Hi, I would suggest that you go to https://isues.jenkins-ci.org and file a *New Feature* request, to have a way to test a workflow, and find out up front what all the security problems are with the workflow, without having to execute the workflow.
In this post: https://groups.google.com/d/msg/jenkinsci-users/jSKwSKbaXq8/dG2mn6iyDQAJ I mentioned a workflow I was working on. This workflow takes over one hour to run. As I was developing the workflow, I hit multiple problems which required getting approval from the Script Security plugin. However, I did not find out all the issues at once. I had to: 1. run the workflow 2. find a security problem 3. add the problem to the script security plugin whitelist 4. go back to 1. (repeat for the next problem) It was annoying to have to repeat this problem for every security problem, instead of finding out all the security problems up front. -- Craig On Wed, Dec 30, 2015 at 3:21 PM, Andrew Bayer <[email protected]> wrote: > So I couldn't figure out a good way to word the subject line, but! > > I've had a few cases where I've needed to go through multiple iterations > of "Run a Workflow via a Jenkinsfile" or "Run a system Groovy step", etc, > where each time I run, a new method causes the run to fail and is queued up > for script approval. Since it barfs out as soon as one method is hit that > isn't whitelisted, you can end up needing to do this a *lot* for a long > script...and that's annoying. Very annoying. =) > > I don't believe there is currently any way to do something like a dry run > (or AST parsing, or whatever) that finds and queues up multiple method > calls for approval, rather than one-at-a-time, but that sure seems it'd be > handy. Does anyone know of anything along those lines currently, or have > any ideas/interest in getting that sort of functionality implemented? > > A. > > -- > You received this message because you are subscribed to the Google Groups > "Jenkins Developers" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/d/msgid/jenkinsci-dev/CAPbPdOZqDuFppVO4rBCLOtforyCaPK8aCRjyDBwHFgFAABcmRA%40mail.gmail.com > <https://groups.google.com/d/msgid/jenkinsci-dev/CAPbPdOZqDuFppVO4rBCLOtforyCaPK8aCRjyDBwHFgFAABcmRA%40mail.gmail.com?utm_medium=email&utm_source=footer> > . > For more options, visit https://groups.google.com/d/optout. > -- You received this message because you are subscribed to the Google Groups "Jenkins Developers" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-dev/CAG%3DrPVc%2BT55BKXxF0G2bf-5eY6md-WuM2Rxx5CmzXiZech2GGg%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
