hello I have a Jenkins fileas part of a multibranch pipeline But I'm
getting seccurityissues when trying to create a directory inside the
workspace how can either disable the sandbox for this pipeline or whitelist
the methods I need to use from my code
Thanks.
This is the code:
============================================================
import java.io.File;
import java.io.IOException;
import org.apache.commons.io.FileUtils;
//autocancelled = false
node ('AnsibleBuild') {
try {
checkout scm
def versions = readJSON file: 'versions.json'
stage('Getting Python source Code') {
echo " before del try"
try {
echo "inside try";
*File f = new File("python");*
echo "after new file";
//FileUtils.cleanDirectory(f);
//clean out directory (this is optional -- but good know)
FileUtils.forceDelete(f); //delete
directory
//FileUtils.forceMkdir(f); //create
directory
}
catch (IOException e) {
echo "pinazo cleaning python"
echo e.getStackTrace();
} // catch delete dir
echo "Despues del try"
sh 'pwd'
sh 'ls -la'
sh 'mkdir python'
dir("python") {
echo 'Downloading Python code from:
https://www.python.org/ftp/python/3.7.2/Python-3.7.2.tgz'
sh 'curl
https://www.python.org/ftp/python/3.7.2/Python-3.7.2.tgz -o
Python-3.7.2.tgz'
sh 'file Python-3.7.2.tgz' // needs
to be checked that we downloaded a tgz file
sh 'tar -xzvf Python-3.7.2.tgz'
} //dir python
} // stage
currentBuild.result = 'SUCCESS'
} //try node
catch (e) {
echo "General Fostion";
echo "trace General" + e.getStackTrace();
currentBuild.result = 'FAILURE'
} //end catch
try {
echo "Cleaning WS"
dir(python) {
deleteDir()
}
} //try clena WS
catch (e) {
echo "Error Cleaning WS";
echo "trace cleaning" + e.getStackTrace();
currentBuild.result = 'FAILURE'
} //catch clena WS
} //node
========================================================
And I'm getting error: for line 14
trace
General[org.jenkinsci.plugins.scriptsecurity.sandbox.whitelists.StaticWhitelist.rejectNew(StaticWhitelist.java:184),
org.jenkinsci.plugins.scriptsecurity.sandbox.groovy.SandboxInterceptor.onNewInstance(SandboxInterceptor.java:170),
org.kohsuke.groovy.sandbox.impl.Checker$3.call(Checker.java:197),
org.kohsuke.groovy.sandbox.impl.Checker.checkedConstructor(Checker.java:202),
com.cloudbees.groovy.cps.sandbox.SandboxInvoker.constructorCall(SandboxInvoker.java:21),
WorkflowScript.run(WorkflowScript:14), ___cps.transform___(Native Method),
com.cloudbees.groovy.cps.impl.FunctionCallBlock$ContinuationImpl.dispatchOrArg(FunctionCallBlock.java:96),
com.cloudbees.groovy.cps.impl.FunctionCallBlock$ContinuationImpl.fixArg(FunctionCallBlock.java:82),
sun.reflect.GeneratedMethodAccessor148.invoke(Unknown Source),
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43),
java.lang.reflect.Method.invoke(Method.java:498),
com.cloudbees.groovy.cps.impl.ContinuationPtr$ContinuationImpl.receive(ContinuationPtr.java:72),
com.cloudbees.groovy.cps.impl.ConstantBlock.eval(ConstantBlock.java:21),
com.cloudbees.groovy.cps.Next.step(Next.java:83),
com.cloudbees.groovy.cps.Continuable$1.call(Continuable.java:174),
com.cloudbees.groovy.cps.Continuable$1.call(Continuable.java:163),
org.codehaus.groovy.runtime.GroovyCategorySupport$ThreadCategoryInfo.use(GroovyCategorySupport.java:129),
org.codehaus.groovy.runtime.GroovyCategorySupport.use(GroovyCategorySupport.java:268),
com.cloudbees.groovy.cps.Continuable.run0(Continuable.java:163),
org.jenkinsci.plugins.workflow.cps.SandboxContinuable.access$101(SandboxContinuable.java:34),
org.jenkinsci.plugins.workflow.cps.SandboxContinuable.lambda$run0$0(SandboxContinuable.java:59),
org.jenkinsci.plugins.scriptsecurity.sandbox.groovy.GroovySandbox.runInSandbox(GroovySandbox.java:136),
org.jenkinsci.plugins.workflow.cps.SandboxContinuable.run0(SandboxContinuable.java:58),
org.jenkinsci.plugins.workflow.cps.CpsThread.runNextChunk(CpsThread.java:182),
org.jenkinsci.plugins.workflow.cps.CpsThreadGroup.run(CpsThreadGroup.java:332),
org.jenkinsci.plugins.workflow.cps.CpsThreadGroup.access$200(CpsThreadGroup.java:83),
org.jenkinsci.plugins.workflow.cps.CpsThreadGroup$2.call(CpsThreadGroup.java:244),
org.jenkinsci.plugins.workflow.cps.CpsThreadGroup$2.call(CpsThreadGroup.java:232),
org.jenkinsci.plugins.workflow.cps.CpsVmExecutorService$2.call(CpsVmExecutorService.java:64),
java.util.concurrent.FutureTask.run(FutureTask.java:266),
hudson.remoting.SingleLaneExecutorService$1.run(SingleLaneExecutorService.java:131),
jenkins.util.ContextResettingExecutorService$1.run(ContextResettingExecutorService.java:28),
jenkins.security.ImpersonatingExecutorService$1.run(ImpersonatingExecutorService.java:59),
java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511),
java.util.concurrent.FutureTask.run(FutureTask.java:266),
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149),
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624),
java.lang.Thread.run(Thread.java:748)]
Any ideas how to fix this. what is the right way of targeting this kind of
issue?
Thanks.
--
You received this message because you are subscribed to the Google Groups
"Jenkins Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/jenkinsci-users/ec75388f-8a03-424f-a9ca-43fd1d9ba452%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
