Start the removal of obsolete permissions

[jtnord]

disable obsolete permissions (UploadPlugins, ConfigureUpdateCenter and RunScripts).

• disable the permissions
• mark the permissions as DoNotUse so that plugins updating core will now fail to compile
• retain API compatibility for now (full removal can be done for a future PR).

amends #4365 (released in Jenkins 2.222) relates to JEP-223 / #20740

#23873 (comment)

Testing done

• search for and file PRs to any plugins that are using the permission using GitHub (usage-in-plugins will not find matches in jelly/groovy views):
• ConfigureUpdateCenter
  • role-strategy-plugin remove obsolete permissions role-strategy-plugin#430
  • matrix-auth TBD
  • folder-auth TBD
  • azure-ad-plugin
  • nectar-rbac (CloudBees internal)TBD
• RunScripts
  • scriptler-plugin false positive
  • job-dsl TBD
  • build-flow plugin is deprecated and suspended
  • maven-plugin remove obsolete permission maven-plugin#421
  • nectar-rbac (CloudBees internal) TBD
  • role-strategy-plugin remove obsolete permissions role-strategy-plugin#430
  • matrix-auth TBD
  • openshift-login TBD
  • authorize-project TBD
  • folder-auth TBD
  • google-oauth TBD
  • openstack-cloud-plugin TBD
  • azure-ad-plugin
  • app-detector TBD
  • sounds-plugin TBD
  • jenkins-test-harness remove obsolete RUN_SCRIPTS permission jenkins-test-harness#1126
• UploadPlugins
  • role-strategy-plugin remove obsolete permissions role-strategy-plugin#430
  • matrix-auth TBD
  • folder-auth TBD
  • azure-ad-plugin
  • nectar-rbac (CloudBees internal)TBD

Proposed changelog entries

• The following permissions are now disabled and will be removed in a future Jenkins version, any code relying on them should be updated to instead check for the Overall/Administer permission:
  • Overall/ConfigureUpdateCenter
  • Overall/RunScripts
  • Overall/UploadPlugins

Proposed changelog category

/label developer

Proposed upgrade guidelines

N/A

Submitter checklist

• The issue, if it exists, is well-described.
• The changelog entries and upgrade guidelines are appropriate for the audience affected by the change (users or developers, depending on the change) and are in the imperative mood (see examples). Fill in the Proposed upgrade guidelines section only if there are breaking changes or changes that may require extra steps from users during upgrade.
• There is automated testing or an explanation as to why this change has no tests.
• New public classes, fields, and methods are annotated with @Restricted or have @since TODO Javadocs, as appropriate.
• New deprecations are annotated with @Deprecated(since = "TODO") or @Deprecated(forRemoval = true, since = "TODO"), if applicable.
• UI changes do not introduce regressions when enforcing the current default rules of Content Security Policy Plugin. In particular, new or substantially changed JavaScript is not defined inline and does not call eval to ease future introduction of Content Security Policy (CSP) directives (see documentation).
• For dependency updates, there are links to external changelogs and, if possible, full differentials.
• For new APIs and extension points, there is a link to at least one consumer.

Desired reviewers

@mention

Before the changes are marked as ready-for-merge:

Maintainer checklist

• There are at least two (2) approvals for the pull request and no outstanding requests for change.
• Conversations in the pull request are over, or it is explicit that a reviewer is not blocking the change.
• Changelog entries in the pull request title and/or Proposed changelog entries are accurate, human-readable, and in the imperative mood.
• Proper changelog labels are set so that the changelog can be generated automatically.
• If the change needs additional upgrade steps from users, the upgrade-guide-needed label is set and there is a Proposed upgrade guidelines section in the pull request title (see example).
• If it would make sense to backport the change to LTS, be a Bug or Improvement, and either the issue or pull request must be labeled as lts-candidate to be considered.

[jglick]

Do not use @Restricted on a @Deprecated member. These are two different things with different purposes and should not be mixed.

[jtnord]

90d00cf

[jtnord]

done in 90d00cf

[jglick]

Well, FWIW I meant to keep the @Deprecated and delete the @Restricted. That is, obviously these fields should be @Deprecated; I was asking to not add @Restricted.

(same on RUN_SCRIPTS of course)

[jtnord]

I explicitly wanted to break source compatibility :)
its been deprecated for 5 years, devs (outside of the authZ plugins where its use is still semi legitimate) are not paying attention to it today.

[jglick]

May as well delete localized key while we are here and replace with some text that mentions it is deprecated.

[jtnord]

the text is already "Deprecated - Please use the Overall/Administer permission instead".
Are you suggesting that we hard code the English message here and remove the translations?

[jglick]

If it already notes that it is deprecated I guess it does not matter; would just be a tiny bit of tech debt reduction to eliminate a few localizable keys since the values should never be displayed in the GUI any more.