Groovy Script Tasks
This topic covers the use of Groovy Script tasks in Release, detailing how to write and execute Groovy scripts on the Release server.
For more information, see Groovy script. This is an automated task that completes when the script finishes successfully.
The inline script editor is used to enter script. Type or paste a Groovy script into the Script field of the Groovy script task details. To enlarge the script editor, click . Pressing this button again will minimize the editor.
The output of the remote script task is in markdown format. For more information, see Using Markdown in Release.
In the release flow editor, Groovy Script tasks have a gray border.
Variables and public API access
You can access releaseVariables
and globalVariables
from a script, which gives you the same set of API services that are available for the Jython Script task type. You can use releaseVariables
and globalVariables
in a script, in addition to the release-as-code API.
You can not use the Release-style ${myReleaseVar}
expression in a Groovy Script task because it is a valid syntax of the Groovy language. This means that Release does not support variable interpolation for Groovy Script tasks, however, you can use this syntax in Jython Scrip tasks.
For example:
def server(type, title) {
def cis = configurationApi.searchByTypeAndTitle(type, title)
if (cis.isEmpty()) {
throw new RuntimeException("No CI found for the Type and Title")
}
if (cis.size() > 1) {
throw new RuntimeException("More than one CI found for the Type and Title")
}
cis.get(0)
}
def globVar = globalVariables['global.globalVariable']
def myReleaseVar = releaseVariables['myReleaseVar']
If you are creating an integerVariable
, then you must ensure that you include negative values of integerVariable
inside the parentheses ( ). Positive values do not need to be included inside the parentheses.
In the example shown below, the negative value -100 is placed inside parentheses:
integerVariable {
name "integerVariable"
value (-100)
}
integerVariable {
name "integerVariable"
value 700
}
Security and Groovy Script tasks
When a Groovy Script task becomes active, the script is executed in a sandbox environment on the Release server. This means that the script has restricted permissions. By default, access to the file system, network, and non API related classes is not allowed.
To remove these restrictions, add a script.policy
file to the XL_RELEASE_SERVER_HOME/conf
directory.
This is a standard Java Security Policy file that contains the permissions that a script should have.
To enable the use of additional Java packages or classes in the script, use the following Release specific RuntimePermission
:
permission com.xebialabs.xlrelease.script.security.RuntimePermission "accessClass.com.company.domain.*"; permission com.xebialabs.xlrelease.script.security.RuntimePermission "accessClass.com.company.utils.HelperClass";
Note: Although we do not advise doing so, it is possible to disable the sandbox environment of the script task by updating the XL_RELEASE_SERVER_HOME/conf/xl-release.conf
file:
xl.security.scripting.sandbox.enabled = false
By default, all password properties for release
, phase
, and task
are encrypted in script task context. It is possible to get decrypted password properties by updating the XL_RELEASE_SERVER_HOME/conf/xl-release.conf
file:
xl.security.scripting.sandbox.decryptPasswords = true
This is a deprecated feature and it will be removed in future releases.
You must restart the Release server after creating or changing the XL_RELEASE_SERVER_HOME/conf/script.policy
or the XL_RELEASE_SERVER_HOME/conf/xl-release.conf
file.
Sample script
This sample script creates a release containing one Manual task:
xlr {
release("Sample release with a Manual task") {
description "Sample template created from Groovy DSL"
phases {
phase {
title "Sample"
tasks {
manual("Manual task") {
description "Manual task description"
}
}
}
}
}
}