Issue

My Jenkins job is failing with the following stack trace:

ERROR: Failed to parse POMs
java.io.IOException: java.lang.RuntimeException: Failed to serialize hudson.maven.MavenModuleSet#publishers for class hudson.maven.MavenModuleSet
	at hudson.XmlFile.write(XmlFile.java:200)
	at hudson.model.AbstractItem.save(AbstractItem.java:600)
	at hudson.model.Job.save(Job.java:189)
	at hudson.model.AbstractProject.save(AbstractProject.java:289)
	at hudson.maven.MavenModuleSet.reconfigure(MavenModuleSet.java:1199)
	at hudson.maven.MavenModuleSetBuild$MavenModuleSetBuildExecution.parsePoms(MavenModuleSetBuild.java:1021)
	at hudson.maven.MavenModuleSetBuild$MavenModuleSetBuildExecution.doRun(MavenModuleSetBuild.java:691)
	at hudson.model.AbstractBuild$AbstractBuildExecution.run(AbstractBuild.java:504)
	at hudson.model.Run.execute(Run.java:1818)
	at hudson.maven.MavenModuleSetBuild.run(MavenModuleSetBuild.java:543)
	at hudson.model.ResourceController.execute(ResourceController.java:97)
	at hudson.model.Executor.run(Executor.java:429)
Caused by: java.lang.RuntimeException: Failed to serialize hudson.maven.MavenModuleSet#publishers for class hudson.maven.MavenModuleSet
...
Caused by: java.lang.RuntimeException: Failed to serialize quality.gates.jenkins.plugin.QGPublisher#buildDecision for class quality.gates.jenkins.plugin.QGPublisher
...
Caused by: java.lang.RuntimeException: Failed to serialize quality.gates.jenkins.plugin.BuildDecision#qualityGatesProvider for class quality.gates.jenkins.plugin.BuildDecision
...
Caused by: java.lang.RuntimeException: Failed to serialize quality.gates.sonar.api.QualityGatesProvider#sonarHttpRequester for class quality.gates.sonar.api.QualityGatesProvider
...
Caused by: java.lang.RuntimeException: Failed to serialize quality.gates.sonar.api.SonarHttpRequester#context for class quality.gates.sonar.api.SonarHttpRequester
...
Caused by: java.lang.UnsupportedOperationException: Refusing to marshal org.apache.http.client.protocol.HttpClientContext for security reasons; see https://jenkins.io/redirect/class-filter/
...

Environment

• CloudBees CI (CloudBees Core)
• CloudBees CI (CloudBees Core) on modern cloud platforms - Managed Master
• CloudBees CI (CloudBees Core) on traditional platforms - Client Master
• CloudBees Jenkins Enterprise - Managed Master
• CloudBees Jenkins Platform - Client Master
• CloudBees Jenkins Distribution
• Jenkins LTS

Resolution

The error is due to the Security hardening: Jenkins LTS 2.107.1 switches XStream / Remoting blacklists to whitelists (JEP-200) for the Quality Gates plugin.

There is no current resolution to this issue with the Quality Gates plugin as of plugin version 2.5.

Workaround

A similar bug ( JENKINS-49130 ) was already fixed in a similar plugin, called Sonar Quality Gates in version 1.2.0.

We have had clients successfully work around this by switching from using the Quality Gates plugin to the Sonar Quality Gates plugin.

Tested product/plugin versions

CloudBees Jenkins Platform - Master 2.176.4.3

Quality Gates plugin version 2.5

Sonar Quality Gates plugin version 1.3.1