2

Running Jenkins 2.289.1.

I have this pipelineJob Job Dsl setting up Active Choice parameters:

https://plugins.jenkins.io/uno-choice/

    pipelineJob("test") {
      parameters {
           activeChoiceParam('CHOICE-1') {
                description('Allows user choose from multiple choices')
                filterable()
                choiceType('SINGLE_SELECT')
    
                groovyScript {
                    script('return ["choice1", "choice2", "choice3"];')
                    fallbackScript('"fallback choice"')
                }
            }    
      }  

      definition {
          cpsScm {
              scm {
                  git {
                    remote {
                        credentials("${creds}")
                        url("${gitUrl}")
                    }
                    branch("${gitBranch}")
                }
              }
              scriptPath("${pathToFile}")
          }
      }
}

To make sure I can run Job Dsl in the first place without having to manually approve that I have added the following to jcasc:

jenkins:
security:
  globalJobDslSecurityConfiguration:
    useScriptSecurity: false

But that is not enough. Before I can run the generated pipeline based on above Job Dsl I still need to manually approve:

enter image description here

How do I configure Job Dsl, jcasc or something else to either disable script approval for anything that goes on in a Job Dsl or automatically approve any script that might be created inside a job dsl?

Hopefully I don't have to hack my way around that like suggested here:

https://stackoverflow.com/a/64364086/363603

I am aware that there is a reason for this feature but its for a local only jenkins that I am using for experimenting and this is currently killing my productivity. Related:

https://issues.jenkins.io/browse/JENKINS-28178?focusedCommentId=376405&page=com.atlassian.jira.plugin.system.issuetabpanels%3Acomment-tabpanel#comment-376405

u123
  • 15,603
  • 58
  • 186
  • 303
  • We also faced the similar issue. The only hack we did is installing and configuring the [Permissive Script Security](https://plugins.jenkins.io/permissive-script-security/) as mentioned in https://stackoverflow.com/a/64364086/363603 – Sourav Jul 01 '21 at 04:24

1 Answers1

2

What worked for me: Manage Jenkins > Configure Global Security > CSRF Protection (section header -- not sure why) > Enable script security for Job DSL scripts (the name of the option that I disabled).

HVennekate
  • 59
  • 4