You're on your way to the next level! Join the Kudos program to earn points and save your progress.
Level 1: Seed
25 / 150 points
1 badge earned
Challenges come and go, but your rewards stay with you. Do more to earn more!
What goes around comes around! Share the love by gifting kudos to your peers.
Keep earning points to reach the top of the leaderboard. It resets every quarter so you always have a chance!
Join now to unlock these features and more
Whenever I push a bamboo spec plan to bamboo server and it attempts to automatically load the plan, it fails due to the following error:
[ERROR] Failed to execute goal com.atlassian.bamboo:bamboo-specs-runner:6.3.2:run (default-cli) on project bamboo-specs: Execution default-cli of goal com.atlassian.bamboo:bamboo-specs-runner:6.3.2:run failed: access denied ("java.lang.RuntimePermission" "getProtectionDomain") -> [Help 1]
When the plans run automatically, i notice to maven it passes -Dspecs.useSecurityManager=true.
If I log into the build server, clone the repo and run this command by hand, it fails just as above. If I set useSecurityManager=false though and provide a .credentials file, everything works fine.
What does this setting do and how can I fix it so that plans pushed on the monitored branch actually update automatically? I have the repository configured in bitbucket with SSH keys enabled and the build account can clone / update the repository just fine for everything else.
Bamboo has custom SecurityManager to avoid malicious Java code to be executed at Java VM of Bamboo Server. It looks like your Bamboo Specs code tries to use forbidden methods. If you believe you need it this code to be executed at Bamboo consider to use Docker to run Bamboo Specs or turn off Security Manager.
It can be done at Administration > Security configuration
I'm running Bamboo 6.6.1 and the options available do not match the documentation. The options are Enable Repository Stored Specs and Process Bamboo Specs in Docker. There is no "Enable secure Specs processing" option as documented.
This server does not have internet access, and does not have docker. Installing docker and creating a local docker image share is not possible as getting authorization for all of that in our build environment will take forever.
Further, can you elaborate on "forbidden methods"? The build is pretty basic and does not do the things mentioned in the docs. The main() method is unchanged from the auto-generated one.
Thanks for you environment details.
I think it's better to continue discussion at support ticket to gather more details about code, operation system and Java version you use. Please raise a support request at support.atlassian.com
Has this been solved somehow? Is there any workaround?
I just encountered same issue in bamboo server 6.10.4 (only difference is that in my case it is "java.lang.RuntimePermission" "accessDeclaredMembers") and it seems that running in build specs in docker setting does not help as it obviously uses same security manager.
Is there some way how to make it work?