File Input Type

[Paul]

Good evening,

I am creating a class that extends ToolInstaller (say "widget tester"). I want a way to upload the tool I'm testing ("widget") directly by using a <input type="file" ..> rather than using "Download URL for binary archive"? We're doing this stuff in a disconnected environment.

Is there a way I can do this using Jelly? I'm building my installer class using "ToolInstaller"

Thanks!

[Jesse Glick]

On Fri, Sep 25, 2020 at 2:06 AM Paul <paul...@gmail.com> wrote:
> Is there a way I can do this using Jelly?

Yes, though file uploads are tricky.
https://github.com/jenkinsci/plain-credentials-plugin/blob/83be2ca41c6c5e6f96eb6c9a47ebdd394b2a6dbc/src/main/java/org/jenkinsci/plugins/plaincredentials/impl/FileCredentialsImpl.java#L138-L164
+ https://github.com/jenkinsci/plain-credentials-plugin/blob/83be2ca41c6c5e6f96eb6c9a47ebdd394b2a6dbc/src/main/resources/org/jenkinsci/plugins/plaincredentials/impl/FileCredentialsImpl/credentials.jelly#L27-L47
may be helpful for hints.

Beware that there are a number of sorts of security vulnerabilities
you could introduce if you do not write this code very defensively. If
the tool is uploaded to the controller (Jenkins server), how does it
get to the agent where the build runs? Have you considered malicious
filenames? Etc.