Sandbox is preventing me from formatting a string

Question

I have a simple groovy script:

node ("master")
{
  echo "I am about to try to use String.format"
  def jjj = String.format("bob")
  echo jjj 
}

If I put this script right into my job configuration and run it, it runs fine.

But if I put that script into a file which I then load via "Workflow script from SCM", I get the error

org.jenkinsci.plugins.scriptsecurity.sandbox.RejectedAccessException: unclassified staticMethod java.lang.String format java.lang.String

How do I work around this? Is it possible to turn off the sandbox for "Workflow script from SCM" like it is for "Workflow script"?

Or is there some sandbox-approved way of formatting a string in groovy?

And why is it preventing me from formatting a string in the first place?

Answer 1

I think it's not possible to disable sandboxing when using Workflow script from SCM

However you can approve the usage here:

http://<jenkins_host>:<port>/scriptApproval/

Answer 2

How do I work around this?

Possibly (untested)

String.format("bob", [])

rather than using varargs. At any rate you should file a bug in JIRA (component script-security-plugin, label workflow) with steps to reproduce.

Is it possible to turn off the sandbox for "Workflow script from SCM" like it is for "Workflow script"?

No: JENKINS-28178