我试图从我的Jenkins管道发布到Docker,但我尝试的大多数事情都会导致错误。我最近的尝试是:
docker.withDockerRegistry('https://docker-registry.myco.com/lsacco/swagger-rest', 'docker-credential') {
def image = docker.image(APPLICATION_NAME);
image.tag("latest");
image.push()
}
当我运行时,Jenkins输出此错误:
org.jenkinsci.plugins.scriptsecurity.sandbox.RejectedAccessException: Scripts not permitted to use method groovy.lang.GroovyObject invokeMethod java.lang.String java.lang.Object (org.jenkinsci.plugins.docker.workflow.Docker withDockerRegistry java.lang.String java.lang.String org.jenkinsci.plugins.workflow.cps.CpsClosure2)
at org.jenkinsci.plugins.scriptsecurity.sandbox.whitelists.StaticWhitelist.rejectMethod(StaticWhitelist.java:163)
at org.jenkinsci.plugins.scriptsecurity.sandbox.groovy.SandboxInterceptor.onMethodCall(SandboxInterceptor.java:78)
at org.jenkinsci.plugins.scriptsecurity.sandbox.groovy.SandboxInterceptor.onMethodCall(SandboxInterceptor.java:69)
at org.kohsuke.groovy.sandbox.impl.Checker$1.call(Checker.java:149)
at org.kohsuke.groovy.sandbox.impl.Checker.checkedCall(Checker.java:146)
at com.cloudbees.groovy.cps.sandbox.SandboxInvoker.methodCall(SandboxInvoker.java:15)
at WorkflowScript.dockerDeploy(WorkflowScript:290)
at WorkflowScript.run(WorkflowScript:76)
at ___cps.transform___(Native Method)
at com.cloudbees.groovy.cps.impl.ContinuationGroup.methodCall(ContinuationGroup.java:55)
at com.cloudbees.groovy.cps.impl.FunctionCallBlock$ContinuationImpl.dispatchOrArg(FunctionCallBlock.java:106)
at com.cloudbees.groovy.cps.impl.FunctionCallBlock$ContinuationImpl.fixArg(FunctionCallBlock.java:79)
at sun.reflect.GeneratedMethodAccessor317.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at com.cloudbees.groovy.cps.impl.ContinuationPtr$ContinuationImpl.receive(ContinuationPtr.java:72)
at com.cloudbees.groovy.cps.impl.ClosureBlock.eval(ClosureBlock.java:40)
at com.cloudbees.groovy.cps.Next.step(Next.java:58)
at com.cloudbees.groovy.cps.Continuable.run0(Continuable.java:154)
at org.jenkinsci.plugins.workflow.cps.SandboxContinuable.access$001(SandboxContinuable.java:19)
at org.jenkinsci.plugins.workflow.cps.SandboxContinuable$1.call(SandboxContinuable.java:33)
at org.jenkinsci.plugins.workflow.cps.SandboxContinuable$1.call(SandboxContinuable.java:30)
at org.jenkinsci.plugins.scriptsecurity.sandbox.groovy.GroovySandbox.runInSandbox(GroovySandbox.java:106)
at org.jenkinsci.plugins.workflow.cps.SandboxContinuable.run0(SandboxContinuable.java:30)
at org.jenkinsci.plugins.workflow.cps.CpsThread.runNextChunk(CpsThread.java:164)
at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup.run(CpsThreadGroup.java:277)
at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup.access$000(CpsThreadGroup.java:77)
at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup$2.call(CpsThreadGroup.java:186)
at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup$2.call(CpsThreadGroup.java:184)
at org.jenkinsci.plugins.workflow.cps.CpsVmExecutorService$2.call(CpsVmExecutorService.java:47)
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
at hudson.remoting.SingleLaneExecutorService$1.run(SingleLaneExecutorService.java:112)
at jenkins.util.ContextResettingExecutorService$1.run(ContextResettingExecutorService.java:28)
at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at java.lang.Thread.run(Thread.java:745)
我在最新的Jenkins上运行所有最新的插件更新。有什么想法吗?
1.642.2 Jenkins
Plugins.txt
ace-editor:1.1
ant:1.2
antisamy-markup-formatter:1.3
async-http-client:1.7.24
aws-credentials:1.12
aws-java-sdk:1.10.45
branch-api:1.3
build-token-root:1.3
cloudbees-folder:5.3
conditional-buildstep:1.3.3
config-file-provider:2.10.0
copy-to-slave:1.4.4
copyartifact:1.37
credentials-binding:1.7
credentials:1.25
cvs:2.12
docker-build-publish:1.1
docker-commons:1.3.1
docker-custom-build-environment:1.6.4
docker-traceability:1.1
docker-workflow:1.4
dockerhub-notification:1.0.2
durable-task:1.8
envinject:1.92.1
external-monitor-job:1.4
git-client:1.19.6
git-server:1.6
git:2.4.2
github-api:1.72.1
github:1.17.1
handlebars:1.1.1
jackson2-api:2.5.4
javadoc:1.3
jenkins-jira-issue-updater:1.18
jira:2.2
job-dsl:1.44
jquery:1.11.2-0
jquery-detached:1.2.1
junit:1.11
ldap:1.11
mailer:1.16
managed-scripts:1.2.1
mapdb-api:1.0.6.0
mask-passwords:2.8
matrix-auth:1.3.2
matrix-project:1.6
maven-plugin:2.12.1
momentjs:1.1.1
multi-branch-project-plugin:0.4.1
node-iterator-api:1.5
nodelabelparameter:1.7.1
pam-auth:1.2
Parameterized-Remote-Trigger:2.2.2
parameterized-trigger:2.30
pipeline-rest-api:1.0
pipeline-stage-view:1.0
plain-credentials:1.1
promoted-builds:2.25
rebuild:1.25
run-condition:1.0
scm-api:1.1
script-security:1.17
skip-certificate-check:1.0
ssh-credentials:1.11
ssh-slaves:1.10
subversion:2.5.7
swarm:2.0
timestamper:1.7.4
token-macro:1.12.1
translation:1.12
vsphere-cloud:2.11
workflow-aggregator:1.15
workflow-api:1.15
workflow-basic-steps:1.15
workflow-cps-global-lib:1.15
workflow-cps:1.15
workflow-durable-task-step:1.15
workflow-job:1.15
workflow-multibranch:1.15
workflow-scm-step:1.15
workflow-step-api:1.15
workflow-support:1.15
答案 0 :(得分:5)
这是一个古老的问题,但我想指出的是,人们在顶部搜索该短语会有所帮助:
当您收到关于groovy.lang.GroovyObject invokeMethod
的特定的“不允许使用方法的脚本”错误时,原因几乎总是是您在一个对象上调用了一个方法,而该方法并未有那个方法。
在这种情况下,您尝试调用docker.withDockerRegistry
。 docker
上没有名为withDockerRegistry
的方法。
该方法简称为withRegistry
。
请注意,与GroovyObject invokeMethod
无关的“不允许脚本...”错误是实际的权限问题,但是涉及GroovyObject invokeMethod
的此类错误通常是安全系统屏蔽的“ no方法”错误
答案 1 :(得分:3)
我能够通过Docker image在我的奴隶上安装docker-io来解决这个问题,并使用一个独立的Docker主机,它可以为我需要进行的调用提供服务来构建,运行和推送我的docker镜像到我的注册表。
我最终使用以下脚本来解决此问题:
docker.withServer(DOCKER_MACHINE_HOSTNAME) {
def image = docker.build(DOCKER_TAG, '.')
// Test container then stop and remove it
def container = image.run('--name ' + DOCKER_CONTAINER_NAME)
container.stop()
docker.withRegistry(DOCKER_REGISTRY, QUAY_CREDENTIALS_ID ) {
image.push(DOCKER_APPLICATION_TAG)
}
}
答案 2 :(得分:0)
可能与此问题有关: https://issues.jenkins-ci.org/browse/JENKINS-30414
正如最新评论中所解释的,Script Security plugin可能是问题所在。