I tried asserts
<https://github.com/cloudogu/ces-build-lib/blob/a93d20ac6d5a91159685178dcebfed09e0d2e86e/test/it/com/cloudogu/ces/cesbuildlib/Sh/Jenkinsfile>and
they ... kinda work.
Positive assertions don't lead to failure, negative ones result in an
exception. However, it's not as meaningful as the usual groovy power asserts
hudson.remoting.ProxyException: Assertion failed:
assert sh.returnStdOut('ls -la').contains('Jenkinsfile')
at
org.codehaus.groovy.runtime.InvokerHelper.assertFailed(InvokerHelper.java:404)
This might have something to do with this warning, issued right at the
start of the pipeline.
Started
Running in Durability level: PERFORMANCE_OPTIMIZED
8.939 [id=47] WARNING jenkins.security.ClassFilterImpl#isBlacklisted:
rejecting org.codehaus.groovy.runtime.powerassert.PowerAssertionError according
to standard blacklist; see https://jenkins.io/redirect/class-filter/
[Pipeline] node
I also tried groovy.test.GroovyAssert.*
<https://github.com/cloudogu/ces-build-lib/blob/7233886253f71b85228a5e75eab21c3e77362798/test/it/com/cloudogu/ces/cesbuildlib/Sh/Jenkinsfile>,
which was blocked by the Sanbox.
org.jenkinsci.plugins.scriptsecurity.sandbox.RejectedAccessException:
unclassified staticMethod groovy.test.GroovyAssert assertTrue java.lang.String
java.lang.Boolean
And finally tried to @Grab JUnit into a shared library
<https://github.com/cloudogu/ces-build-lib/commit/eda77651936758d968964fbf34d6ddde5f965ec6>
:-)
This would be nice because we could get reporting and all that for our
integration tests from there.
But it was also blocked by the Sandbox:
org.jenkinsci.plugins.scriptsecurity.sandbox.RejectedAccessException: Scripts
not permitted to use staticMethod groovy.grape.Grape grab java.util.Map
java.util.Map[]
Do you have any thoughts on this?
Am Donnerstag, 22. März 2018 17:35:36 UTC+1 schrieb Kohsuke Kawaguchi:
>
>
>
> On Thu, Mar 22, 2018 at 9:16 AM Jesse Glick <[email protected]
> <javascript:>> wrote:
>
>> KK wrote:
>> > I wonder if it'd be nice if Jenkinsfile Runner can do something like the
>> > permissive mode of SELinux, where it runs your pipeline entirely and
>> spit
>> > out the approvals it needed?
>>
>> https://plugins.jenkins.io/permissive-script-security
>
>
> Great, I need to take a look at that. I'm tracking this in
> https://github.com/kohsuke/jenkinsfile-runner/issues/14
>
> > so instead of invisible WorkflowJob, we create invisible WorkflowRun,
>> right?
>>
>> Yes, that seems to be the safest approach.
>>
>> > I was thinking you'd just put assert statements into Jenkinsfile and
>> that should already work. Granted, I haven't tried it so maybe it doesn't
>> work.
>>
>> Groovy “power-asserts” work in Pipeline script as far as I know.
>>
>
> Yeah.
>
> --
> Kohsuke Kawaguchi
>
--
You received this message because you are subscribed to the Google Groups
"Jenkins Developers" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/jenkinsci-dev/76ff6dc4-167b-46c1-91e1-a164430c4cb2%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
