Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

JENKINS-73941 - Option to hide "Use Groovy Sandbox" for users without Administer permission globally in the system #948

Merged
merged 14 commits into from
Oct 29, 2024

Conversation

jgarciacloudbees
Copy link
Contributor

@jgarciacloudbees jgarciacloudbees commented Oct 22, 2024

JENKINS-73941

This is partially implemented in JENKINS-73470, where we created the new option "Hide Sandbox checkbox in pipeline jobs", but it was created in the scope of this plugin.

The scope of this ticket is just to create the global option at the "script-security-plugin", to be used by all plugins depending on the sandbox.

Script Security Plugin PR including this change:
jenkinsci/script-security-plugin#584

Testing done

Created new test method covering the changes + CASC.

Submitter checklist

  • Make sure you are opening from a topic/feature/bugfix branch (right side) and not your main branch!
  • Ensure that the pull request title represents the desired changelog entry
  • Please describe what you did
  • Link to relevant issues in GitHub or Jira
  • Link to relevant pull requests, esp. upstream and downstream changes
  • Ensure you have provided tests - that demonstrates feature works or fixes the issue

… Administer permission globally in the system
plugin/pom.xml Outdated Show resolved Hide resolved
@jgarciacloudbees
Copy link
Contributor Author

Closing and reopening to run again the checks as there are some flaky failures

plugin/pom.xml Show resolved Hide resolved
@jglick
Copy link
Member

jglick commented Oct 24, 2024

Created new test method covering the changes + CASC.

#948 (comment) There is no JCasC test here that I can see.

@jgarciacloudbees
Copy link
Contributor Author

Hi @jglick, we have implemented the CASC compatibility, so the breaking change does not apply after the latest commit.
Can you please remove the breaking label?

plugin/pom.xml Outdated Show resolved Hide resolved
@jgarciacloudbees jgarciacloudbees marked this pull request as ready for review October 28, 2024 08:27
@jgarciacloudbees jgarciacloudbees requested a review from a team as a code owner October 28, 2024 08:27
@jgarciacloudbees jgarciacloudbees marked this pull request as ready for review October 29, 2024 17:24
@jglick jglick added developer and removed breaking labels Oct 29, 2024
public void cascExport() throws Exception {
ConfiguratorRegistry registry = ConfiguratorRegistry.get();
ConfigurationContext context = new ConfigurationContext(registry);
CNode yourAttribute = getSecurityRoot(context).get("cps");
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think more interesting would be to check what is then exported from the script-security version.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants