I tried asserts
<https://github.com/cloudogu/ces-build-lib/blob/a93d20ac6d5a91159685178dcebfed09e0d2e86e/test/it/com/cloudogu/ces/cesbuildlib/Sh/Jenkinsfile>and
they ... kinda work.
Positive assertions don't lead to failure, negative ones result in an
exception. However, it's not as meaningful as the usual groovy power asserts
hudson.remoting.ProxyException: Assertion failed:
assert sh.returnStdOut('ls -la').contains('Jenkinsfile')
at
org.codehaus.groovy.runtime.InvokerHelper.assertFailed(InvokerHelper.java:404)
This might have something to do with this warning, issued right at the
start of the pipeline.
Started
Running in Durability level: PERFORMANCE_OPTIMIZED
8.939 [id=47] WARNING jenkins.security.ClassFilterImpl#isBlacklisted:
rejecting org.codehaus.groovy.runtime.powerassert.PowerAssertionError according
to standard blacklist; see https://jenkins.io/redirect/class-filter/
[Pipeline] node
I also tried groovy.test.GroovyAssert.*
<https://github.com/cloudogu/ces-build-lib/blob/7233886253f71b85228a5e75eab21c3e77362798/test/it/com/cloudogu/ces/cesbuildlib/Sh/Jenkinsfile>,
which was blocked by the Sanbox.
org.jenkinsci.plugins.scriptsecurity.sandbox.RejectedAccessException:
unclassified staticMethod groovy.test.GroovyAssert assertTrue java.lang.String
java.lang.Boolean
And finally tried to @Grab JUnit into a shared library
<https://github.com/cloudogu/ces-build-lib/commit/eda77651936758d968964fbf34d6ddde5f965ec6>
:-)
This would be nice because we could get reporting and all that for our
integration tests from there.
But it was also blocked by the Sandbox:
org.jenkinsci.plugins.scriptsecurity.sandbox.RejectedAccessException: Scripts
not permitted to use staticMethod groovy.grape.Grape grab java.util.Map
java.util.Map[]
Do you have any thoughts on this?
Am Donnerstag, 22. März 2018 17:35:36 UTC+1 schrieb Kohsuke Kawaguchi:
>
>
>
> On Thu, Mar 22, 2018 at 9:16 AM Jesse Glick <jgl...@cloudbees.com
> <javascript:>> wrote:
>
>> KK wrote:
>> > I wonder if it'd be nice if Jenkinsfile Runner can do something like the
>> > permissive mode of SELinux, where it runs your pipeline entirely and
>> spit
>> > out the approvals it needed?
>>
>> https://plugins.jenkins.io/permissive-script-security
>
>
> Great, I need to take a look at that. I'm tracking this in
> https://github.com/kohsuke/jenkinsfile-runner/issues/14
>
> > so instead of invisible WorkflowJob, we create invisible WorkflowRun,
>> right?
>>
>> Yes, that seems to be the safest approach.
>>
>> > I was thinking you'd just put assert statements into Jenkinsfile and
>> that should already work. Granted, I haven't tried it so maybe it doesn't
>> work.
>>
>> Groovy “power-asserts” work in Pipeline script as far as I know.
>>
>
> Yeah.
>
> --
> Kohsuke Kawaguchi
>
--
You received this message because you are subscribed to the Google Groups
"Jenkins Developers" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to jenkinsci-dev+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/jenkinsci-dev/76ff6dc4-167b-46c1-91e1-a164430c4cb2%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
