Menu
We recently upgraded our Jenkins core versions to 2.222.1. Our jobs leverage Jenkins scripted pipelines. In the pipelines, we publish a build summary (i.e. createSummary step from the Badge plugin) that aggregates the status of the tasks we execute.
With the new version of Jenkins and plugins, the build summary is no longer displayed correctly. I tried disable the headers for the Content Security Policy already with no change in behavior.
When inspecting the elements for the build summary, I noticed the <style>...</style> section we had in place with some custom css is no longer present. Before the upgrade, the build summary included this style section with no issue.
I tried moving what we had in the style section to "Extra CSS" from the Simple Theme Plugin and the css is now showing in the page. However, this made me realize that Jenkins is now stripping the class attribute off of all of the div elements that was included in the createSummary text.
I know there is the HTML publisher plugin that can be leveraged, but with our use case it is extremely convenient to do this in the build summary rather than a linked HTML report since what we are displaying is indeed a summary.
The Badge plugin did not have a version upgrade which makes it seem more likely the change came from the Jenkins core upgrade. Since this was only a minor version upgrade of Jenkins, my hope is that there is a setting to make this work so it can be backwards compatible with our existing pipelines.
What changed in Jenkins that causes the <style> elements and class attributed to be stripped out of the createSummary step?
Is there a way to disable this behavior in Jenkins so we don't have to make significant changes to our existing pipelines?
924
input : Wait for interactive input. This step pauses Pipeline execution and allows the user to interact and control the flow of the build. Only a basic "proceed" or "abort" option is provided in the stage view. You can optionally request information back, hence the name of the step.
Any Jenkins job or pipeline can be parameterized. All we need to do is check the box on the General settings tab, “This project is parameterized”: Then we click the Add Parameter button.
properties : Set job propertiesMainly useful from multibranch Pipelines, so that Jenkinsfile itself can encode what would otherwise be static job configuration. Existing properties set through the Jenkins UI for non-multibranch Pipelines will be preserved.
Jenkins Pipeline allows you to compose multiple steps in an easy way that can help you model any sort of automation process. Think of a "step" like a single command which performs a single action. When a step succeeds it moves onto the next step. When a step fails to execute correctly the Pipeline will fail.
The answer is insanely simple: Disable the OWASP Markup Formatter plugin for the Badge Plugin section in the global config by checking the box as shown here:
This probably is not recommended for a multi-tenant instance with users that are not trusted. Our instance is a private instance where we have control over all jobs and content so makes sense for our use case.
59
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
