Remove inline javascript code from BuildTriggerStep

[NeetigyaPod]

Testing done

Inspected the element from local machine to check the change. Screenshots attached

Before:

After:

Submitter checklist

Beta Give feedback

1. Make sure you are opening from a topic/feature/bugfix branch (right side) and not your main branch!
2. Ensure that the pull request title represents the desired changelog entry
3. Please describe what you did
4. Link to relevant issues in GitHub or Jira
5. Link to relevant pull requests, esp. upstream and downstream changes
6. Ensure you have provided tests - that demonstrates feature works or fixes the issue

Changed the inline script with accordance to Security Guideline for inline scripts.
Issue : [Issue #72145] (https://issues.jenkins.io/browse/JENKINS-72145)

[jglick]

check BuildTriggerStepConfigTest

[NeetigyaPod]

Hi, the tests seem to fail from original code. Like even in cloned version, the same tests are failing.

Can you please guide me in the same?

[jglick]

the tests seem to fail from original code

https://github.com/jenkinsci/pipeline-build-step-plugin/runs/17351729476 passed in trunk last week. Also, the test failures in this PR are covering exactly the feature area you are modifying, so I think they are very likely related.

[NeetigyaPod]

My bad, I had left the script tags there. Rectified it, is there any way I can check if tests pass locally? I did mvn test but they fail locally. Do I have to download any requirements to set it up locally?
Right now I cloned and am just mvn:hpi run and checking.

[jglick]

Do I have to download any requirements to set it up locally?

Just latest Java 11 and latest Maven.

[NeetigyaPod]

Hi have made the changes, the bugs are fixed

[Kevin-CB]

There is also an onblur call on this page.

pipeline-build-step-plugin/src/main/resources/org/jenkinsci/plugins/workflow/support/steps/build/BuildTriggerStep/config.jelly

Line 30 in 2239584

<f:textbox onblur="loadParams()" id="${jobFieldId}"/>

[NeetigyaPod]

Hi, have rectified that as well.

[Kevin-CB]

I tested it locally, it works as expected and I'm not able to see CSP violation using the CSP plugin

[NeetigyaPod]

@jglick Hi, can we please add the hacktoberfest topic in this repository? Or a label of hacktoberfest-accepted to this PR works as well.

[jglick]

In general I think we should be able to get rid of h.generateId() in these refactorings, by making the behavior function take the element argument into account and looking for siblings. Same for the hard-coded id params, which we did not even bother uniquifying using generateId since we expect this Jelly facet to be loaded only once in a page (Snippet generator).

[NeetigyaPod]

Oh makes sense, I want to contribute to Jenkins in long term as well so I can work on it as a separate issue?
Also is there any slack for Jenkins or is Gitter the preferred platform?

[jglick]

I can work on it as a separate issue?

Sure, if you would like. It is not a priority, would just be a nice stylistic improvement.

is there any slack for Jenkins or is Gitter the preferred platform?

https://www.jenkins.io/chat/ though TBH I am not normally on those. Not sure why Slack is not used.