Why are already approved signatures require to be approved again?

Issue

We can see that already approved signatures are showing up as pending approval in the In-process script approval page. While running the jobs, we can see a message like the one shown below:

Scripts not permitted to use staticMethod XXX XXX. Administrators can decide whether to approve or reject this signature.

The job runs successfully, but the signature shows up again to be approved in the In-process script approval page.

Environment

CloudBees CI (CloudBees Core) on modern cloud platforms - Managed controller
CloudBees CI (CloudBees Core) on traditional platforms - Client controller
CloudBees Jenkins Enterprise - Managed controller
Jenkins LTS
Permissive Script Security Plugin < 0.5

Resolution

This is a side effect of JENKINS-57171, which is related to Permissive Script Security Plugin and will impact your instance even if you are not explicitly using the plugin.

The solution is either disable the plugin, or to upgrade it to at least version 0.5.

Tested product/plugin versions

This article is part of our Knowledge Base and is provided for guidance-based purposes only. The solutions or workarounds described here are not officially supported by CloudBees and may not be applicable in all environments. Use at your own discretion, and test changes in a safe environment before applying them to production systems.