[JENKINS-68404] Add script listener to track usage

[meiswjn]

This PR relates to https://github.com/jenkinsci/jenkins/pull/6539 and https://issues.jenkins.io/browse/JENKINS-68404. It serves the purpose to track potentially dangerous usages of groovy scripts. The script listener is called when a script is considered to be allowed to use. This also means that scripts running in a sandbox are not logged.

• [x] Make sure you are opening from a topic/feature/bugfix branch (right side) and not your main branch!
• [x] Ensure that the pull request title represents the desired changelog entry
• [x] Please describe what you did
• [x] Link to relevant issues in GitHub or Jira
• [x] Link to relevant pull requests, esp. upstream and downstream changes
• [ ] Ensure you have provided tests - that demonstrates feature works or fixes the issue

[meiswjn]

@daniel-beck https://github.com/jenkinsci/jenkins/pull/6539#issuecomment-1117376441

Let me know what you think.

[meiswjn]

Extends listener introduced in https://github.com/jenkinsci/jenkins/pull/6539

[daniel-beck]

A basic pipeline:

Script: 'echo "hello world"' from origin: 'N/A' by user: 'null'

Once we've finalized the API here, looks like this needs a downstream change in workflow-cps or so.

[daniel-beck]

Looks like this PR needs to be re-filed from an origin branch, or from the fork of a committer (e.g. me), to pick up the changes to the Jenkinsfile, so we have an incremental build of this.

[lemeurherve]

@daniel-beck I've replayed it with the updated Jenkinsfile.

[daniel-beck]

@daniel-beck I've replayed it with the updated Jenkinsfile.

Cheater! (Thanks 😄)

[meiswjn]

With https://github.com/jenkinsci/jenkins/pull/7056 being merged, I will continue on this PR soon :)