[workflow-plugin] Using Closures in workflow scripts not allowed?
218 views
Skip to first unread message
Tom Deblauwe
Mar 3, 2015, 11:07:06 AM3/3/15
to jenkins...@googlegroups.com
Hello group,
I was trying to use a groovy construct where I could give a closure with an argument, and pass that closure to a function, something like this below:
class Test {
int num = 5
}
def runit(def func) {
echo "Will run it"
def obj = new Test()
func(obj)
echo "Ran it"
}
node {
runit({ obj ->
echo "I am running:" + obj.num
})
}
But I get an access error from the script sandbox. So I checked but there were no pending approvals in the jenkins management configuration.
So I don't know how to handle such a situation?
I got this error:
Is there some other construct I can use to achieve the same?
Thanks,
Best regards,
Tom,
I was trying to use a groovy construct where I could give a closure with an argument, and pass that closure to a function, something like this below:
class Test {
int num = 5
}
def runit(def func) {
echo "Will run it"
def obj = new Test()
func(obj)
echo "Ran it"
}
node {
runit({ obj ->
echo "I am running:" + obj.num
})
}
But I get an access error from the script sandbox. So I checked but there were no pending approvals in the jenkins management configuration.
So I don't know how to handle such a situation?
I got this error:
org.jenkinsci.plugins.scriptsecurity.sandbox.RejectedAccessException: Scripts not permitted to use method groovy.lang.Closure call java.lang.Object at org.jenkinsci.plugins.scriptsecurity.sandbox.whitelists.StaticWhitelist.rejectMethod(StaticWhitelist.java:150) at org.jenkinsci.plugins.scriptsecurity.sandbox.groovy.SandboxInterceptor.onMethodCall(SandboxInterceptor.java:77) at org.kohsuke.groovy.sandbox.impl.Checker$1.call(Checker.java:103) at org.kohsuke.groovy.sandbox.impl.Checker.checkedCall(Checker.java:100) at com.cloudbees.groovy.cps.sandbox.SandboxInvoker.methodCall(SandboxInvoker.java:15)......
Is there some other construct I can use to achieve the same?
Thanks,
Best regards,
Tom,
Tom Deblauwe
Mar 4, 2015, 3:04:35 AM3/4/15
to jenkins...@googlegroups.com
Hello,
I found my problem. I was using a try-catch in my real production code, so the error was catched by my code, and not the sandbox, and I could not approve the exception. Now I made a little test to post here, and there I don't have the try-catch, which makes the script security catch the error. Now I could approve it, and now my original production code works.
Best regards,
Tom,
I found my problem. I was using a try-catch in my real production code, so the error was catched by my code, and not the sandbox, and I could not approve the exception. Now I made a little test to post here, and there I don't have the try-catch, which makes the script security catch the error. Now I could approve it, and now my original production code works.
Best regards,
Tom,
Jesse Glick
Mar 19, 2015, 11:27:45 AM3/19/15
to jenkins...@googlegroups.com
BTW this method should be whitelisted by default in the future.
Reply all
Reply to author
Forward
0 new messages