Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-49175

Job DSL Plugin violates whitelist

    Details

    • Similar Issues:

      Description

      After upgrading Jenkins to 2.103 I found the following message in the Jenkins logs:

      Jan 25, 2018 8:37:28 PM WARNING jenkins.security.ClassFilterImpl lambda$isBlacklisted$1
      javaposse.jobdsl.dsl.GeneratedView in file:/var/lib/jenkins/plugins/job-dsl/WEB-INF/lib/job-dsl-core-1.66.jar might be dangerous, so rejecting; see https://jenkins.io/redirect/class-filter/
      

      According to the blog post I want you to know about this problem, even if I don't see anything wrong. DSL jobs run fine and without bugs.

        Attachments

          Issue Links

            Activity

            Hide
            oleg_nenashev Oleg Nenashev added a comment -

            Aleksei Grigorov The patch should work in your case as well. Could you please try the SNAPSHOT build? e.g. https://ci.jenkins.io/job/Plugins/job/job-dsl-plugin/job/master/83/artifact/job-dsl-plugin/build/libs/job-dsl.hpi

            Show
            oleg_nenashev Oleg Nenashev added a comment - Aleksei Grigorov The patch should work in your case as well. Could you please try the SNAPSHOT build? e.g. https://ci.jenkins.io/job/Plugins/job/job-dsl-plugin/job/master/83/artifact/job-dsl-plugin/build/libs/job-dsl.hpi
            Hide
            ktannenberg Aleksei Grigorov added a comment - - edited

            Oleg Nenashev Thanks, seems to work fine with SNAPSHOT build of job dsl. I'll revert to jenkins 2.100 and job-dsl 1.66 however until job-dsl 1.67 is released.

            Show
            ktannenberg Aleksei Grigorov added a comment - - edited Oleg Nenashev Thanks, seems to work fine with SNAPSHOT build of job dsl. I'll revert to jenkins 2.100 and job-dsl 1.66 however until job-dsl 1.67 is released.
            Hide
            oleg_nenashev Oleg Nenashev added a comment -

            Yeah, waiting for the release by Daniel Spilker as well

            Show
            oleg_nenashev Oleg Nenashev added a comment - Yeah, waiting for the release by Daniel Spilker as well
            Hide
            jglick Jesse Glick added a comment -

            Probably GeneratedView and GeneratedUserContent are analogous to GeneratedJob; the reason they are not in the core whitelist is that there is no test coverage demonstrating the need for them, at least not in acceptance-test-harness. There might be functional test coverage in job-dsl-plugin itself, but as it is built using Gradle, it cannot be run by plugin-compat-tester. IOW it is left to the initiative of the plugin maintainer to keep up with core changes—other Jenkins developers cannot easily help.

            Show
            jglick Jesse Glick added a comment - Probably GeneratedView and GeneratedUserContent are analogous to GeneratedJob ; the reason they are not in the core whitelist is that there is no test coverage demonstrating the need for them, at least not in acceptance-test-harness . There might be functional test coverage in job-dsl-plugin itself, but as it is built using Gradle, it cannot be run by plugin-compat-tester . IOW it is left to the initiative of the plugin maintainer to keep up with core changes—other Jenkins developers cannot easily help.
            Hide
            daspilker Daniel Spilker added a comment -

            I'll cut a release later today.

            Show
            daspilker Daniel Spilker added a comment - I'll cut a release later today.

              People

              • Assignee:
                daspilker Daniel Spilker
                Reporter:
                ewypych Emil Wypych
              • Votes:
                0 Vote for this issue
                Watchers:
                5 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: