Groovy Script tasks

A Groovy Script task contains a Groovy script that is executed on the Release server. This is an automated task that completes when the script finishes successfully.

Goovy Script Task Details

The inline script editor is used to enter script. Type or paste a Groovy script into the Script field of the Groovy script task details. To enlarge the script editor, click enlarge editor. Pressing this button again will minimize the editor.

Note: The output of the remote script task is in markdown format. For more information, see Using Markdown in Release.

In the release flow editor, Groovy Script tasks have a gray border.

Variables and public API access

You can access releaseVariables and globalVariables from a script, which gives you the same set of API services that are available for the Jython Script task type. You can use releaseVariables and globalVariables in a script, in addition to the release-as-code API.

You can not use the Release-style ${myReleaseVar} expression in a Groovy Script task because it is a valid syntax of the Groovy language. This means that Release does not support variable interpolation for Groovy Script tasks, however, you can use this syntax in Jython Scrip tasks.

For example:

def server(type, title) {
  def cis = configurationApi.searchByTypeAndTitle(type, title)
  if (cis.isEmpty()) {
    throw new RuntimeException("No CI found for the Type and Title")
  }
  if (cis.size() > 1) {
    throw new RuntimeException("More than one CI found for the Type and Title")
  }
  cis.get(0)
}

def globVar = globalVariables['global.globalVariable']

def myReleaseVar = releaseVariables['myReleaseVar']

Note: If you are creating an integerVariable, then you must ensure that you include negative values of integerVariable inside the parentheses ( ). Positive values do not need to be included inside the parentheses.

In the example shown below, the negative value -100 is placed inside parentheses:

integerVariable {
  name "integerVariable"
  value (-100)
  }

integerVariable {
  name "integerVariable"
  value 700
  }

Security and Groovy Script tasks

When a Groovy Script task becomes active, the script is executed in a sandbox environment on the Release server. This means that the script has restricted permissions. By default, access to the file system, network, and non API related classes is not allowed.

To remove these restrictions, add a script.policy file to the XL_RELEASE_SERVER_HOME/conf directory. This is a standard Java Security Policy file that contains the permissions that a script should have.

To enable the use of additional Java packages or classes in the script, use the following Release specific RuntimePermission:

permission  com.xebialabs.xlrelease.script.security.RuntimePermission "accessClass.com.company.domain.*";
permission  com.xebialabs.xlrelease.script.security.RuntimePermission "accessClass.com.company.utils.HelperClass";

Note: Although we do not advise doing so, it is possible to disable the sandbox environment of the script task by updating the XL_RELEASE_SERVER_HOME/conf/xl-release.conf file:

xl.security.scripting.sandbox.enabled = false

By default, all password properties for release, phase, and task are encrypted in script task context. It is possible to get decrypted password properties by updating the XL_RELEASE_SERVER_HOME/conf/xl-release.conf file:

xl.security.scripting.sandbox.decryptPasswords = true

This is a deprecated feature and it will be removed in future releases.

You must restart the Release server after creating or changing the XL_RELEASE_SERVER_HOME/conf/script.policy or the XL_RELEASE_SERVER_HOME/conf/xl-release.conf file.

Sample script

This sample script creates a release containing one Manual task:

xlr {
  release("Sample release with a Manual task") {
    description "Sample template created from Groovy DSL"
    phases {
      phase {
        title "Sample"
        tasks {
          manual("Manual task") {
            description "Manual task description"
          }
        }
      }
    }
  }
}