[JIRA] (JENKINS-42551) Able to generate invalid declarative Jenkinsfiles

1 view
Skip to first unread message

kzantow@cloudbees.com (JIRA)

unread,
Mar 7, 2017, 1:04:02 PM3/7/17
to jenkinsc...@googlegroups.com
Keith Zantow created an issue
 
Jenkins / Bug JENKINS-42551
Able to generate invalid declarative Jenkinsfiles
Issue Type: Bug Bug
Assignee: Andrew Bayer
Components: pipeline-model-definition-plugin
Created: 2017/Mar/07 6:03 PM
Priority: Critical Critical
Reporter: Keith Zantow

In certain cases, it is possible to generate invalid Jenkinsfiles.

I suggest during the JSON validation, we convert to declarative, and then also validate the declarative file, just to prevent invalid files from ever being created.

An example JSON request that generates invalid declarative:

{"pipeline":{"agent":{"type":"any"},"stages":[{"name":"Build","branches":[{"name":"default","steps":[{"name":"sh","arguments":[{"key":"script","value":{"isLiteral":true,"value":"echo 'hello\\'"}}]}]}]}]}}

 
Add Comment Add Comment
 
This message was sent by Atlassian JIRA (v7.3.0#73011-sha1:3c73d0e)
Atlassian logo

kzantow@cloudbees.com (JIRA)

unread,
Mar 7, 2017, 1:05:01 PM3/7/17
to jenkinsc...@googlegroups.com
Keith Zantow updated an issue
Change By: Keith Zantow
In certain cases, it is possible to generate invalid Jenkinsfiles.
For one thing, we need to escape backslashes.

Additionally, I suggest during the JSON validation, we convert to declarative, and then also validate the declarative file, just to prevent invalid files from ever being created , since we can't actually load them into the editor again .


An example JSON request that generates invalid declarative:
{code:java}
{"pipeline":{"agent":{"type":"any"},"stages":[{"name":"Build","branches":[{"name":"default","steps":[{"name":"sh","arguments":[{"key":"script","value":{"isLiteral":true,"value":"echo 'hello\\'"}}]}]}]}]}}{code}
 

andrew.bayer@gmail.com (JIRA)

unread,
Mar 7, 2017, 1:08:02 PM3/7/17
to jenkinsc...@googlegroups.com
Andrew Bayer commented on Bug JENKINS-42551
 
Re: Able to generate invalid declarative Jenkinsfiles

Aaaaah - string hell. Good thought.

andrew.bayer@gmail.com (JIRA)

unread,
Mar 9, 2017, 6:36:01 PM3/9/17
to jenkinsc...@googlegroups.com
Andrew Bayer started work on Bug JENKINS-42551
 
Change By: Andrew Bayer
Status: Open In Progress

andrew.bayer@gmail.com (JIRA)

unread,
Mar 9, 2017, 6:36:02 PM3/9/17
to jenkinsc...@googlegroups.com
Change By: Andrew Bayer
Status: In Progress Review

andrew.bayer@gmail.com (JIRA)

unread,
Mar 9, 2017, 6:36:02 PM3/9/17
to jenkinsc...@googlegroups.com

scm_issue_link@java.net (JIRA)

unread,
Mar 13, 2017, 12:26:10 PM3/13/17
to jenkinsc...@googlegroups.com

Code changed in jenkins
User: Andrew Bayer
Path:
pipeline-model-definition/src/main/groovy/org/jenkinsci/plugins/pipeline/modeldefinition/parser/JSONParser.groovy
pipeline-model-definition/src/main/java/org/jenkinsci/plugins/pipeline/modeldefinition/endpoints/ModelConverterAction.java
pipeline-model-definition/src/main/resources/org/jenkinsci/plugins/pipeline/modeldefinition/Messages.properties
pipeline-model-definition/src/test/java/org/jenkinsci/plugins/pipeline/modeldefinition/validator/JSONValidationTest.java
pipeline-model-definition/src/test/resources/json/errors/jsonMismatchedQuotes.json
http://jenkins-ci.org/commit/pipeline-model-definition-plugin/c8d12fa9fd397d9443f4ea40e9d77035b2bd295f
Log:
[FIXED JENKINS-42551] Reject mismatched quotes and other invalid Groovy

So now the JSON string "hello
'" will cause a parse-time error. I
also tweaked JSON validation endpoint to also convert to Jenkinsfile
and validate that, so as to be sure we've actually got JSON that can
be a valid Jenkinsfile, even if it has some kind of gotcha in it like
the one fixed here.

andrew.bayer@gmail.com (JIRA)

unread,
Mar 13, 2017, 12:27:03 PM3/13/17
to jenkinsc...@googlegroups.com
Change By: Andrew Bayer
Status: In Review Resolved
Resolution: Fixed

bitwiseman@gmail.com (JIRA)

unread,
Oct 22, 2019, 11:24:58 PM10/22/19
to jenkinsc...@googlegroups.com
Liam Newman closed an issue as Fixed
 

Bulk closing resolved issues.

Change By: Liam Newman
Status: Resolved Closed
This message was sent by Atlassian Jira (v7.13.6#713006-sha1:cc4451f)
Atlassian logo
Reply all
Reply to author
Forward
0 new messages