[JIRA] (JENKINS-50974) AWS CodeDeploy plug-in fails with new JEP-200 whitelist

1 view
Skip to first unread message

vsriram28@gmail.com (JIRA)

unread,
Apr 24, 2018, 3:37:02 PM4/24/18
to jenkinsc...@googlegroups.com
Sriram Veeraraghavan created an issue
 
Jenkins / Bug JENKINS-50974
AWS CodeDeploy plug-in fails with new JEP-200 whitelist
Issue Type: Bug Bug
Assignee: Andrew Fitz Gibbon
Components: codedeploy-plugin
Created: 2018-04-24 19:36
Priority: Minor Minor
Reporter: Sriram Veeraraghavan

Jenkins version: 2.107.2

CodeDeploy plug-in version: 1.19

Amazon Web Services SDK plug-in version: 1.11.264

error message:
ERROR: Failed to parse POMs
java.io.IOException: java.lang.RuntimeException: Failed to serialize hudson.maven.MavenModuleSet#publishers for class hudson.maven.MavenModuleSet
at hudson.XmlFile.write(XmlFile.java:200)
at hudson.model.AbstractItem.save(AbstractItem.java:483)
at hudson.model.Job.save(Job.java:196)
at hudson.model.AbstractProject.save(AbstractProject.java:289)
at hudson.model.AbstractProject.setJDK(AbstractProject.java:893)
at com.datalex.jdkparameter.JavaParameterBuildWrapper$1.tearDown(JavaParameterBuildWrapper.java:60)
at hudson.maven.MavenModuleSetBuild$MavenModuleSetBuildExecution.doRun(MavenModuleSetBuild.java:902)
at hudson.model.AbstractBuild$AbstractBuildExecution.run(AbstractBuild.java:504)
at hudson.model.Run.execute(Run.java:1727)
at hudson.maven.MavenModuleSetBuild.run(MavenModuleSetBuild.java:544)
at hudson.model.ResourceController.execute(ResourceController.java:97)
at hudson.model.Executor.run(Executor.java:429)
Caused by: java.lang.RuntimeException: Failed to serialize hudson.maven.MavenModuleSet#publishers for class hudson.maven.MavenModuleSet
at hudson.util.RobustReflectionConverter$2.writeField(RobustReflectionConverter.java:256)
at hudson.util.RobustReflectionConverter$2.visit(RobustReflectionConverter.java:224)
at com.thoughtworks.xstream.converters.reflection.PureJavaReflectionProvider.visitSerializableFields(PureJavaReflectionProvider.java:138)
at hudson.util.RobustReflectionConverter.doMarshal(RobustReflectionConverter.java:209)
at hudson.util.RobustReflectionConverter.marshal(RobustReflectionConverter.java:150)
at com.thoughtworks.xstream.core.AbstractReferenceMarshaller.convert(AbstractReferenceMarshaller.java:69)
at com.thoughtworks.xstream.core.TreeMarshaller.convertAnother(TreeMarshaller.java:58)
at com.thoughtworks.xstream.core.TreeMarshaller.convertAnother(TreeMarshaller.java:43)
at com.thoughtworks.xstream.core.TreeMarshaller.start(TreeMarshaller.java:82)
at com.thoughtworks.xstream.core.AbstractTreeMarshallingStrategy.marshal(AbstractTreeMarshallingStrategy.java:37)
at com.thoughtworks.xstream.XStream.marshal(XStream.java:1026)
at com.thoughtworks.xstream.XStream.marshal(XStream.java:1015)
at com.thoughtworks.xstream.XStream.toXML(XStream.java:988)
at hudson.XmlFile.write(XmlFile.java:193)
... 11 more
Caused by: java.lang.RuntimeException: Failed to serialize com.amazonaws.codedeploy.AWSCodeDeployPublisher#logger for class com.amazonaws.codedeploy.AWSCodeDeployPublisher
at hudson.util.RobustReflectionConverter$2.writeField(RobustReflectionConverter.java:256)
at hudson.util.RobustReflectionConverter$2.visit(RobustReflectionConverter.java:224)
at com.thoughtworks.xstream.converters.reflection.PureJavaReflectionProvider.visitSerializableFields(PureJavaReflectionProvider.java:138)
at hudson.util.RobustReflectionConverter.doMarshal(RobustReflectionConverter.java:209)
at hudson.util.RobustReflectionConverter.marshal(RobustReflectionConverter.java:150)
at com.thoughtworks.xstream.core.AbstractReferenceMarshaller.convert(AbstractReferenceMarshaller.java:69)
at com.thoughtworks.xstream.core.TreeMarshaller.convertAnother(TreeMarshaller.java:58)
at com.thoughtworks.xstream.core.TreeMarshaller.convertAnother(TreeMarshaller.java:43)
at com.thoughtworks.xstream.core.AbstractReferenceMarshaller$1.convertAnother(AbstractReferenceMarshaller.java:88)
at com.thoughtworks.xstream.converters.collections.AbstractCollectionConverter.writeItem(AbstractCollectionConverter.java:64)
at hudson.util.DescribableList$ConverterImpl.marshal(DescribableList.java:269)
at com.thoughtworks.xstream.core.AbstractReferenceMarshaller.convert(AbstractReferenceMarshaller.java:69)
at com.thoughtworks.xstream.core.TreeMarshaller.convertAnother(TreeMarshaller.java:58)
at com.thoughtworks.xstream.core.AbstractReferenceMarshaller$1.convertAnother(AbstractReferenceMarshaller.java:84)
at hudson.util.RobustReflectionConverter.marshallField(RobustReflectionConverter.java:265)
at hudson.util.RobustReflectionConverter$2.writeField(RobustReflectionConverter.java:252)
... 24 more
Caused by: java.lang.UnsupportedOperationException: Refusing to marshal java.io.PrintStream for security reasons; see
https://jenkins.io/redirect/class-filter/
at hudson.util.XStream2$BlacklistedTypesConverter.marshal(XStream2.java:543)
at com.thoughtworks.xstream.core.AbstractReferenceMarshaller.convert(AbstractReferenceMarshaller.java:69)
at com.thoughtworks.xstream.core.TreeMarshaller.convertAnother(TreeMarshaller.java:58)
at com.thoughtworks.xstream.core.AbstractReferenceMarshaller$1.convertAnother(AbstractReferenceMarshaller.java:84)
at hudson.util.RobustReflectionConverter.marshallField(RobustReflectionConverter.java:265)
at hudson.util.RobustReflectionConverter$2.writeField(RobustReflectionConverter.java:252)
... 39 more

The issue got resolved by using the workaround mentioned in https://jenkins.io/blog/2018/03/15/jep-200-lts/. I had to modify my /etc/init.d/jenkins to add

JENKINS_JAVA_OPTIONS="-Dhudson.remoting.ClassFilter=com.amazonaws.codedeploy.AWSCodeDeployPublisher"

before starting jenkins, and it resolved the issue. Logging it so that the AWS Code Deploy plug-in can be white listed.
Add Comment Add Comment
 
This message was sent by Atlassian JIRA (v7.3.0#73011-sha1:3c73d0e)
Atlassian logo

o.v.nenashev@gmail.com (JIRA)

unread,
Apr 24, 2018, 6:59:03 PM4/24/18
to jenkinsc...@googlegroups.com
Oleg Nenashev commented on Bug JENKINS-50974
 
Re: AWS CodeDeploy plug-in fails with new JEP-200 whitelist

In JENKINS-50264 we fixed CodeBuild, but not CodeDeploy.
I am not sure how the suggested whitelist solves the issue, "Caused by: java.lang.UnsupportedOperationException: Refusing to marshal java.io.PrintStream for security reasons; " explicitly points to PrintStream class (hich should not be persisted)

o.v.nenashev@gmail.com (JIRA)

unread,
Apr 24, 2018, 7:04:02 PM4/24/18
to jenkinsc...@googlegroups.com

https://github.com/jenkinsci/aws-codedeploy-plugin , 1500 installations, active maintenance, recent Plugin POM. The fix should be pretty trivial: PrintStream in https://github.com/jenkinsci/aws-codedeploy-plugin/blob/master/src/main/java/com/amazonaws/codedeploy/AWSCodeDeployPublisher.java#L109 should be removed and passed to private methods as arguments

o.v.nenashev@gmail.com (JIRA)

unread,
Apr 24, 2018, 7:14:04 PM4/24/18
to jenkinsc...@googlegroups.com
Oleg Nenashev updated an issue
 
Change By: Oleg Nenashev
Labels: JEP-200

vsriram28@gmail.com (JIRA)

unread,
Apr 25, 2018, 9:31:02 AM4/25/18
to jenkinsc...@googlegroups.com
Sriram Veeraraghavan commented on Bug JENKINS-50974
 
Re: AWS CodeDeploy plug-in fails with new JEP-200 whitelist

Thank you for your quick response. The subsequent builds failed even with the workaround in place. Will follow up with the publisher to get the changes made.

o.v.nenashev@gmail.com (JIRA)

unread,
Apr 26, 2018, 11:49:03 AM4/26/18
to jenkinsc...@googlegroups.com

Ack. Will keep it assigned to the vendor

jmcfar@amazon.com (JIRA)

unread,
May 17, 2018, 3:33:02 PM5/17/18
to jenkinsc...@googlegroups.com

Oleg Nenashev: Andrew no longer maintains the plugin - Is there a spot we need to update for new maintainers? CodeDeploy Plugin issues can be assigned to me

o.v.nenashev@gmail.com (JIRA)

unread,
May 17, 2018, 4:06:01 PM5/17/18
to jenkinsc...@googlegroups.com

Josh McFarlane IIUC you are the maintainer according to https://github.com/jenkins-infra/repository-permissions-updater/blob/master/permissions/plugin-codedeploy.yml , right? I will change the default assignee.

jmcfar@amazon.com (JIRA)

unread,
May 17, 2018, 4:08:02 PM5/17/18
to jenkinsc...@googlegroups.com

Yup - I'm happy to be first point of contact for these issues and can re-assign within our team as necessary.

o.v.nenashev@gmail.com (JIRA)

unread,
May 17, 2018, 4:09:04 PM5/17/18
to jenkinsc...@googlegroups.com
Oleg Nenashev assigned an issue to Josh McFarlane
 

Reassigned the issue to Josh McFarlane according to his comment in JENKINS-50974
Change By: Oleg Nenashev
Assignee: Andrew Fitz Gibbon Josh  McFarlane

o.v.nenashev@gmail.com (JIRA)

unread,
May 17, 2018, 4:10:02 PM5/17/18
to jenkinsc...@googlegroups.com
Oleg Nenashev commented on Bug JENKINS-50974
 
Re: AWS CodeDeploy plug-in fails with new JEP-200 whitelist

Josh McFarlane Great, thanks a lot! I have reassigned the open issues to you and also made you a default assignee for the new ones
Reply all
Reply to author
Forward
0 new messages