New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[JENKINS-34755] Migrate to SystemProperties and restrict access to the engine #2346
[JENKINS-34755] Migrate to SystemProperties and restrict access to the engine #2346
Conversation
@@ -302,7 +303,7 @@ public void onLoad(Run<?, ?> r) { | |||
|
|||
private boolean isSafeParameter(String name) { | |||
if (safeParameters == null) { | |||
String paramNames = System.getProperty(SAFE_PARAMETERS_SYSTEM_PROPERTY_NAME); | |||
String paramNames = SystemProperties.getString(SAFE_PARAMETERS_SYSTEM_PROPERTY_NAME); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
seems like you could just pass "" for the defautt and clean up the code below?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
maybe
This pull request originates from a CloudBees employee. At CloudBees, we require that all pull requests be reviewed by other CloudBees employees before we seek to have the change accepted. If you want to learn more about our process please see this explanation. |
* | ||
* @exception NullPointerException if {@code key} is {@code null}. | ||
* @exception IllegalArgumentException if {@code key} is empty. | ||
*/ | ||
@CheckForNull |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
should be @Nullable
then?
@olivergondza had a comment on the original PR #1914 that the properties where accessed before the context was initialized
and @evernat commented
Do you have plans to address this? There was also a comment about the name |
@jtnord That's I was pinging people heavily in PRs :)
It has been addressed in Javadoc:
We have about 24 hours to do it if you feel strongly. But I agree this name would be better |
Would seem better to make it just work by adding a servelt listener that runs before Jenkins?
that could be done in the future but changing the class name (although possible with extends and deprecates) would be more messy. |
You know, a pull-request will be appreciated ;)
I think we will need to do a "messy thing" in any case, because such engine in the core does not allow to apply it to remoting, stapler and Jenkins modules. But if we want to rename it in the core, let's do it before the release |
I see that we are called pretty early on in the |
According to the discussion with @jtnord , I've marked SystemProperties as restricted. We will be able to define the approach later |
🐝 👍 |
I have created PR #2347 for that. |
@evernat |
Finalizes #2337
If #2332 and #2323 address SystemProperties in their files, the entire core will be covered.
@jenkinsci/code-reviewers @reviewbybees