Status: Resolved (View Workflow)
stash-pullrequest-builder-plugin built locally from current git (6115a02e9c081b6ee02325d93608e89bf78be93a)
stash-pullrequest-builder-plugin defines 10 variables, such as `sourceCommitHash`. Those variables are not available in multi-configuration jobs apart from the top-level process.
Those variable can be made available to the jobs by listing them in hudson.model.ParametersAction.safeParameters on the java command line. That's a workaround for SECURITY-170 that is no longer needed for free-style jobs.
Even with that workaround, Jenkins spams logs with messages like this:
WARNING: Skipped parameter `sourceCommitHash` as it is undefined on `TestRepository_pull_request_builder`. Set `-Dhudson.model.ParametersAction.keepUndefinedParameters=true` to allow undefined parameters to be injected as environment variables or `-Dhudson.model.ParametersAction.safeParameters=[comma-separated list]` to whitelist specific parameter names, even though it represents a security breach or `-Dhudson.model.ParametersAction.keepUndefinedParameters=false` to no longer show this message.
Only multi-configuration jobs appear in those messages. The way to suppress them is to also add -Dhudson.model.ParametersAction.keepUndefinedParameters=false to the java command line.
My expectations are:
- The variables defined by stash-pullrequest-builder-plugin should be available to multi-configuration jobs
- No warnings should be logged about those variables
- No java command line parameters should be needed to achieve it