CloudBees Assurance Program

The CloudBees Assurance Program specifies the set of plugins, plugin versions, and plugin dependencies that are either verified or trusted, depending on how much they have been tested. This provides greater stability and security for Jenkins environments. Not only are the plugins in the CloudBees Assurance Program independently stable, but they are tested as a whole (in aggregate) to ensure compatibility with each other and the Jenkins instance.

The primary administrator interface for the CloudBees Assurance Program is Beekeeper. It provides a centralized view of the monitored plugins, recommended actions, and configuration options to further improve the stability and security of your Jenkins instance. The Beekeeper allows administrators to review and install upgrades for plugins. Additionally, administrators can enable automatic upgrades or downgrades of plugins which are not in compliance with the support policy for the CloudBees Assurance Program.

Through the CloudBees Assurance Program, CloudBees classifies plugins into tiers according to how much risk to a given installation’s stability a given plugin may pose. See Plugin support policies for details.

The Plugin management documentation provides step-by-step instructions for installing and managing plugins.

The following configuration options are available, one of which (Enrollment) is selected by default:

Provided you do not uncheck the "Enroll this instance in the CloudBees Assurance Program" option, you can select automatic upgrade, automatic downgrade, or both. These actions will automatically install the CAP Collection version of plugins relative to the version of the currently installed plugins, so as to ensure that your instance runs efficiently and is free of potential plugin incompatibilities.

When enrolled in the CloudBees Assurance Program, two changes are immediately made: the Beekeeper displays the current compliance status with CloudBees Assurance Program, and the Update Center configuration is modified to point at the CloudBees Assurance Program Update Center.

The CloudBees Assurance Program Update Center modifies the list of "Updates" and "Available" plugins on the Manage Plugins page to hide plugins that would be incompatible with CloudBees Assurance Program due to dependencies on plugin versions which are outside of the CloudBees Assurance Program.

If you are testing functionality known to require plugin versions newer than those currently identified as verified or trusted (for example, beta plugins), you have the option of disabling Beekeeper for the duration of your tests.

The Beekeeper regularly evaluates the state of the instance to ensure compliance with CloudBees Assurance Program and provides an "Administrative Monitor" to alert administrators to upgrades needing their attention.

Beekeeper alerting to an available upgrade
Figure 1. Administrative Monitor advising of a new upgrade

When an upgrade is available, the administrator is notified by Beekeeper, with a notification on the Manage Jenkins Page and on the Administrative Monitor shown in the header for other pages.

Upgrade message from header
Figure 2. Upgrade message from header

Clicking Manage will navigate to a Beekeeper screen that outlines the available upgrades as described in Automatic upgrades with Beekeeper Upgrade Assistant.

To reconcile the difference between revisions, Beekeeper reports what actions it will need to perform to upgrade successfully (such as downgrading or upgrading installed plugins).

Before any upgrade, CloudBees recommends creating a backupå of the instance in case there is some unexpected failure during the upgrade process.

The new product release notification shows the offered release and a More Info…​ button that directs the administrator to a page providing additional information about the upgrade.

The upgrade page shows:

  1. Current version and the offered release

  2. Link to Release Notes describing the new features, fixes and known issues

  3. Results of a simulation of the upgrade (including changes in core and/or plugin versions)

  4. Link to documentation and downloads

Upgrading the product
Figure 3. Upgrading the product

CAP enforcement

Automatic plugin upgrade and plugin downgrade together comprise CAP Enforcement, which is only possible if your instance is enrolled in the CloudBees Assurance Program. When CAP Enforcement is applied, plugins are automatically modified to the CAP Envelope version. Plugins which are not part of the CAP Envelope are not changed.

Automatic upgrades with Beekeeper Upgrade Assistant

Beekeeper allows administrators to easily and automatically keep their verified plugins up-to-date with the versions recommended by the CloudBees Assurance Program. To enroll the instance in automatic CAP version compliance, check the Allow automatic upgrades of plugins on restart setting and click Save. It’s recommended that you restart the instance after making changes to allow Beekeeper to perform any necessary automatic upgrades.

If Allow automatic upgrades of plugins on restart was not enabled, Beekeeper will report when the instance is out of compliance with the verified plugins recommended by CAP. To resolve the drift out of compliance, the administrator may either manually follow the Beekeeper recommended actions, or enable Allow automatic upgrades of plugins on restart and then restart the instance to allow the necessary upgrades to complete.

Beekeeper after upgrade
Figure 4. Successful upgrade pending restart

The information and actions offered are:

  1. The current version and revision.

  2. The offered revision.

  3. The plugin operations to perform with the current CAP configuration.

    1. A button (Upgrade Now) to install the upgrade with the current configuration.

  4. The plugin operations to perform if "Allow automatic upgrades of plugins on restart" config value was enabled. This information is only shown if the mentioned config value is disabled.

    1. RECOMMENDED A button (Update config and upgrade now) to install the upgrade after enabling "Allow automatic upgrades of plugins on restart".

Once an upgrade is installed, the set of recommended plugins that is enforced by the CloudBees Assurance Program will automatically change so the report offered by the Beekeeper plugin may automatically change from compliant to non-compliant. This would be completely normal because restarting the instance is required for the upgrade to complete. After the restart, the Beekeeper report should be back to its previous state. The following message prompts for restart:

Successful upgrade
Figure 5. Successful upgrade

If an upgrade fails, Beekeeper will notify the administrator and allow the upgrade to be canceled.

Beekeeper upon a failed upgrade
Figure 6. Failed upgrade

Incremental upgrades

The CloudBees Assurance Program can also provide incremental upgrades. Incremental upgrades include a subset of functionality delivered prior to the full product release. For example, incremental upgrades may deliver plugin security fixes or important new features that can’t wait until the next full product release.

Incremental upgrades appear in the page with a message that a new revision is available. The upgrade page shows the current and offered revisions as well as a simulation of the changes.

Depending on the plugins you have installed, no change may be needed in the running instance. You should choose the upgrade even in those cases so that Beekeeper uses the upgraded configuration.

Incremental upgrades
Figure 7. Incremental upgrades

Given that incremental upgrades are usually used for important inter-release upgrades of the recommended configuration, such as security upgrades, if you perform an initial installation of a version for which an incremental upgrade is available (and the instance is connected to CloudBees Update Center) you will have the option of applying the upgrade from the setup wizard:

Incremental Upgrade offered in the Setup Wizard
Figure 8. Incremental Upgrade offered in the Setup Wizard

If you decide to install the incremental upgrade at this point, depending on the affected plugins, an additional restart may be required at the end of the installation process. If you decide to skip the upgrade in the setup wizard, it will be offered by the Beekeeper Upgrade Assistant as described above so it can be installed at the most convenient time.

If for any reason you need to automatically skip this behavior, just set the system property cb.BeekeeperProp.disableIncrementalWizard to true.

Automatic downgrades

Beekeeper supports automatic plugin upgrades and downgrades to provide comprehensive compliance with the CloudBees Assurance Program. By checking Allow automatic downgrades of plugins on restart, Beekeeper automatically downgrades any installed plugins that exceed the versions explicitly recommended by CAP. While this behavior will only affect plugins considered verified and part of the CloudBees Assurance Program, it may have unintended side effects on stability if the instance has been taking advantage of features and configurations provided by more recent versions of those plugins.

Consequently, this option should be used sparingly.

Although it is possible to enable "Allow automatic downgrades of plugins on restart", CloudBees does not generally recommend doing that.

System properties

Property Default Description



Set to true to not check for full upgrades. Does not disable checks for security fixes to currently installed plugins, even if the security fixes for those currently installed plugins require a full upgrade. An older installation that includes a plugin with a known security issue will be shown as a Beekeeper warning. The solution to that warning may require a full upgrade, but with noFullUpgrade=true, that upgrade will not be included in the warnings



Set to true to install incremental upgrades automatically at startup



Disable checking for incremental releases during the setup wizard



If true every plugin in the envelope will be considered required when CAP is enabled



If true all suggested plugins (as defined in the setup wizard) in the envelope will be considered required when CAP is enabled.