How to check "Use Groovy Sandbox" programmatically from groovy : EnvironmentVariableContext

[cwil...@gmail.com]

I finally figured out how to set an environment variable to a string that depends on a build parameter in Job DSL using the groovy() method in a EnvironmentVariableContext. Now my problem is how to run the groovy script in the sandbox so it won't need to be authorized.

A form of the DSL:

    def testJob(){

        this.jobFactory.job("Tests/testJob"){

            parameters {

                booleanParam("DRYRUN", true, "Check to dryrun.")

            }

            environmentVariables{

                env("ONE", 1)

                groovy('''return [RUN: DRYRUN == 'true' ? ' --dryrun ' : '']''')

            }

            steps{

                shell('echo RUN=$RUN')

            }

        }

    }

Generates this job portion

The job fails because the script is not approved.

[EnvInject] - Evaluating the Groovy script content
ERROR: SEVERE ERROR occurs
org.jenkinsci.lib.envinject.EnvInjectException: Failed to evaluate the script
	at org.jenkinsci.plugins.envinject.service.EnvInjectEnvVars.executeGroovyScript(EnvInjectEnvVars.java:232)
	at org.jenkinsci.plugins.envinject.EnvInjectListener.setUpEnvironmentJobPropertyObject(EnvInjectListener.java:187)
	at org.jenkinsci.plugins.envinject.EnvInjectListener.setUpEnvironment(EnvInjectListener.java:49)
	at hudson.model.AbstractBuild$AbstractBuildExecution.createLauncher(AbstractBuild.java:572)
	at hudson.model.AbstractBuild$AbstractBuildExecution.run(AbstractBuild.java:492)
	at hudson.model.Run.execute(Run.java:1728)
	at hudson.model.FreeStyleBuild.run(FreeStyleBuild.java:43)
	at hudson.model.ResourceController.execute(ResourceController.java:98)
	at hudson.model.Executor.run(Executor.java:404)
Caused by: org.jenkinsci.plugins.scriptsecurity.scripts.UnapprovedUsageException: script not yet approved for use
	at org.jenkinsci.plugins.scriptsecurity.scripts.ScriptApproval.using(ScriptApproval.java:459)
	at org.jenkinsci.plugins.scriptsecurity.sandbox.groovy.SecureGroovyScript.evaluate(SecureGroovyScript.java:170)
	at org.jenkinsci.plugins.envinject.service.EnvInjectEnvVars.executeGroovyScript(EnvInjectEnvVars.java:230)
	... 8 more

But if I check the "Use Groovy Sandbox" the script runs fine.

How can I check the "Use Groovy Sandbox" from Job DSL?

Thanks a ton,

Chris

[Victor Martinez]

Does it help the below answer? 

- https://groups.google.com/forum/#!searchin/job-dsl-plugin/Use$20Groovy$20Sandbox%7Csort:date/job-dsl-plugin/UiD7ujvEQ-s/HvgRrAiJAwAJ

[cwil...@gmail.com]

Thanks a ton Victor! The link you referred me to got me pointed in the right direction.

I removed the environmentVariables/groovy() call and added the configure block below.

    def testJob(){

        this.jobFactory.job("Tests/testJob"){

            parameters {

                booleanParam("DRYRUN", true, "Check to dryrun.")

            }

            environmentVariables{

                env("ONE", 1)

            }

            steps{

                shell('echo RUN=$RUN')

            }

            configure{ configurationXML ->

              configurationXML / 'properties' / 'EnvInjectJobProperty' / 'info' / 'secureGroovyScript' / script("return [RUN: DRYRUN == 'true' ? ' --dryrun ' : '']")

              configurationXML / 'properties' / 'EnvInjectJobProperty' / 'info' / 'secureGroovyScript' / sandbox(true)