Created
July 28, 2021 03:09
-
-
Save wjx0912/7e9249c396bb6f5643346b2472348ed6 to your computer and use it in GitHub Desktop.
jenkins script auto approval
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import java.lang.reflect.*; | |
| import jenkins.model.Jenkins; | |
| import jenkins.model.*; | |
| import org.jenkinsci.plugins.scriptsecurity.scripts.*; | |
| import org.jenkinsci.plugins.scriptsecurity.sandbox.whitelists.*; | |
| scriptApproval = ScriptApproval.get() | |
| alreadyApproved = new HashSet<>(Arrays.asList(scriptApproval.getApprovedSignatures())) | |
| // add all manual whitelist methods here. | |
| approveSignature('method groovy.json.JsonBuilder call java.util.List') | |
| approveSignature('method groovy.json.JsonSlurper parseText java.lang.String') | |
| approveSignature('method groovy.json.JsonSlurperClassic parseText') | |
| approveSignature('method groovy.lang.Binding getVariables') | |
| approveSignature('method groovy.lang.Binding getVariable java.lang.String') | |
| approveSignature('method groovy.lang.Binding hasVariable java.lang.String') | |
| approveSignature('method groovy.lang.Closure getMaximumNumberOfParameters') | |
| approveSignature('method groovy.lang.GString plus java.lang.String') | |
| approveSignature('method groovy.lang.GroovyObject invokeMethod java.lang.String java.lang.Object') | |
| approveSignature('method hudson.model.Actionable getAction java.lang.Class') | |
| approveSignature('method hudson.model.Actionable getActions') | |
| approveSignature('method hudson.model.Cause$UpstreamCause getUpstreamProject') | |
| approveSignature('method hudson.model.Cause$UserIdCause getUserId') | |
| approveSignature('method hudson.model.ItemGroup getItem java.lang.String') | |
| approveSignature('method hudson.model.Item getUrl') | |
| approveSignature('method hudson.model.Job getBuildByNumber int') | |
| approveSignature('method hudson.model.Job getLastBuild') | |
| approveSignature('method hudson.model.Job getLastSuccessfulBuild') | |
| approveSignature('method hudson.model.Job isBuilding') | |
| approveSignature('method hudson.model.Run getCauses') | |
| approveSignature('method hudson.model.Run getEnvironment hudson.model.TaskListener') | |
| approveSignature('method hudson.model.Run getParent') | |
| approveSignature('method hudson.model.Run getNumber') | |
| approveSignature('method hudson.model.Run getResult') | |
| approveSignature('method hudson.model.Run getUrl') | |
| approveSignature('method hudson.model.Run getLogFile') | |
| approveSignature('method java.util.Map containsKey java.lang.Object') | |
| approveSignature('method java.util.Map entrySet') | |
| approveSignature('method java.util.Map get java.lang.Object') | |
| approveSignature('method java.util.Map keySet') | |
| approveSignature('method java.util.Map putAll java.util.Map') | |
| approveSignature('method java.util.Map remove java.lang.Object') | |
| approveSignature('method java.util.Map size') | |
| approveSignature('method java.util.Map values') | |
| // ======================================== | |
| // ... your list here ... | |
| approveSignature('new java.util.ArrayList') | |
| approveSignature('new java.io.File java.lang.String') | |
| approveSignature('new groovy.json.JsonSlurperClassic') | |
| approveSignature('method groovy.json.JsonSlurperClassic parseText java.lang.String') | |
| approveSignature('staticMethod hudson.model.Hudson getInstance') | |
| approveSignature('method hudson.model.ItemGroup getAllItems java.lang.Class') | |
| approveSignature('method groovy.json.JsonBuilder call java.util.List') | |
| approveSignature('method groovy.json.JsonBuilder toPrettyString') | |
| approveSignature('method groovy.json.JsonSlurper parse java.io.File') | |
| approveSignature('method groovy.json.JsonSlurper parseText java.lang.String') | |
| approveSignature('method groovy.json.JsonSlurperClassic parseText') | |
| approveSignature('method groovy.json.JsonSlurperClassic parseText java.lang.String') | |
| approveSignature('method groovy.lang.Binding getVariable java.lang.String') | |
| approveSignature('method groovy.lang.Binding getVariables') | |
| approveSignature('method groovy.lang.Binding hasVariable java.lang.String') | |
| approveSignature('method groovy.lang.Closure getMaximumNumberOfParameters') | |
| approveSignature('method groovy.lang.GString plus java.lang.String') | |
| approveSignature('method groovy.lang.GroovyObject invokeMethod java.lang.String java.lang.Object') | |
| approveSignature('method hudson.model.Actionable getAction java.lang.Class') | |
| approveSignature('method hudson.model.Actionable getActions') | |
| approveSignature('method hudson.model.Cause$UpstreamCause getUpstreamProject') | |
| approveSignature('method hudson.model.Cause$UserIdCause getUserId') | |
| approveSignature('method hudson.model.Item getFullName') | |
| approveSignature('method hudson.model.Item getUrl') | |
| approveSignature('method hudson.model.ItemGroup getAllItems java.lang.Class') | |
| approveSignature('method hudson.model.ItemGroup getItem java.lang.String') | |
| approveSignature('method hudson.model.Job getBuildByNumber int') | |
| approveSignature('method hudson.model.Job getLastBuild') | |
| approveSignature('method hudson.model.Job getLastSuccessfulBuild') | |
| approveSignature('method hudson.model.Job isBuilding') | |
| approveSignature('method hudson.model.Run getCauses') | |
| approveSignature('method hudson.model.Run getEnvironment hudson.model.TaskListener') | |
| approveSignature('method hudson.model.Run getLogFile') | |
| approveSignature('method hudson.model.Run getNumber') | |
| approveSignature('method hudson.model.Run getParent') | |
| approveSignature('method hudson.model.Run getResult') | |
| approveSignature('method hudson.model.Run getUrl') | |
| approveSignature('method hudson.model.Saveable save') | |
| approveSignature('method java.io.File createNewFile') | |
| approveSignature('method java.io.File exists') | |
| approveSignature('method java.io.File isDirectory') | |
| approveSignature('method java.util.Collection clear') | |
| approveSignature('method java.util.Map containsKey java.lang.Object') | |
| approveSignature('method java.util.Map entrySet') | |
| approveSignature('method java.util.Map get java.lang.Object') | |
| approveSignature('method java.util.Map keySet') | |
| approveSignature('method java.util.Map putAll java.util.Map') | |
| approveSignature('method java.util.Map remove java.lang.Object') | |
| approveSignature('method java.util.Map size') | |
| approveSignature('method java.util.Map values') | |
| approveSignature('method org.jenkinsci.plugins.scriptsecurity.scripts.ScriptApproval approveSignature java.lang.String') | |
| approveSignature('method org.jenkinsci.plugins.scriptsecurity.scripts.ScriptApproval getApprovedSignatures') | |
| approveSignature('method org.jenkinsci.plugins.scriptsecurity.scripts.ScriptApproval getPendingScripts') | |
| approveSignature('method org.jenkinsci.plugins.workflow.steps.FlowInterruptedException getCauses') | |
| approveSignature('new groovy.json.JsonBuilder java.lang.Object') | |
| approveSignature('new groovy.json.JsonSlurperClassic') | |
| approveSignature('new java.io.File java.lang.String') | |
| approveSignature('new java.io.File java.lang.String java.lang.String') | |
| approveSignature('new java.lang.RuntimeException java.lang.String') | |
| approveSignature('new java.util.ArrayList') | |
| approveSignature('staticMethod hudson.model.Hudson getInstance') | |
| approveSignature('staticMethod org.apache.commons.io.FilenameUtils normalize java.lang.String') | |
| approveSignature('staticMethod org.apache.commons.io.FilenameUtils removeExtension java.lang.String') | |
| approveSignature('staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods matches java.lang.String java.util.regex.Pattern') | |
| approveSignature('staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods round java.lang.Double int') | |
| approveSignature('staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods write java.io.File java.lang.String') | |
| approveSignature('staticMethod org.jenkinsci.plugins.scriptsecurity.scripts.ScriptApproval get') | |
| approveSignature('method groovy.lang.GroovyObject invokeMethod java.lang.String java.lang.Object') | |
| approveSignature('new java.io.File java.lang.String') | |
| approveSignature('new java.io.File java.lang.String java.lang.String') | |
| approveSignature('staticMethod hudson.model.Hudson getInstance') | |
| // ======================================== | |
| scriptApproval.save() | |
| void approveSignature(String signature) { | |
| if (!alreadyApproved.contains(signature)) { | |
| scriptApproval.approveSignature(signature) | |
| } | |
| } | |
| // Utility methods | |
| String printArgumentTypes(Object[] args) { | |
| StringBuilder b = new StringBuilder(); | |
| for (Object arg : args) { | |
| b.append(' '); | |
| b.append(EnumeratingWhitelist.getName(arg)); | |
| } | |
| return b.toString(); | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment