Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-46103

Properly restrict which expressions can be passed to credentials(...) in Declarative


    • Similar Issues:
    • Epic Link:
    • Sprint:
      Declarative - 1.2


      Right now, we allow ConstantExpression or GStringExpression as the parameters to an internal function call (i.e., to credentials(...), but that's a little wonky, because you can actually sneak anything you want into the GStringExpression, i.e., "${someMethodCall(...)}" is legal. Now, locking down the GStringExpression contents is a different matter that I'll deal with some day. Probably. But for now, the question is what else should be allowed as a parameter to credentials(...) - there's probably a valid argument for non-block-scoped steps or functions and variables, so perhaps we should add VariableExpression and method calls with the same rules limiting their parameters as credentials(...) itself.

      Needs more thinking. But soon.


          Issue Links


            abayer Andrew Bayer created issue -
            abayer Andrew Bayer made changes -
            Field Original Value New Value
            Epic Link JENKINS-45422 [ 183590 ]
            abayer Andrew Bayer made changes -
            Labels declarative-variable-and-method-resolution
            abayer Andrew Bayer made changes -
            Link This issue relates to JENKINS-42753 [ JENKINS-42753 ]


              • Assignee:
                abayer Andrew Bayer
                abayer Andrew Bayer
              • Votes:
                1 Vote for this issue
                5 Start watching this issue


                • Created: