CloudBees CI on modern cloud platforms 2.414.3.8

Rolling release: 2023-10-25

Based on Jenkins LTS 2.414.3

Security advisories

CloudBees Security Advisory 2023-10-25

Security fixes

Security vulnerabilities were fixed from Jenkins

The following security tickets were fixed from Jenkins:

  • OSS issue [SECURITY-3237, SECURITY-3238]

  • OSS issue [SECURITY-3246]

  • OSS issue [SECURITY-3265]

Refer to the CloudBees Security Advisory October 25, 2023 for more information.

New Features

None.

Feature Enhancements

None.

Resolved Issues

None.

Known Issues

YAML file is not validated in the Default YAML field of the Configure Controller Provisioning page

On the Configure Controller Provisioning page, the YAML file is not validated when it is configured in the Default YAML field.

Auto-update bundle version may incorrectly update the wrong bundle version if multiple bundle.yaml files exist in the repository

When using "Auto-update bundle version", the wrong bundle may be updated if multiple bundle.yaml files exist in the repository.

Wrapped token file can not be deleted by the operations center

The .wrappedToken file is inadvertently being included in the bundle by the operations center bundle retriever and giving a structural warning, [STRUCTURE] - The following files have been detected in the bundle folder but they are not yaml files: .wrappedToken.

Add CloudBees CI communications to the CasC Bundle Retriever

When a bundle is retrieved from the SCM there are benign warnings in the logs about communication with the operations center.

Error when renaming an existing EC2 cloud

When the name of an existing cloud node is updated, the user receives a 404 error after selecting save. This is because the cloud page uses the cloud name as part of its URL. When the user saves the name, Jenkins sends the user to the URL with the old cloud name. Please note that all node changes are saved successfully.

Duplicate Pipeline Template Catalogs in the Configuration as Code (CasC) for Controllers jenkins.yaml file on each instance restart

If a Pipeline Template Catalog is configured in the CasC jenkins.yaml file and the id property is not defined, the catalog is duplicated on each instance restart and in the exported CasC configuration.

Upgrade Notes

Operations center CloudBees Assurance Program plugin changes since 2.414.2.2

The following plugins have been removed from the Operations center CloudBees Assurance Program since 2.414.2.2:

  • Maven Integration plugin (maven-plugin)

Controller CloudBees Assurance Program plugin changes since 2.414.2.2

The following plugins have been added to the Controller CloudBees Assurance Program since 2.414.2.2:

  • GitLab API Plugin (gitlab-api)

  • GitLab Branch Source Plugin (gitlab-branch-source)

  • Jersey 2 API (jersey2-api)

  • Pipeline Maven Integration Plugin (pipeline-maven)

  • Pipeline Maven Plugin API (pipeline-maven-api)

The following plugins have been removed from the Controller CloudBees Assurance Program since 2.414.2.2:

  • Maven Integration plugin (maven-plugin)

Jenkins 2.414 upgrade notes