I implemented symbol whitelisting for many of the fields in the git plugin as part of the git plugin 4.1.0 release. Unfortunately, I've found one case where I am still required to approve a script that uses a symbol, even when other uses of that same symbol are allowed without approval.
The working cases are all references directly inside the Jenkinsfile. For example, I can do the following assignment with no script approval:
def userRemoteConfigsIn = scm.userRemoteConfigs
def userRemoteConfigsIn_url = scm.userRemoteConfigs[0].url
def userRemoteConfigsIn_name = scm.userRemoteConfigs[0].name
def userRemoteConfigsIn_refspec = scm.userRemoteConfigs[0].refspec
def userRemoteConfigsIn_credentialsId = scm.userRemoteConfigs[0].credentialsId
def branchesIn = scm.branches
def branchesIn_name = scm.branches[0].name
Those assignments work great and do not require script approval.
It basically looks like this:
@Library(value='globalPipelineLibraryMarkEWaite', changelog=false) _
import com.markwaite.Assert
import com.markwaite.Build
import com.markwaite.GitUtils
def branch1='JENKINS-37156'
def branch2='master'
def branch3='JENKINS-06203'
node('git-1.8+ && !cloud') {
stage('Checkout') {
def my_utils = new com.markwaite.GitUtils()
def new_refspec = my_utils.adjustRemoteConfig(scm.userRemoteConfigs[0], branch2)
}
Any pointers to suggest what I've done wrong that would cause a reference from within the Jenkinsfile to be whitelisted and another to a method defined in a separate file to not be whitelisted?
--