1

Here is a simplification of Jenkins declarative pipeline I'm working with:

pipeline {
  agent any
  stages {
    stage("demo") {
      steps {
        script {
          def co_url = 'https://bitbucket.company.com/scm/demo/prj.git'
          checkout( [$class: 'GitSCM',
                       branches: [[name: 'my_branch']],
                       doGenerateSubmoduleConfigurations: false,
                       extensions: [[$class: 'RelativeTargetDirectory',
                                     relativeTargetDir: 'prj']],
                       submoduleCfg: [],
                       userRemoteConfigs: [[url: co_url]]] )
          dir(WORKSPACE + "/prj") {
            def img = docker.build("foo:1.0.0", "--target fubar .")
            def container = img.withRun()
          }
        }
      }
    }
  }
}

Why does the line def container = img.withRun() generate this error:

Scripts not permitted to use method groovy.lang.GroovyObject invokeMethod java.lang.String java.lang.Object (org.jenkinsci.plugins.docker.workflow.Docker$Image withRun). Administrators can decide whether to approve or reject this signature.

...whereas def container = img.run() does not?

withRun() would have been preferanle because of its cleaner interface to guarantee cleanup, but it is not an option for me to administratively allow selected scripts.

StoneThrow
  • 5,314
  • 4
  • 44
  • 86
  • 1
    The method is probably blocked on your Jenkins sandbox, the other isn't. Has run() been approved in the past? See: https://www.jenkins.io/doc/book/managing/script-approval/ – Michael Kemmerzell Jul 05 '21 at 06:03
  • @MichaelKemmerzell - I don't see run() in the list of `Signatures already approved`...but I think I get the gist of what you're saying: either some default setting, or some administrative choice that I'm not privy to has made run() an allowed function, but not so for withRun() - thank you (but grateful if you have further details to share). – StoneThrow Jul 05 '21 at 14:15

0 Answers0