-
Bug
-
Resolution: Unresolved
-
Major
-
None
Hi team
I have 2 examples where I have parametrized build which supposed to create a pipelines. But when running in sandbox it failing and asking for approvals of :
method groovy.lang.GroovyObject getProperty java.lang.String
method groovy.lang.GroovyObject invokeMethod java.lang.String java.lang.Object
which are highlighted red as dangerous by jenkins
here are examples
multibranchPipelineJob("${JENKINS_PROJECT_NAME}/CI Build") {
branchSources {
github {
scanCredentialsId("${GIT_CREDENTIALS_ID}")
repoOwner("${GITHUB_REPO_OWNER}")
repository("${GITHUB_REPO_NAME}")
}
}
}
ERROR: Scripts not permitted to use method groovy.lang.GroovyObject getProperty java.lang.String (javaposse.jobdsl.dsl.helpers.workflow.GitHubBranchSourceContext.GIT_CREDENTIALS_ID)
I think problem here is usage of DELEGATE_FIRST mode without whitelisting (if it even possible to whitelist)
second example
pipelineJob("${rootFolderPath}/SomeName") {
definition {
cpsScm {
scm {
git {
remote {
url(jenkinsfilesRepo)
credentials('github-access')
}
branches('master')
scriptPath("${microservicesScriptsPath}/somepath/Jenkinsfile")
lightweight(false)
extensions {
relativeTargetDirectory("DSL")
}
configure { node ->
node / extensions / 'hudson.plugins.git.extensions.impl.PathRestriction' {
excludedRegions "${rootScriptPath}"
}
}
}
}
}
}
}
ERROR: Scripts not permitted to use method groovy.lang.GroovyObject invokeMethod java.lang.String java.lang.Object (javaposse.jobdsl.dsl.helpers.scm.GitContext scriptPath org.codehaus.groovy.runtime.GStringImpl)
Do you think it can be fixed ob job dsl plugin side? Jenkins is warning it is not safe to whitelist those signatures globally.
Thank you!
