[JIRA] (JENKINS-37777) Pipeline Config: Unable to assign any non literal to an environment variable

andrew.bayer@gmail.com (JIRA)

unread,

Aug 29, 2016, 2:42:01 PM8/29/16

to jenkinsc...@googlegroups.com

Andrew Bayer created an issue

Jenkins /

JENKINS-37777

Pipeline Config: Unable to assign any non literal to an environment variable

Issue Type:	Bug
Assignee:	Andrew Bayer
Components:	pipeline-config-plugin
Created:	2016/Aug/29 6:41 PM
Priority:	Major
Reporter:	Andrew Bayer

Should you try anything like:

 
                                                                environment {
  FOO = blah()
  BAZ = "${blah()}"
}

you will be rewarded with a stacktrace and a sandbox violation.

I think it is expected that the environment should be able to set programmatically, limiting it to literals is too restrictive to make it practical.

 
                                                                org.jenkinsci.plugins.scriptsecurity.sandbox.RejectedAccessException: Scripts not permitted to use method groovy.lang.GroovyObject invokeMethod java.lang.String java.lang.Object (org.jenkinsci.plugins.workflow.cps.CpsClosure2 foo)
	at org.jenkinsci.plugins.scriptsecurity.sandbox.whitelists.StaticWhitelist.rejectMethod(StaticWhitelist.java:181)
	at org.jenkinsci.plugins.scriptsecurity.sandbox.groovy.SandboxInterceptor.onMethodCall(SandboxInterceptor.java:117)
	at org.jenkinsci.plugins.scriptsecurity.sandbox.groovy.SandboxInterceptor.onMethodCall(SandboxInterceptor.java:103)
	at org.kohsuke.groovy.sandbox.impl.Checker$1.call(Checker.java:149)
	at org.kohsuke.groovy.sandbox.impl.Checker.checkedCall(Checker.java:146)
	at com.cloudbees.groovy.cps.sandbox.SandboxInvoker.methodCall(SandboxInvoker.java:16)
	at WorkflowScript.run(WorkflowScript:21)
	at org.jenkinsci.plugin
 
                                                            