How to approve pending signatures?

[Maciej Gawinecki]

Hi,

I have pipeline that downloads Groovy script from Git, but Groovy script fails with

  org.jenkinsci.plugins.scriptsecurity.sandbox.RejectedAccessException: Scripts not permitted to use method java.net.URL openStream

I found /var/lib/jenkins/scriptApproval.xml file with the following excerpt:

  <approvedSignatures/>
  ...
  <pendingSignatures>
    <pendingSignature>
      <context/>
      <signature>method java.net.URL openStream</signature>
      <dangerous>true</dangerous>
    </pendingSignature>
  </pendingSignatures>
...
</scriptApproval>


I have editted the script into

  <approvedSignatures>
      <signature>method java.net.URL openStream</signature>
  </approvedSignatures>
...
</scriptApproval>

but after Jenkins restart and re-running the pipeline it get overwritten.

How do I approve pending signatures?

Regards,
Maciej

[Victor Martinez]

That's related to the plugin: https://wiki.jenkins-ci.org/display/JENKINS/Script+Security+Plugin therefore you can approve those functions/methods in the global settings. 

An administrator may now go to Manage Jenkins » In-process Script Approval where a list of scripts pending approval will be shown. Assuming nothing dangerous-looking is being requested, just click Approve to let the script be run henceforth.

Then you don't need to change the xml manually and reboot Jenkins

Cheers