworks.xstream.core.AbstractReferenceMarshaller.convert(AbstractReferenceMarshaller.java:69)
      at com.thoughtworks.xstream.core.TreeMarshaller.convertAnother(TreeMarshaller.java:58)
      at com.thoughtworks.xstream.core.TreeMarshaller.convertAnother(TreeMarshaller.java:43)
      at com.thoughtworks.xstream.core.AbstractReferenceMarshaller$1.convertAnother(AbstractReferenceMarshaller.java:88)
      at com.thoughtworks.xstream.converters.collections.AbstractCollectionConverter.writeItem(AbstractCollectionConverter.java:64)
      at hudson.util.DescribableList$ConverterImpl.marshal(DescribableList.java:269)
      at com.thoughtworks.xstream.core.AbstractReferenceMarshaller.convert(AbstractReferenceMarshaller.java:69)
      at com.thoughtworks.xstream.core.TreeMarshaller.convertAnother(TreeMarshaller.java:58)
      at com.thoughtworks.xstream.core.AbstractReferenceMarshaller$1.convertAnother(AbstractReferenceMarshaller.java:84)
      at hudson.util.RobustReflectionConverter.marshallField(RobustReflectionConverter.java:265)
      at hudson.util.RobustReflectionConverter$2.writeField(RobustReflectionConverter.java:252)
      ... 24 more
      Caused by: java.lang.UnsupportedOperationException: Refusing to marshal java.io.PrintStream for security reasons; see
      https://jenkins.io/redirect/class-filter/
      at hudson.util.XStream2$BlacklistedTypesConverter.marshal(XStream2.java:543)
      at com.thoughtworks.xstream.core.AbstractReferenceMarshaller.convert(AbstractReferenceMarshaller.java:69)
      at com.thoughtworks.xstream.core.TreeMarshaller.convertAnother(TreeMarshaller.java:58)
      at com.thoughtworks.xstream.core.AbstractReferenceMarshaller$1.convertAnother(AbstractReferenceMarshaller.java:84)
      at hudson.util.RobustReflectionConverter.marshallField(RobustReflectionConverter.java:265)
      at hudson.util.RobustReflectionConverter$2.writeField(RobustReflectionConverter.java:252)
      ... 39 more

      The issue got resolved by using the workaround mentioned in https://jenkins.io/blog/2018/03/15/jep-200-lts/. I had to modify my /etc/init.d/jenkins to add

      JENKINS_JAVA_OPTIONS="-Dhudson.remoting.ClassFilter=com.amazonaws.codedeploy.AWSCodeDeployPublisher"

      before starting jenkins, and it resolved the issue. Logging it so that the AWS Code Deploy plug-in can be white listed.

          [JENKINS-50974] AWS CodeDeploy plug-in fails with new JEP-200 whitelist

          Oleg Nenashev added a comment -

          In JENKINS-50264 we fixed CodeBuild, but not CodeDeploy.
          I am not sure how the suggested whitelist solves the issue, "Caused by: java.lang.UnsupportedOperationException: Refusing to marshal java.io.PrintStream for security reasons; " explicitly points to PrintStream class (hich should not be persisted)

          Oleg Nenashev added a comment - In JENKINS-50264 we fixed CodeBuild, but not CodeDeploy. I am not sure how the suggested whitelist solves the issue, "Caused by: java.lang.UnsupportedOperationException: Refusing to marshal java.io.PrintStream for security reasons; " explicitly points to PrintStream class (hich should not be persisted)

          Oleg Nenashev added a comment -

          https://github.com/jenkinsci/aws-codedeploy-plugin , 1500 installations, active maintenance, recent Plugin POM. The fix should be pretty trivial: PrintStream in https://github.com/jenkinsci/aws-codedeploy-plugin/blob/master/src/main/java/com/amazonaws/codedeploy/AWSCodeDeployPublisher.java#L109 should be removed and passed to private methods as arguments

          Oleg Nenashev added a comment - https://github.com/jenkinsci/aws-codedeploy-plugin , 1500 installations, active maintenance, recent Plugin POM. The fix should be pretty trivial: PrintStream in https://github.com/jenkinsci/aws-codedeploy-plugin/blob/master/src/main/java/com/amazonaws/codedeploy/AWSCodeDeployPublisher.java#L109 should be removed and passed to private methods as arguments

          Thank you for your quick response. The subsequent builds failed even with the workaround in place. Will follow up with the publisher to get the changes made.

          Sriram Veeraraghavan added a comment - Thank you for your quick response. The subsequent builds failed even with the workaround in place. Will follow up with the publisher to get the changes made.

          Oleg Nenashev added a comment -

          Ack. Will keep it assigned to the vendor

          Oleg Nenashev added a comment - Ack. Will keep it assigned to the vendor

          oleg_nenashev: Andrew no longer maintains the plugin - Is there a spot we need to update for new maintainers? CodeDeploy Plugin issues can be assigned to me

          Josh McFarlane added a comment - oleg_nenashev : Andrew no longer maintains the plugin - Is there a spot we need to update for new maintainers? CodeDeploy Plugin issues can be assigned to me

          Oleg Nenashev added a comment -

          jmcfar IIUC you are the maintainer according to https://github.com/jenkins-infra/repository-permissions-updater/blob/master/permissions/plugin-codedeploy.yml , right? I will change the default assignee.

          Oleg Nenashev added a comment - jmcfar IIUC you are the maintainer according to https://github.com/jenkins-infra/repository-permissions-updater/blob/master/permissions/plugin-codedeploy.yml , right? I will change the default assignee.

          Yup - I'm happy to be first point of contact for these issues and can re-assign within our team as necessary.

          Josh McFarlane added a comment - Yup - I'm happy to be first point of contact for these issues and can re-assign within our team as necessary.

          Oleg Nenashev added a comment -

          Reassigned the issue to jmcfar according to his comment in JENKINS-50974

          Oleg Nenashev added a comment - Reassigned the issue to jmcfar according to his comment in JENKINS-50974

          Oleg Nenashev added a comment -

          jmcfar Great, thanks a lot! I have reassigned the open issues to you and also made you a default assignee for the new ones

          Oleg Nenashev added a comment - jmcfar Great, thanks a lot! I have reassigned the open issues to you and also made you a default assignee for the new ones

            jmcfar Josh McFarlane
            sriramvee Sriram Veeraraghavan
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated: