Run Restricted Groovy API in Jenkins

Posted by in IT, Tutorial

The more recent versions of Jenkins have improved on security. Unfortunately, a side-effect is that scripts which were running before would fail now. An example is:

… which would list the projects defined in Jenkins.

Fortunately, you can have access to theis API via the In-process Script Approval plugin (which is installed by default).

If the script (pipeline) is versioned or executed in the sandbox, then you’ll need to approve method by method. If the script is not versioned, then you have the option to execute it outside the sandbox. Then, you’ll need an admin to approve the whole script for execution.

If your script fails and you (the admin) don’t see the In-process Script Approval entry in Jenkins configuration, then you might want to try this approach. It worked for me

The configuration file

The security plugin has its own configuration file located in Jenkins’ home and named scriptApproval.xml. Its content is similar to:

IMPORTANT NOTE: While you can just copy this to speed up your development, please note that e.g.

introduces a security issue.

A little experiment: If you find this post and ad below useful, please check the ad out :-)