CloudBees CD/RO v2023.02.0

CloudBees is pleased to announce the v2023.02.0 long-term support (LTS) release of CloudBees CD/RO. With this release, CloudBees added several new features and system improvements, including:

  • Removed the CGI module, scripts, and support

  • Added new platform support:

    • OpenShift 4.10 and 4.11

    • Kubernetes v1.25 is now supported and has been tested on AKS and GKE

  • Added new plugins:

    • Azure CLI

    • Azure DevOps

    • BringYourOwnDeployer

  • Added automatic navigation to the applicable CloudBees CD/RO feature when executing a Service catalog item template

  • Enhanced methods to simplify pipeline tasks definitions

  • Updated UI features:

    • Added the full parent to child path in the breadcrumb navigation

    • Added the ability to set release planned start and end times in the Release editor UI and DSL

    • Improved the UI design for Pipeline audit reports

Refer to New features and Feature enhancements below for more information.

Security fixes

This release includes the following security updates to address potential vulnerabilities:
  • Apache net commons is upgraded to 3.9.0. [BEE-28877]

  • Elasticsearch is upgraded to 7.17.8. [BEE-29259]

  • Netty codec is upgraded to 4.1.86. [BEE-29117]

  • PHP is upgraded from 7.4.32 to 8.1.14. For details, refer to the PHP 8.1.14 Release Announcement. [BEE-29260]

New features

Azure CLI plugin

The Azure CLI plugin allows you to run Azure CLI commands as part of your CloudBees CD/RO environment, and can be used to create and manage:

  • Virtual machines, nets, and subnets

  • Network security groups (NSGs)

  • Databases

  • SQL and NoSQL actions

For more information, refer to Azure CLI plugin.

Azure DevOps plugin

Azure DevOps is an extension for the Azure CLI that allows you to manage many Azure DevOps Services from the command line. Using the Azure DevOps plugin, you can seamlessly integrate az devops commands into your CloudBees CD/RO projects to help automate your Azure DevOps workflows.

For more information, refer to Azure DevOps plugin.

BringYourOwnDeployer plugin

The BringYourOwnDeployer plugin is a demo plugin released to the CloudBees GitHub community plugin repository. This plugin allows you to provide details about artifacts being deployed and undeployed using CloudBees CD/RO’s third-party deployment inventory interface.

Feature enhancements

CGI module removed

CloudBees has removed the CGI module, which was used for publishArtifacts in the UI and for the CloudBees CD/RO plugin for Jenkins.

PHP now controls UI file upload limits

UI file upload limits are now controlled by PHP in /opt/cloudbees/sda/apache/conf/php.ini.

CloudBees has removed support for CGI. As a result, the default values were increased for the max_file_uploads, post_max_size, and upload_max_filesize properties in the <data_dir>/apache/conf/php.ini file.

The default values for the post_max_size and upload_max_filesize properties are the now same as the Administration  Server settings  System settings: /server/settings/maxUploadSize property. Any change you make to the default setting of one these properties must be made to all properties.

You must restart your CloudBees web server each time you update values in the php.ini file.
After you upgrade your CloudBees CD/RO server to v2023.02.0, you must also upgrade your CloudBees web server.

For default parameter values and more information, refer to Configuration settings preserved after an upgrade.

For more information, refer to Installation and upgrade notes.

Automatic navigation to the applicable CloudBees CD/RO feature when executing a Service catalog item template

The end-target navigation specified in the endTargetJson field has been enhanced to include navigation to all Service catalog generated objects. Now when you select a self-service catalog item, you are automatically given an option to navigate to the created object.

For more information, refer to End-target navigation.

Enhanced methods to simplify pipeline tasks definitions

The createTask and modifyTask methods of the Pipeline API have been enhanced to simplify command pipeline tasks definitions. Use the new command, postp, and shell arguments to configure pipeline command tasks. This also allows a simpler DSL format for managing pipeline command tasks.

CloudBees continues to support the legacy format for backward compatibility. The generateDsl API will use the new format when generating DSL for command tasks.

For details regarding using ectool to configure command pipeline tasks, refer to Use the CloudBees CD/RO API to define tasks.

UI enhancements

This release includes the following UI enhancements:

  • Added the full parent to child path to breadcrumb navigation. To view or access the path, select the folder icon in the upper left corner of the UI.

  • Improved the UI design for Pipeline audit reports

  • Added planned start and end times in the Release editor UI. You can now set the time in HH:MM format when you add or edit release start and end dates.

    This enhancement is not backward compatible in DSL. You cannot import generated DSL of release objects from v2023.02.0 to earlier versions without manual changes.

Performance improvements


Plugin enhancements

CloudBees CD/RO plugins catalog

The CloudBees CD/RO plugins catalog is available on the CloudBees CD/RO documentation site.

For more information about plugin support and versioning, refer to Plugin Concepts.

Version update required for the Jenkins CloudBees CD plugin

Starting with v2023.02.0, CloudBees CD/RO no longer supports the CGI endpoint. To use the Jenkins CloudBees CD plugin with v2023.02.0 and future versions, you must upgrade the plugin to v1.1.30. For more information, refer to the Jenkins CloudBees CD documentation.

Legacy platform plugin manager deprecation

The plugin manager built into the legacy CloudBees CD/RO Automation Platform UI is deprecated starting with release 2023.02.0. CloudBees strongly recommends that you migrate to the new plugin manager. To use the new plugin manager, your plugins must align with the CloudBees plugin development kit (PDK) configuration model and contain the plugin configuration as a first class object.

To migrate an existing plugin to the new plugin manager/configuration, CloudBees recommends rebuilding your plugins using the PDK. For more information, refer to Migrate legacy plugins to PDK. Once a plugin is built to support the PDK configuration, legacy plugin configurations for the plugin may be migrated using a built-in Migrate configurations service catalog item.

After the plugin manager is updated, plugin configurations based on GWT may not be available to view. To view the plugin’s configurations, select the plugin project and choose the Properties tab. The <PluginName>_cfgs property contains the references for all configurations for the plugin. For more information, refer to Migrating your plugin configurations.

Plugins that will be migrated

The following CloudBees supported plugins are not configured with the new plugin configuration, but will be updated soon:

  • EC-SQLServer

  • EC-MySQL

  • EC-Splunk

  • EC-Twistlock

Plugins that will be deprecated

The following CloudBees supported plugins do not support the new plugin configuration and will be deprecated and removed from the catalog:


  • ECSCM-Accurev

  • ECSCM-Bazaar

  • ECSCM-ClearCase


  • ECSCM-File

  • ECSCM-Git

  • ECSCM-Mercurial

  • ECSCM-Perforce

  • ECSCM-Property

  • ECSCM-Repo

  • ECSCM-StarTeam


  • ECSCM-Synergy


  • ECSCM-Vault

  • EC-Twitter

Plugins moving to the community

The following plugins will be removed from the plugin catalog and migrated to the community:

  • EC-Apache

  • EC-Azure

    CloudBees has released a new AzureCLI plugin to replace this plugin.

  • EC-AzureDevOps

    CloudBees has released a new AzureDevOps plugin to replace this plugin.

  • EC-BigIp

  • EC-DB2

  • EC-DBI

  • EC-EC2

  • EC-Gerrit

  • EC-Selenium

To generate a list of legacy plugin configurations on your system, you can use this DSL script.

Contact CloudBees Support if you require assistance updating these plugins to support the new configuration.

Plugin updates

AzureCLI 1.0.0

First release.

AzureDevOps 1.0.0

First release.

EC-Ansible 2.0.0

Plugin has been migrated to PDK.

EC-AWS-EC2 1.0.18

Upgraded third-party dependencies.

Added support for the new plugin configurations.

EC-Core 1.3.3

Removed CGI scripts.

EC-Jenkins 2.2.2

Previous configurations are deprecated and disabled. The Automation Platform UI no longer allows you to create new plugin configurations. If you select Create Configuration in the Automation Platform UI, you are now redirected to the Configure Plugin page in the CloudBees CD/RO UI.

Fixed the Test Connection feature for SSL bump proxy configurations.

EC-Nexus 2.2.0

Added a new Nexus Version plugin configuration parameter to manually select the Nexus version, instead of automatically defining it.

Added a check and setting up version during extraction of a Nexus version.

EC-SendEmail 1.1.2

Changed the Message parameter’s default option from Plain to HTML.

EC-SonarQube 2.1.3

Fixed an issue with the Ignore SSL option for REST-based procedures (Get Last SonarQube Metrics and CollectReportingData).

Plugin Development Kit enhancements


New platform support

This section lists new platform support. Refer to the following topics for a list of officially supported platforms for CloudBees CD/RO:

Resolved issues


Added support of planned start and end time in the release definition.


Fixed an issue with reporting data on the CloudBees Analytics Microservice Deployments dashboard.


Updated the UI to display Pipeline definition tags. Tags display for all Pipeline runs, are available for filtering, and are included in the audit report.


Fixed an issue in v10.7 where the SetupWebhook API did not work when a property was defined in the Repository field.


Fixed an issue in v10.7 where the Git polling trigger did not work when a property was defined in the Repository field.


Improved the performance of evaluating deployerApplication DSL files.


Fixed an issue with attaching credentials when multiple credentials in different projects had the same name.


Fixed an issue with the COMMANDER_HTTP_PROXY environment variable when running cb-perl shell commands in an agent in a remote zone.


Fixed an issue in the UI when adding process steps to application and component processes.


Fixed an issue with HTML tags in procedure steps in the UI.


Removed case sensitivity between active directory and CloudBees CD/RO to resolve a renaming issue.

CloudBees CD/RO does not support active directory synchronization when renaming groups.


Fixed an issue with phase name detection and potential NPE.


Fixed an issue that caused UI failures when the /server/ec_customEditors/pickerStep property was not set.


Added a maxTriggerErrorCount setting to server settings that allows you to define the maximum number of trigger errors to store. The default value is 20. For more information, refer to Server settings.


Fixed an issue with detaching credentials from plugin procedure steps when removing them from the plugin configuration.

BEE-28939, BEE-29075

Updated custom personas to reflect renamed and removed persona pages. Saved persona subpages are available after you upgrade CloudBees CD/RO.


Fixed an issue that caused duplicate inventory items when an application is deployed with different application versions using the /myJob/ec_deployment_artifacts property after modification.


If supressNulls=true, you can now skip DSL generation for empty gates.


Previous run details are not displayed when modifying a release pipeline. The following message displays when you select the Details arrow when modifying a release pipeline: Run details are no longer available. The associated pipeline has been removed or overridden..


Improved the Job Details view UI for catalog item procedure and plugin runs.


Added additional API parameter details to the Compare Environment Details for microservices with Helm charts.


Modified the unique constraint on task_id and name in domain class to only task_id. Added a query to delete the latest duplicate task_id records (retaining the oldest based on created datetime) and created a unique constraint only on the task_id in upgrade scripts.


Fixed an issue with CloudBees Analytics agent installations when the installer validates the remote server details provided by the user and checks the connection.


Updated the UI to allow you to set the planned start and end time for a release.


Updated the Audit Report UI to display Pipeline Run, Project, Release, and Active stage details.


Fixed an issue that caused the Service catalog to run procedures with redundant parameters.


Added a scrollbar to the Service Account selection in the webhook trigger configuration.


Changed the DSL generation format for deployerConfiguration actual parameters to improve performance after imports.


Fixed an issue with removing workspaces in the data retention policies.

Behavior changes


Installation notes

For complete installation and upgrade information, refer to CloudBees CD/RO on Kubernetes and Install CloudBees CD/RO on traditional platforms.

CloudBees deprecated the CloudBees CD/RO ec-jruby and ec-jython wrapper programs with v10.11. The wrapper programs are no longer installed as part of CloudBees CD/RO tools.
Potential backward incompatibility

CloudBees CD/RO Docker images are now based on UBI minimal instead of UBI standard, as in previous releases. Some packages are not installed on our Docker images by default. This may cause backward incompatibility if your environment depends on these tools and utilities. CloudBees CD/RO Docker images now use microdnf as a package manager and yum and dnf package managers are no longer available. To retain backward compatibility, CloudBees CD/RO provides a symlink for microdnf as dnf. These package managers are not 100% compatible, which may cause unexpected errors and require modification of the scripts.

CGI module and support removed

CloudBees removed the CGI module and support with v.2023.02.0. After you upgrade your CloudBees CD/RO server to v2023.02.0, you must also upgrade your CloudBees web server.

UI file upload limits are now controlled by PHP in /opt/cloudbees/sda/apache/conf/php.ini.

For default parameter values and more information, refer to Configuration settings preserved after an upgrade.

Duplicate applications warning

CloudBees CD/RO v10.9 included a fix for an issue that caused duplicate applications for applications created in the UI. The upgrade process fails when there are duplicate applications. CloudBees resolved this issue for MariaDB, MySQL, and Postgres databases. Ensure that your current installation does not contain applications with duplicate names. You can rename or delete the applications. You must remove duplicate applications by ID using the deleteObjects API. You cannot delete duplicate applications by name. For more details and scripts to assist with this process, refer to KBEC-00513 - How to resolve applications with duplicate names before upgrading from a version prior to v10.9.

Apache ZooKeeper required update

The ZooKeeper version bundled with CloudBees CD/RO v10.5 was updated from v3.4.6 to v3.8.0. CloudBees CD/RO v10.5+ requires ZooKeeper v3.8.0. For installation and upgrade instructions, refer to Install ZooKeeper and Upgrade a clustered environment.

Legacy services applications and container entities

In CloudBees CD/RO v10.3, the legacy Services applications and Traditional applications with containers were deprecated and removed. Before you upgrade to CloudBees CD/RO v10.3 or later, you must migrate your applications to the current microservices application model.

Also, before upgrading from CloudBees CD/RO v10.2 or earlier you must delete all legacy services and containers. This will prevent upgrade failure, a database consistency break or inability to run the validateDatabase API.

Legacy webhook triggers

As of v10.8, webhook triggers configured and scheduled before v10.1 have been deleted. Polling triggers configured and scheduled prior to v10.1 continue to work, but they are not available from the UI to review or run.

CloudBees CD/RO server installation binaries are signed for traditional installations so that you can verify their origin and authenticity. Verifying binaries is an optional step in the installation process than can help ensure you are not the victim of a man-in-the-middle attack. For more information, refer to Verify installation binaries.

CloudBees CD/RO on Kubernetes

Sample CloudBees CD/RO server and agent Helm chart values provide the CloudBees default installation values. The CloudBees CD/RO images.tag value associated with v2023.02.0 is 2023.02.0.160256_3.2.35_20230201.

CloudBees CD/RO Docker images and Helm charts are signed so that you can verify their origin and authenticity. Verifying Docker tags and Helm charts is an optional step in the installation process than can help ensure you are not the victim of a man-in-the-middle attack. For more information, refer to Verify Docker images and Verify Helm charts.

CloudBees CD/RO v2023.02.0 now supports Kubernetes v1.25. As a result, Kubernetes PSP support is now deprecated in CloudBees CD/RO 2023.02.0 Helm charts.

CloudBees CD/RO Universal Base Image (UBI)

The actual UBI associated with v2023.02.0 is 9.1.0-1656.1669627757.

Upgrading gateway agents

All gateway agents that meet the following criteria must be updated to CloudBees CD/RO v10.2+:

  • Your enterprise implements a multi-zone environment.

  • Agent versions are a combination of pre-v10.2 and v10.2+.

  • The access route to a v10.2+ agent is configured through a pre-v10.2 gateway agent.

Configuring autostart services for Linux installations

Linux installations that you perform as a non-root user or without sudo permissions cannot automatically start the CloudBees CD/RO server, web server, repository server, or agents. Instead, you must set up service autostart after installation is complete. Refer to Configure autostart for non-root/non-sudo Linux installations to learn more.

Upgrading your CloudBees CD/RO environment
Before starting an upgrade, make sure to back up your existing CloudBees CD/RO data.
Upgradable versions

Upgrades to CloudBees CD/RO 10.x are supported only from ElectricCommander 5.0. For upgrade instructions, refer to the Upgrade on traditional platforms.

Updating the MySQL configuration before upgrading

Since release 8.0.1, CloudBees has instructed customers using a MySQL database to add the following two lines to their MySQL configuration:

init_connect='SET collation_connection = utf8_unicode_ci, NAMES utf8'

Before upgrading CloudBees CD/RO, you must remove these lines or comment them out. Otherwise, jobs will not start.

Ensuring the correct default MySQL default collation

Make sure that the default collation for the MySQL database schema is set to utf8_unicode_ci or utf8_general_ci and that no table in the schema overrides this. The CloudBees CD/RO server checks this configuration on startup and logs errors in the server log if it is not set correctly.

If the collation is not configured correctly, entering non-ASCII text into CloudBees CD/RO can cause errors. For example, setting a release name to a non-ASCII value, and attempting a search, causes an exception.

If your MySQL database schema, or any tables within, are set to a non-UTF-8 collation order, refer to the Knowledge Base article KBEC-00385 - Converting a MySQL Database From Latin-1 to UTF-8 for detailed instructions about safely converting your schema to UTF-8. [NMB-26521, NMB-27459]

Upgrading agents that run the ec-groovy job step in multizone deployments

In multizone CloudBees CD/RO deployments, CloudBees CD/RO agents that are in a different zone than the CloudBees CD/RO server must be upgraded to version 9.0 or later for the ec-groovy job step to run successfully on those agents. You must also upgrade the gateway agents that lead back to the server’s zone, including those in any zones in between the agent’s zone and the server’s zone. [NMB-27490]

For details about multiple zones and gateway agents, refer to Zones and gateways.

Removing the SSL 2.0 Client Hello or SSLv2Hello protocol from your security configurations

CloudBees recommends removing the SSL 2.0 Client Hello or SSLv2Hello protocol from your security configurations for all components. [NMB-27934, NMB-29326]

  1. Upgrade agents to the latest operating system version for security reasons.

  2. If this warning appears on the Automation Platform UI:

    Note: We recommend removing `SSL 2.0 Client Hello` format from server configuration and upgrade older agents as indicated on the Cloud/Resources Page to avoid security risk.

    then enter the following command on the CloudBees CD/RO server:

    $ ecconfigure --serverTLSEnabledProtocol=TLSv1.2
Upgrading the CloudBees Analytics server

This section provides information about upgrading the CloudBees Analytics server.

Potential breaking change: Elasticsearch update

The Elasticsearch version shipped with CloudBees Analytics v10.2 has been updated from v6.6.2 to v7.10.2. As such, this update may create breaking changes in your custom reports. All changes related to the new version are described in Elasticsearch documentation. The following change may affect your reports the most. [BEE-2717] * Accessing missing document values throws an error. The doc['field'].value throws an exception if the document is missing a value for the field field.

To check if a document is missing a value, you can use doc['field'].size() == 0.

  • It is not possible to upgrade CloudBees Analytics v9.0.1 and below to CloudBees Analytics v10.2.0 and above. The installer exits with an error and an appropriate message when such an update is attempted. If you need to upgrade CloudBees Analytics v9.0.1 and below, you must first upgrade to a version between 9.1.0 and 10.1.0, or 9.0.2 and above. After that, you can upgrade CloudBees Analytics to v10.3.0 or higher. [NMB-31030]

  • For previous CloudBees Analytics upgrades from v9.0.1 and below: CloudBees Analytics data may contain obsolete indexes that are incompatible with CloudBees Analytics v10.2.0 and above. To work correctly, it is necessary to re-index these indexes before an upgrade. The installer prompts you to do this before upgrading.

    • In console mode and UI mode, the installer displays the following prompt if outdated indexes are detected:

      One or more Elasticsearch indexes were created in an obsolete version of Elasticsearch. These indexes must be re-indexed for the upgrade to be successful. Do you want to start the reindexation? [n/Y]

      After an affirmative answer, the installer automatically re-indexes and continues the upgrade.

    • In silent mode, the installer reindexes automatically.

  • Backing up and restoring custom settings

    The CloudBees Analytics installer overwrites the elasticsearch.yml configuration file with a new file. This file includes a Custom Settings section, which lets you add Elasticsearch settings not managed by the CloudBees Analytics server without being lost during an upgrade. The installer preserves the settings in the Custom Settings section. [NMB-25850]

  • Upgrading CloudBees Analytics clusters

    The principle of forming a cluster in CloudBees Analytics has changed in v10.2 due to the update of Elasticsearch v7.10.2. In this regard, an additional action is required to upgrade to CloudBees Analytics v10.2 or later:

    When updating the first master node, you must explicitly specify that it is the first node to be updated. If this action is not performed, any cluster that is being updated is placed out of service.

    All installers have been instrumented to accommodate this change. Refer to Upgrade the CloudBees Analytics server for more details. [BEE-2717]

  • CloudBees Analytics server configuration notes

    For a production environment, CloudBees recommends that you install the CloudBees Analytics server on a system separate from systems running other CloudBees CD/RO components (such as the CloudBees CD/RO server, web server, repository server, or agent). If you must install it on the same system (such as for testing or other non-production or trial-basis situations), refer to CloudBees Analytics server with other components for details.

    If your CloudBees Analytics server is configured with multiple nodes in a Kubernetes environment, you must pre-generate your certificates. For more information, refer to Install CloudBees CD/RO within Kubernetes.
CloudBees CI operations center configurations

After upgrading to CloudBees CD/RO v10.7 from v10.0.x, you may need to rework your CloudBees CI operations center configurations. * In v10.0.x, CloudBees CI operations center URLs specified in configurations are silently appended at runtime with the /cjoc path component. * In v10.1, URLs are used as defined in configurations. The /cjoc component is not appended. To maintain pre-v10.1 runtime compatibility, the v10.1 upgrade process modifies CloudBees CI operations center URLs in existing configurations by hardcoding the /cjoc path component. You need to rework existing URLs in configurations where appending the /cjoc path component is inappropriate.

Configuration notes

Performing a full import

During a full import, the import operation might hang in the following scenarios. To import successfully into CloudBees CD/RO 8.0 and newer versions, perform the appropriate workarounds [CEV-15447, CEV-11873]:

  • A manual process step in a process has formal parameters. The workaround is to remove the entry related to the property sheet for the job step that is associated with the manual process step.

  • In the exported XML file from an earlier release, two pipelines are in different projects, and both pipelines have no gate tasks. The flow associated with the pipeline is duplicated under both projects. The workaround is to remove the flow element under the projects.


When an application is cloned from one project (the original project) to another (the destination project), the tier maps for the application point to the environments with the same names in the destination project. To deploy the application to the environments in the original project, you must create tier maps connecting the application to those environments.

Known issues


With CloudBees CD/RO v10.2.1 and earlier, the DSL Import service catalog fails for grouped tasks.


When an artifact name and version are specified in a component with a property reference, getPartialApplicationRevision() returns and the UI displays the property references in the Create snapshot dialog instead of a specific deployed name/version.


The MeanLeadTime report does not work correctly when Elasticsearch has pipeline runs but no release runs.


The UI does not allow the transfer of artifacts across zones.


When a custom data retention policy schedule is set to run once, the data is not purged after archiving. To purge data after archiving, use a repeat schedule or the global data retention setting.


When you save DSL for a dropdown menu, the code is evaluated to catch syntax errors. This evaluation is not the same as when the parameter is used. This can result in a property reference error because the properties may only be available when the parameter values are set. A workaround is to use a try-catch statement where the property path is a property that is not available in the definition context:

def value try { value = getProperty(propertyName: 'property path').value } catch (e) { return [] }


CloudBees CI job tasks with a $[] branchName in the definition fail.


When using Postgres with change tracking enabled, EcAuditStrategy errors may appear in the server log. This is a known issue, but is not expected to affect system performance.


Events that originate from the default CloudBees CI create default configurations. URLs for these new controllers are not Jenkins configured URLs and cause 401 errors.


You may experience SSO sign in issues when using Kerberos due to a Microsoft known issue.


When a release and a deployed application are located in the same project, unique constraints do not work on MySQL, MariaDB, and PostgreSQL databases.


When a process step that is not manual is modified to be manual after the process runs but before the associated job step evaluated, the step hangs and adds a java.lang.IllegalStateException: Unknown step type: manual exception to the log.


Browser redirects to port 2080 during first navigation to CloudBees CD/RO deployed from CloudBees Software Delivery Automation and Flow Helm charts.


SyncArtifactVersions procedure completes with success, rather than showing a warning, when manifest is missing and overwrite = false.


When you use the Automation Platform UI to upload and publish artifact files with non-English characters in their file names, the operation fails with the following error: Upload file: Exit code 1: ERROR: Publish failure: Unexpected retrieval exception for repository error.


Modifications of LDAP user data (such as email addresses) on an Active Directory server after registration in CloudBees CD/RO do not appear properly in user details (in the Automation Platform UI, the Deploy UI, or ectool) until the CloudBees CD/RO server is restarted.


(Microsoft Windows platforms only) If the Elasticsearch cluster used by CloudBees Analytics is in the red state (meaning that it only partly functions and some data is unavailable), then upgrade, reconfigure, and uninstall operations will not work. Since the Elasticsearch service cannot be stopped when a cluster is in a red state, you must stop the Elasticsearch service process from the task manager before running the installer for these actions.


The Microsoft Edge browser does not work with SAML 2.0 and a self-signed certificate during redirection from the identity provider to the service provider. Edge is not recommended for sign-in via SAML 2.0.


The LANG environment variable must be set to en.US.UTF-8; otherwise, the upgrade fails. Refer to KBEC-00452 - Error installing CloudBees CD/RO 10.0.x when Lang environment variable is different than en.US.UTF-8 for details.


When an application with snapshots created in CloudBees CD/RO 6.1 or earlier is cloned and a project containing this application is imported to CloudBees CD/RO 6.3 or higher, the import operation fails.


Error prompts for runtimes started by a schedule are not visible if the schedule was created with a missing configuration.


The stage inclusion status in the Release Dashboard changes color after a stage is renamed.


No error prompt appears for failed tasks and retry tasks during a pipeline runtime.


If an application process step cannot expand to its child steps (because of an invalid run condition or an invalid formal parameter) then the step is not retried even if it uses "retry on error" error handling. The job eventually completes with an error.


The retry count for group tasks or rules using "automated retry on error" is missing from the Pipeline runtime page.


Multiple mapped environments with the same name from different projects are not supported in email notifications.


A project import might not include the path-to-production view.


Jobs might not appear upon drill-down into the "Clusters With Most Deployments" widget in the CloudBees Analytics Microservices Dashboard if the service does not contain a deploy step in the process.


All subreleases of a release must appear before the release in the DSL for the release-to-subrelease link to be created.

CEV-19239 CEV-19259

The ability to search by assignee in a Deployment Report is not available in the CloudBees Analytics report editor.


If Release Command Center was set up for JIRA for user stories and defects, and the JIRA project name was mapped to the release project name using the field mapping projectName:releaseProjectName, then before upgrading to 10.0, the field mapping must be updated to mention the actual release project name using the following field mapping format: "release-project-name-in-CloudBees CD/RO":releaseProjectName.


Approval by email on manual tasks should not expect parameters.


If you use the ectool export to export your system configuration from a previous release and then use ectool import to import the same configuration to a CloudBees CD/RO 10.0 server, some out-of-the-box content introduced in the releases since the version from which the full export was done, such as new or updated plugins, new catalog items, and persona-based menu items, may be missing in the CloudBees CD/RO server UI. It is recommended to use ectool export and ectool import only between servers at the same version.


SSO does not work unless PHP configuration is changed due to a security-related request. Workaround: Change session.cookie_samesite to "Strict" in /opt/electriccloud/electriccommander/apache/conf/php.ini and restart the web server.


CloudBees CD/RO v10.1 introduced new triggers and an updated UI for them. Pre-v10.1 triggers will continue to work but there is no UI to review or run them.


Before using the export command to perform a full data export from the CloudBees CD/RO database, delete any legacy definitions and references to service objects from applications and releases.


You can revert changes only for high-level design objects such as applications procedures, procedure steps, workflow definitions, and state definitions.

Restarting the CloudBees CD/RO server while new records are created for all tracked objects might take at least as long as an export or import of all projects (10 to 40 minutes for a large project).


Enabling Recursively Traverse Group Hierarchy might impact system performance when the LDAP group hierarchy is traversed. The amount of impact varies with the configurations of the CloudBees CD/RO and LDAP servers, the depth of group hierarchy in the LDAP server and the network latency between the servers. Make sure that your directory provider can handle the additional load for supporting nested group hierarchy traversal.


System performance might decrease if you disable change tracking at the server level and then re-enable it. Change tracking is enabled by default. For details about using change tracking, refer to change tracking.