[JIRA] (JENKINS-39360) Allow ALLOWED_JNLPJARS_FILES to be configurable by plugins

5 views
Skip to first unread message

antoniobeyah@gmail.com (JIRA)

unread,
Oct 28, 2016, 2:12:04 PM10/28/16
to jenkinsc...@googlegroups.com
Antonio Beyah created an issue
 
Jenkins / Improvement JENKINS-39360
Allow ALLOWED_JNLPJARS_FILES to be configurable by plugins
Issue Type: Improvement Improvement
Assignee: Kohsuke Kawaguchi
Components: core, swarm-plugin
Created: 2016/Oct/28 6:11 PM
Priority: Minor Minor
Reporter: Antonio Beyah

We currently use the [Swarm](https://wiki.jenkins-ci.org/display/JENKINS/Swarm+Plugin) plugin to configure our agents to connect to the master and one of the things we have to do is presetup the agent with the proper version of the swarm-client jar.

One thing I wanted to do was update the swarm plugin to allow you to retrieve the swarm-client.jar in the same manner as we can the slave.jar. When I looked at the code though I don't think this is possible due to the code in the core.

The current process looks like this:

  • Download swarm-client.jar from internet
  • Download slave.jar from master
  • Run java process with -cp slave.jar:swarm-client.jar

I would like it to look like:

  • Download swarm-client.jar from master
  • Download slave.jar from master
  • Run java process with -cp slave.jar:swarm-client.jar

End goal is to allow me to configure my agents by retrieving any necessary components from the master, including plugin client dependencies such as the swarm-client.jar.

References:
[Slave.java](https://github.com/jenkinsci/jenkins/blob/57fc2185da383e904a2a714f2d945426a92bfc3e/core/src/main/java/hudson/model/Slave.java#L619)
[Swarm Plugin](https://wiki.jenkins-ci.org/display/JENKINS/Swarm+Plugin)
Add Comment Add Comment
 
This message was sent by Atlassian JIRA (v7.1.7#71011-sha1:2526d7c)
Atlassian logo

o.v.nenashev@gmail.com (JIRA)

unread,
Nov 10, 2016, 4:28:01 PM11/10/16
to jenkinsc...@googlegroups.com
Oleg Nenashev commented on Improvement JENKINS-39360
 
Re: Allow ALLOWED_JNLPJARS_FILES to be configurable by plugins

Originally there was a plan to make it configurable, but the approach has been rejected by the Security team IIRC.
CC Daniel Beck

dbeck@cloudbees.com (JIRA)

unread,
Nov 10, 2016, 4:53:02 PM11/10/16
to jenkinsc...@googlegroups.com

I see no need to make this configurable. It should be straightforward to achieve a similar result with UnprotectedRootAction / DirectoryBrowserSupport (just don't be an idiot and allow path traversal). The approach chosen in Jenkins was to retain compatibility with existing URLs, but if it's a different file, it should be straightforward enough.

o.v.nenashev@gmail.com (JIRA)

unread,
Feb 26, 2018, 3:28:27 AM2/26/18
to jenkinsc...@googlegroups.com
Oleg Nenashev assigned an issue to Unassigned
 

KK does not maintain this plugin anymore. Moving to unassigned to set the expectation
Change By: Oleg Nenashev
Assignee: Kohsuke Kawaguchi
This message was sent by Atlassian JIRA (v7.3.0#73011-sha1:3c73d0e)
Atlassian logo

me@basilcrow.com (JIRA)

unread,
Jun 1, 2019, 1:53:02 PM6/1/19
to jenkinsc...@googlegroups.com
Change By: Basil Crow
Status: In Progress Review
This message was sent by Atlassian Jira (v7.11.2#711002-sha1:fdc329d)

me@basilcrow.com (JIRA)

unread,
Jun 1, 2019, 1:53:03 PM6/1/19
to jenkinsc...@googlegroups.com
Basil Crow started work on Improvement JENKINS-39360
 
Change By: Basil Crow
Status: Open In Progress

me@basilcrow.com (JIRA)

unread,
Jun 1, 2019, 1:55:02 PM6/1/19
to jenkinsc...@googlegroups.com
 

Fixed in #62 and released in 3.10. You can now download the Swarm Client from the Jenkins master via:

http://<jenkins-url>/swarm/swarm-client.jar
Change By: Basil Crow
Status: In Review Resolved
Resolution: Fixed
Reply all
Reply to author
Forward
0 new messages