Introduction
All rolling releases for 2.263.2.2, and the CJP fixed lines 2.249.30.0.1 and 2.222.43.0.1, are affected by the three issues listed below.
You are affected by these issues in case that:
-
You have implemented custom scripts which expect Zip files of artifacts to have a top-level directory.
-
You use a pluggable storage like Artifact Manager S3 or Compress Artifacts Plugin.
-
You are serving user content (
$JENKINS_HOME/userContent) from hosted Jenkins through plugins like Simple Theme Plugin, Custom Job Icon Plugin, HTML Publisher, or if you are downloading the files directly from workspace or artifact views.
Environment
The issue happens for rolling line 2.263.2.2 in all products listed below, but also for versions 2.249.30.0.1 and 2.222.43.0.1 for CJP
-
CloudBees CI (CloudBees Core) on modern cloud platforms - Managed controller - 2.263.2.2
-
CloudBees CI (CloudBees Core) on modern cloud platforms - Operations Center - 2.263.2.2
-
CloudBees CI (CloudBees Core) on traditional platforms - Client controller - 2.263.2.2
-
CloudBees CI (CloudBees Core) on traditional platforms - Operations Center - 2.263.2.2
-
CloudBees Jenkins Platform - Client controller - 2.249.30.0.1
-
CloudBees Jenkins Platform - Operations Center - 2.249.30.0.1
-
CloudBees Jenkins Platform - Client controller - 2.222.43.0.1
-
CloudBees Jenkins Platform - Operations Center - 2.222.43.0.1
-
CloudBees Jenkins Distribution - 2.263.2.2
-
CloudBees Jenkins Enterprise - 1.11.42
JENKINS-64621: Zip artifact downloads missing a top-level directory
Zip files downloaded from userContent/workspace/artifact views no longer have a top-level directory, but all the contents is at the root.
For example, for agent workspaces, the structure changed from jobName / a / b / c to a / b / c.
JENKINS-64655: UnsupportedOperationException in jenkins.util.VirtualFile.zip when downloading artifacts from pluggable storage
Artifacts can’t be downloaded from pluggable storage like Artifact Manager S3 or Compress Artifacts Plugin.
Impact
External artifact storage no longer allows downloading multiple artifacts in Zip file. Jenkins shows an "Oops! A problem occurred while processing the request." page every time you try to click the "(all files in zip)" link to download the artifacts. A stacktrace similar to the one below will show up in the Jenkins logs.
Caught unhandled exception with ID 8004672b-68d5-4bfa-a9a0-1282420e7540 java.lang.UnsupportedOperationException: Not implemented. at jenkins.util.VirtualFile.zip(VirtualFile.java:342) at hudson.model.DirectoryBrowserSupport.serveFile(DirectoryBrowserSupport.java:254) at hudson.model.DirectoryBrowserSupport.generateResponse(DirectoryBrowserSupport.java:156) at org.kohsuke.stapler.HttpResponseRenderer$Default.handleHttpResponse(HttpResponseRenderer.java:124) at org.kohsuke.stapler.HttpResponseRenderer$Default.generateResponse(HttpResponseRenderer.java:69) at org.kohsuke.stapler.Function.renderResponse(Function.java:164) at org.kohsuke.stapler.Function.bindAndInvokeAndServeResponse(Function.java:147) at org.kohsuke.stapler.MetaClass$11.doDispatch(MetaClass.java:536) at org.kohsuke.stapler.NameBasedDispatcher.dispatch(NameBasedDispatcher.java:58)
JENKINS-64632: Jenkins controller leaks file descriptors
There is a file descriptor leaks with images used by plugins like Simple Theme Plugin or Custom Job Icon Plugin, which use local hosted images.
Every time a page on the web ui containing locally hosted images is refreshed, a file descriptor is opened (and never closed).
Resolution
Given the regressions listed above on this document, in case that you already addressed SECURITY-1452 by upgrading to 2.263.2.2 for rolling line, or 2.249.30.0.1, 2.222.43.0.1 for fixed line, it is recommended to upgrade to the following.
-
For rolling line: Upgrade from
2.263.2.2to2.263.2.3 -
For CJP fixed line:
-
Upgrade from
2.249.30.0.1to2.249.30.0.2 -
Upgrade from
2.222.43.0.1to2.222.43.0.2
-