CloudBees CD/RO v2023.12.0

The following third-party libraries have been updated:

Apache Ivy has been updated to 2.5.2-PATCH1 version.

CVE-2023-27534 was detected in previous releases of CloudBees CD/RO, and has been resolved.

CVE-2023-38545 was detected in previous releases of CloudBees CD/RO, and has been resolved.

You can now use CloudBees CD/RO ec-specs to write and run test specifications on CloudBees CD/RO releases, pipelines, DSL scripts, etc. For more information, visit the ec-specs GitHub repository.

Starting with CloudBees CD/RO v2023.12.0, you can use approved Argo Rollouts metric providers for deployment inline analysis. CloudBees CD/RO microservice deployment pipelines poll the rollout for results from metric providers, and either progress or rollback the deployment.

A new DORA Metrics dashboard is now available that includes Deployment Frequency, Mean Lead Time, Mean Time to Recover, and Change Failure Rate. Previously split across separate dashboards, your performance metrics can now be tracked a single convenient view.

The number of times a stage has been restarted is now displayed in Audit Reports and the Deployments tab.

Enhancing usability, the MTTR dashboard widget now functions without needing to install and configure the EC-ServiceNow plugin. The EC-ServiceNow plugin procedure GetRecords_NextGen includes the SysID output parameter. If opting not to use ServiceNow, you can set up an alternative procedure that specifies this output parameter.

When adding an application to a release that does not include a configured environment, a warning message now displays.

To improve developer experience, a new initialValue argument has been introduced for property APIs createProperty, modifyProperty and setProperty that can be used to prevent runtime property values from being overwritten. Runtime properties might include counters or other properties that are updated due to process execution. This is particularly helpful when configurations are managed by DSL. For example, when first applying DSL, it might be desirable to set an initial value, but on subsequent applications maintain the current system value. DSL for such a runtime property:

// If prop_counter does not exist,
// then the property will be created with its value set to 1 (value for initialValue). initialValue is also set to 1.
// If prop_counter already exists,
// then the property value will remain unchanged. initialValue is updated to 1.
property 'prop_counter', initialValue: '1', value: '201'

// Existing behavior
// If prop_counter_no_initial_value does not exist,
// then the property will be created with its value set to 201.
// If prop_counter_no_initial_value already exists,
// then the property value will be updated to 201.
property 'prop_counter_no_initial_value', value: '201'
▼

property 'prop_counter', initialValue: '1', value: '201', suppressValueTracking: true
▼

Third-party deployer task artifact version field now supports normal property substitution.

Improved performance of DSL imports containing formal parameters by adding a new validate argument to the create/modifyFormalParameters API. Now, by default, the create/modifyFormalParameters API validation will not evaluate the optionsDsl, validationDsl, or defaultValueDsl argument values. The validate argument must be set to true to validate the optionsDsl, validationDsl, or defaultValueDsl argument values.

The newly added procedure parameter type creates a procedure dropdown to select an existing procedure object. To use this parameter type, you must first provide a way for users to select the project containing the procedure via a Project, Dropdown Menu, or Text Entry parameter type.

The Edit task screen can now be vertically expanded or collapsed.

Links can now be added to the text in the instance header label.

To control validation checks for imported entities, the disableAllValidations argument was added to the evalDSL API.

It is now possible to turn off DSL validation when creating an input parameter in the UI. By toggling off the Validate DSL arguments checkbox, DSL validation is turned off. This is useful when a known good DSL expression takes a long time to validate or when false-positive errors occur at creation time.

Argument were added and depreciated in the getReleases API to improve performance. Argument changes are:

The CloudBees CD/RO traditional application process dialogue has been updated, and it is no longer necessary to select a plugin category before choosing the desired plugin.

CloudBees CD/RO Helm charts now support Kubernetes v1.28.

In the Edit Task panel, a link to open the object-specific editor now becomes active when the Process field is populated.

In this new plugin version contains the following enhancements and fixes.

The following third-party tools have been updated:

Elasticsearch has been updated to version 7.17.14.

Support was added to the CloudBees CD/RO Kubernetes templates for image and container security contexts, and they can now be used in CloudBees CD/RO Helm charts. For more information on configuring security context in your values files, refer to Applying pod security context in CloudBees CD/RO Helm charts.

Starting with v2023.12.0 Helm charts, you can add custom values for:

CloudBees CD/RO Kubernetes has been enhanced, and you can now use custom images in component-level charts. For more information, refer to How to configure custom images for CloudBees CD/RO.

The CloudBees CD/RO web server performance has been improved to compress a wider array of Apache web server files types, including JS, XML, fonts, etc.

Fix issue of job creation hanging when the process has many parallel steps linked to each other.

Fixed issue where applications version defined as a property reference were not expanded in the stage summary.

The Evidence tab of the Audit reports has been enhanced to display evidence from the most recent run of each stage.

Fixed the misinterpretation of transaction rollback errors returned by the RDBMS when committing transactions.

The modifyEnvironmentTier with the flag resourcePhaseMapping command now modifies the existing environment tier as expected.

Fixed DSL property name issue that created conflicts between parent context objects and their nested operation arguments.

Removed the Yes for manual tasks that include parameters.

The myProcess/owningProjectName property is now retained after restarting CloudBees CD/RO.

Resolved an issue where the UI would freeze when a user attempted to edit the start/end date in the popup that displayed for a release with a previously undefined start/end date.

When mapping is not found for an objecftType, the InvalidObjectType EcException now occurs.

Fixed issue of agent using the environment variable PATH defined in ~/.cshrc when upgrading to v2023.08.0 from v10.3 or earlier.

Fixed issue of incorrect version component values being passed to deploy application processes if the value was defined with a property reference.

Override tags now work as expected during DSL evaluation and import.

The evalDSL API now overwrites properties as expected.

Components are now alphabetically ordered in the application tier.

In the CloudBees CD/RO ZooKeeper Helm chart and Docker image, there were environmental variables that were not correctly passed to zoo.cfg. This issue has been fixed. Additionally, autopurge variables were also updated as part of this fix.

The Save release as a catalog item feature now allows project creation.

The Evidence tab of Pipeline run audit report now only displays runtime details for the latest stage.

Fixed issue of a cloned application process containing tiers returning integrity violation errors. Now, when an application process being cloned contains a tier with the same name as an application process tier in the target application, then the application tier id is set to match the value in the target application. If application tier id value is not present in target application, then application tier id to null.

When adding a new property, the Track changes to value checkbox now includes help text explaining its behavior. When the checkbox is selected, changes to the property value are tracked. If not selected, the current property value is only retained during imports and exports.

Widgets now display No data yet message instead of NaN if no data corresponds to filters selected.

evalDsl with Overwrite set to true does not fail for applications containing microservices.

Fixed force import for persona page with persona subpages.

Changed message logging level from ERROR to DEBUG when resourcePool is not found at the start of an environmentTier import. The resourcePool is found later during the import. Import results are not affected.

The getOutputParameter for a job feature now works as expected after upgrading to CloudBees CD/RO v23.10.0 from v10.11.

Property-related API job steps in the evalDSL API now run same way as in DSL IDE. This was fixed by resolving conflicts with explicitly specified and implicitly injected arguments in the evalDSL API.

In previous CloudBees CD/RO versions, the examples for installing agent third-party tools on Kubernetes shown in:

The rolling deploy phases are no longer limited by size.

The MeanLeadTime report does not work correctly when Elasticsearch only has pipeline runs but no release runs.

The CloudBees CD/RO UI does not allow you to transfer artifacts across zones.

When a custom data retention policy schedule is set to run once, the data is not purged after archiving. To purge data after archiving, use a repeat schedule or the global data retention setting.

When using PostgreSQL with change tracking enabled, EcAuditStrategy errors may appear in the server log. This is a known issue, but is not expected to have any effect on the performance of the system.

Events that originate from the default CloudBees CI create default configurations. URLs for these new controllers are not Jenkins configured URLs and cause 401 errors.

You may experience SSO sign-in issues when using Kerberos due to a Microsoft known issue.

When a process step that is not manual is modified to be manual after the process runs, but before the associated job step evaluated, the step hangs and adds a java.lang.IllegalStateException: Unknown step type: manual exception to the log.

The flowRuntime response contains hasCIJobs=1 if a release was started from CloudBees CD/RO and the previous release run was triggered within CloudBees CI.

On Windows agents, "Export DSL" catalog item fails to export objects that end in spaces.

When running getCIBuildLog for a CloudBees CI build, the build log cannot be accessed without restarting the build CloudBees CI controller. As a workaround, restart your CloudBees CI controller, and set up a number of executors, and getCIBuildLog can then be used to access the CloudBees CI build logs.

Before upgrading from CloudBees CD/RO v10.2 and earlier, if legacy services exist in your system, upgrades may fail and database consistency break. Additionally, even if the upgrade returns successfully, it may still be impossible to run the validateDatabase API.

In CloudBees CI job responses, actual parameters are returned that are not defined within the job. Additionally, saving and reloading the tasks doesn’t clear undefined actual parameters.

Currently, if a formal parameter depends on a dropdown menu to get project parameter dependencies for object-like parameters, such as projectName, you can select multiple options in dropdown menus. However, there is only an object name (or list of names in case of multi-select) in the parameter value with no connection to a project and without the ability to identify which object exists in which projects.

SyncArtifactVersions procedure completes with success, rather than showing a warning, when manifest is missing and overwrite = false.

When you use the Automation Platform UI to upload and publish artifact files with non-English characters in their file names, the operation fails with the following error: Upload file: Exit code 1: ERROR: Publish failure: Unexpected retrieval exception for repository error.

Modifications of LDAP user data (such as email addresses) on an Active Directory server after registration in CloudBees CD/RO do not appear properly in user details (in the Automation Platform UI, the Deploy UI, or ectool) until the CloudBees CD/RO server is restarted.

(Microsoft Windows platforms only) If the Elasticsearch cluster used by CloudBees Analytics is in the red state (meaning that it only partly functions and some data is unavailable), then upgrade, reconfigure, and uninstall operations will not work. Since the Elasticsearch service cannot be stopped when a cluster is in a red state, you must stop the Elasticsearch service process from the task manager before running the installer for these actions.

The Microsoft Edge® browser does not work with SAML 2.0 and is missing a self-signed certificate during redirection from the identity provider to the service provider. Microsoft Edge® is not recommended for sign-in via SAML 2.0.

The LANG environment variable must be set to en.US.UTF-8; otherwise, the upgrade fails. Refer to KBEC-00452 - Error installing CloudBees CD/RO 10.0.x when Lang environment variable is different than en.US.UTF-8 for details.

Error prompts for runtimes started by a schedule are not visible if the schedule was created with a missing configuration.

The stage inclusion status in the Release Dashboard changes color after a stage is renamed.

If an application process step cannot expand to its child steps (because of an invalid run condition or an invalid formal parameter), then the step is not retried even if it uses retry on error error handling. The job eventually completes with an error.

The retry count for group tasks or rules using automated retry on error is missing from the Pipeline runtime page.

Multiple mapped environments with the same name from different projects are not supported in email notifications.

A project import might not include the path-to-production view.

All subreleases of a release must appear before the release in the DSL for the release-to-subrelease links to be created.

The ability to search by assignee in a Deployment Report is not available in the CloudBees Analytics report editor.

If Release Command Center was set up for Jira for user stories and defects, and the JIRA project name was mapped to the release project name using the field mapping projectName:releaseProjectName, then before upgrading to 10.0, the field mapping must be updated to mention the actual release project name using the following field mapping format: "release-project-name-in-CloudBees CD/RO":releaseProjectName.

Approval by email on manual tasks should not expect parameters.

If you use the ectool export to export your system configuration from a previous release, and then use ectool import to import the same configuration to a CloudBees CD/RO 10.0 server, some out-of-the-box content introduced in the releases since the version from which the full export was done, such as new or updated plugins, new catalog items, and persona-based menu items, may be missing in the CloudBees CD/RO server UI. It is recommended to use ectool export and ectool import only between servers at the same version.

SSO does not work unless PHP configuration is changed due to a security-related request. As a workaround, change session.cookie_samesite to "Strict" in /opt/electriccloud/electriccommander/apache/conf/php.ini and restart the web server.

CloudBees CD/RO v10.1 introduced new triggers and an updated UI for them. Pre-v10.1 triggers will continue to work but there is no UI to review or run them.

Before using the export command to perform a full data export from the CloudBees CD/RO database, delete any legacy definitions and references to service objects from applications and releases.

You can only revert changes for high-level design objects such as applications procedures, procedure steps, workflow definitions, and state definitions.

Enabling Recursively Traverse Group Hierarchy might impact system performance when the LDAP group hierarchy is traversed. The amount of impact varies with the configurations of the CloudBees CD/RO and LDAP servers, the depth of group hierarchy in the LDAP server, and the network latency between the servers. Ensure that your directory provider can handle the additional load for supporting nested group hierarchy traversal.

System performance might decrease if you disable change tracking at the server level and then re-enable it. Change tracking is enabled by default. For details about using change tracking, refer to change tracking.