Fix Missing In-process Script Approval in Jenkins

Posted by in IT, Tutorial

Normally, when you have a script or a method to be approved, you should see the In-process Script Approval entry in your Jenkins’ configuration:

Unfortunately, the In-process Script Approval entry in Jenkins’ configuration is not always shown, even though we have items to be approved. I found that installing the Permissive Script Security and briefly enabling it would solve the problem.

On linux (Ubuntu), you need to edit /etc/default/jenkins and add

Then, you need to restart Jenkins for the security plugin to be disabled. I executed one of the pipelines containing the above script to check that script security was disabled. Then I restored the old JAVA_ARGS value in /etc/default/jenkins and restarted Jenkins it again.

When trying to execute the script, lo and behold!, the entry was there and waiting me to approve a bunch of API calls.

Notes

  • As at the moment of writing this entry there is no audit mode, the script (pipeline) will fail early at the first call, without reccording subsequent problematic ones. Therefore, you’ll need to run the script multiple times, untill all calls are approved.
  • Versioned pipelines will require method-level approval as they can’t be executed outside the sandbox. Unversioned pipelines provide the option to execute the script outside the sandbox. Then, the whole script will require approval by an admin.

HTH,


A little experiment: If you find this post and ad below useful, please check the ad out :-)