CloudBees is pleased to announce the newest CloudBees CD/RO long-term support (LTS) release. You can find specific information about this release in the following sections:
|
Security fixes
The following security fixes and improvements have been made as part of this release:
- Updated third-party components to address security vulnerabilities
-
Updated several third-party components, such as
Netty,PostgreSQL JDBC,Mina Core, andHTTPD, to newer versions that address known security vulnerabilities (CVEs). These updates improve the overall security posture of the platform and reduce exposure to publicly disclosed issues.
- Updated Java to version 21.0.11
-
Updated the Java 21.0.11 version to address security vulnerabilities.
- Upgraded JSPdf to the latest secure version
-
Updated JSPdf to the latest secure version 4.2.1.
Feature enhancements
The following feature enhancements have been made as part of this release:
- Access token creation for single and bulk users by administrators
-
Administrators can now create access tokens on behalf of a single or bulk registered users. The generated token is securely delivered to the user’s registered email address and are never displayed in the UI or returned in API responses. To use this capability, the administrator must have the required modification privileges, target users must have valid email addresses configured, and a default email configuration must be available on the server.
- New UI setting to perserve user-selected filter preference
-
A new UI setting allows administrators to preserve user-selected filter preferences across all table views and sessions. This setting is enabled by default and retains filter preferences until it is disabled before the user’s next login. To prevent filter preferences from being retained, disable this setting.
- New UI setting to preserve user-selected pagination size
-
Pagination size is now tracked per page instead of applying a single shared size across all pages. A new UI setting is introduced for administrators to preserve the user-selected pagination size (for example 10, 20, 50, or 100 items per page) and retain it across all login sessions until the option is disabled for a fresh user log in. By default, all tables display 20 items per page.
- Improved release list page performance and pagination
-
Improved release list page performance by optimizing object counting during pagination. The
countObjectsAPI now dynamically limits the number of objects counted based on the page size (up to five pages ahead), reducing processing overhead and improving responsiveness. For the default page size, this results in up to 10x faster page load times. The pagination footer now initially displays a smaller count threshold (for example, 100+ instead of 1000+) and progressively loads additional counts as users navigate through subsequent pages.
- Custom TLS certificate support for flow server (port 8443)
-
CloudBees CD/RO now supports mounting custom SSL/TLS certificates on the flow-server HTTPS port (8443), replacing the auto-generated self-signed certificates. This enables organizations to use enterprise-issued certificates, such as those from GlobalSign or DigiCert, to meet compliance requirements and maintain a consistent server identity across pod restarts.
This feature is supported only for new (fresh) installations. To add or replace certificates on an existing deployment, refer to the product documentation for the manual workaround.
- Cleanup stale resources before elastic resource pool scale down
-
A new Cleanup Stale Resources step is added to the Scale Down Elastic Resource Pool procedure that runs before the existing scale-down logic. The step retrieves all resources registered in the pool, compares them with the actual running Kubernetes pods, identifies stale or orphaned resources, and automatically removes orphaned entries. After cleanup, the Kubernetes deployment replica count is synchronized with the actual running pod count to ensure resource pool consistency and accuracy.
- Added optional server connectivity checks for agent liveness probes
-
CloudBees CD/RO Agent Helm charts now support an optional server connectivity check for agent liveness probes through
livenessProbe.serverCheck. When enabled, the liveness probe verifies that the Flow server recognizes the agent as alive and automatically restarts pods that enter a zombie state, where the agent process is running but the server connection has been permanently lost. A startup probe has also been added to ensure the agent’s Jetty server is fully initialized before server connectivity checks begin, improving startup reliability and preventing premature liveness failures.
- Added Unattached Allowed column to the credentials page
-
Added a new
Unattached Allowedcolumn to the Credentials page, making it easy to identify which credentials are permitted to remain unattached. The column displays a checkbox for each credential that can be toggled directly from the list view, allowing users to update the setting without opening the credential details page. The Unattached Allowed column is available only when the Manage Unattached Credentials security setting is enabled.
- DSL Sync generates per-root-object prerun files
-
DSLSync now generates a separate
dslsync_pre<RootObject>.dslfile for each root object (project, resource, workspace, etc.) instead of a single monolithic pre-run file. Each file is applied independently during sync, improving reliability for mono-repo setups with multiple root objects. Auto-batching is also included to prevent failures when a pre-run file exceeds JVM byte code limits. Also, DSLSync CLI no longer supports the old file format and does not execute it. Delete the old file and run the--generate-prerun-dslcommand to generate pre-run DSL files for each root object. The old file format does not work when using thedslsync applycommand.
- Enhanced auto-scaled agent workload consolidation
-
Improved workload distribution in auto-scaled agents by consolidating work onto base agents as much as possible, allowing excess auto-scaled agents to go idle and scale down when demand subsides.
- Configurable Init Scripts ConfigMap for Server Init Job
-
CloudBees CD/RO server Helm charts now support overriding the built-in init scripts ConfigMap through
jobInit.initScripts.existingConfigMap. This allows users to provide a customConfigMapcontaining initialization scripts (startup.sh,startup-serverup.sh,register_repo.pl,ScmSync.groovy) when custom server initialization logic is required. Additionally, the server entrypoint has been hardened to gracefully skip files that conflict with read-only subPath volume mounts when using customConfig.existingSecret.
- gMSA for CloudBees CD Agent installation on Windows
-
CloudBees CD/RO now supports Windows Group Managed Service Accounts (gMSA) for CloudBees CD Agent installations on Windows systems. This enhancement allows administrators to configure the agent service using a gMSA account through both the user interface and silent installation modes, without manually managing service account passwords. During installation, specify the gMSA account name suffixed by a
$symbol and leave the password field empty (for example,DOMAIN\cdro-agent$) gMSA support is available on Windows Server 2012 and later in environments integrated with Active Directory Domain Services (AD DS). CloudBees CD/RO agents can be installed and run using these accounts.
- Agent support for Windows gMSAs
-
Added support for running agents under a Group Managed Service Account (gMSA) identity. This allows agents to operate without requiring a managed password while securely authenticating to the server and executing jobs using the gMSA credentials.
Resolved issues
The following issues have been resolved as part of this release:
- Improved error handling in background deleter to continue object deletion
-
Fixed an issue where the CD/RO background deleter encountered an error while deleting an object and stopped further processing in the current run. The error handling has been improved so the process now continues deleting remaining objects even after encountering an error.
- Resources stuck in
Resource Downstate after scale down -
Fixed an issue where resources were stuck in the
Resource Downstate after a scale-down operation. These auto-scaled idle resources are now pre-disabled before the scale-down procedure begins, preventing the scheduler from assigning new jobs to agents in elastic resource pools that are marked for deletion. This ensures a smoother and more reliable scale-down process.
- Data retention policy leave orphaned flow runtime records
-
Fixed an issue where the Data Retention policy could leave orphaned stage, gate, and group-task FlowRuntime records in the
ec_flow_runtimetable. Child runtimes are now marked with deleted=1 before their corresponding back-references inec_flow_run_state_task_infoare cleared, ensuring they are properly processed for deletion. Additionally, a one-time database update identifies and marks existing orphaned records so they can be cleaned up by theBackgroundDeleterservice.
- Deploy microservice process recreated after user deletion
-
Fixed an issue where a deleted deploy microservice process could be unintentionally recreated when a microservice was modified. Default process auto-creation is now limited to microservice creation operations only. As a result, user-deleted Deploy Microservice Processes remain deleted when updating a microservice through dslsync apply, ectool, evalDsl, or the UI Edit dialog.
- DSLSync re-import fails after converting a CI task to a non-CI task type
-
Fixed an issue where changing a CI task to the Procedure task type (or another non-CI task type) did not remove CI-specific configuration fields. As a result, subsequent dslsync re-import operations could fail with validation errors. CI-related fields are now cleared automatically when a task is converted to a non-CI type, allowing the task definition to be re-imported successfully.
- Misleading error message for text input parameters defined for subpipeline
-
Fixed an issue where error messages for sub-pipeline text input parameters containing multiple property references could incorrectly identify the failing property. Previously, if a later property reference could not be resolved, the error message pointed to the first property reference in the value. The error message now correctly identifies the property reference that failed to resolve.
- Maintenance mode denies login for LDAP/AD users
-
Maintenance mode incorrectly denied sign in access to LDAP/AD users with System Administrator persona if the configured
userNameAttributevalue differed from the username entered during sign in. This issue is now fixed, and the impacted administrators can now sign in successfully.
- Fixed findObjects API error when filtering components by refComponentProjectName or refComponentId
-
Fixed an issue where the
findObjectsAPI returned an error when filtering components byrefComponentProjectNameorrefComponentId, despite these properties being listed as filterable bydescribeObject. However, filtering byrefComponentNamewas not affected.
- Fixed HTML rendering in description field
-
The description field appeared as plain text when HTML content was provided and the content was rendered in the UI. The issue is now fixed and the support HTML content now renders as expected.
- Fixed maintenance mode enforcement after server restart or upgrade
-
Maintenance mode is now correctly restored after a server restart or upgrade. Previously, if maintenance mode was enabled before the restart or upgrade, the maintenance banner remained visible, but login restrictions were not enforced, allowing all users to log in. This issue has been fixed, and maintenance mode now consistently applies both the banner and login restrictions after restart or upgrade.
- Fixed snapshot preview incorrectly warned that an artifact version did not exist
-
Previously, the snapshot preview forced artifact version names to lowercase when reading them from the server. If an artifact’s actual version contained uppercase characters (for example, 1.0-FULLCAPS), the lowercased value (1.0-fullcaps) no longer matched any real artifact version, so the preview displayed a misleading warning indicating that the artifact version did not exist. The artifact version is now preserved exactly as defined, so the snapshot preview shows the correct version and no longer raises a false warning,
version does not exist.
- Fixed inconsistent subPathExpr application for log storage volume mounts
-
It was observed that the
subPathExprwas not applied consistently to log storage volume mounts in all storage configurations. As a result, log directories were not isolated at the pod level as expected. This issue is now fixed, andsubPathExpris now applied consistently for both shared and component-specific storage configurations. Additionally, per-componentuseSubPathExprandsubPathExprsettings are now available for the web, repository, and analytics services, providing more granular control over log directory isolation.
- Fixed cross-project pipeline resolution failure when using defaultValueDsl in formal parameters
-
Fixed an issue where startRelease failed with a
NoSuchPipelineerror when a release was created in one project referencing a pipeline from a different project (using--pipelineProjectName), and the pipeline contained a formal parameter withdefaultValueDslreferencing other parameters viaargs.parameters. The pipeline project context was incorrectly lost duringdefaultValueDslevaluation, causing the system to look for the pipeline in the release project instead of the actual pipeline project.
- Fixed parallel group failures during sub-pipeline restart
-
Fixed issues affecting sub-pipeline restarts. Restarted runs now clear stale execution metadata, including completion and outcome fields from the original run, ensuring progress is reported accurately. Additionally, a restart failure caused by a null pointer exception when restarting parallel-group tasks with no previously completed job has been resolved, improving reliability for sub-pipelines that contain parallel execution groups.
- SSO login displays clear error message instead of NullPointerException
-
SSO login now displays a clear error message when the OpenID Connect session expires during authentication or when a cluster membership change occurs mid-login, instead of showing
NullPointerException. Users are prompted to try logging in again.
- Fixed radio button default value selection issue
-
Fixed an issue where radio button parameters did not automatically apply the value defined by Default Value DSL when running a procedure. Previously, changing a dependent dropdown selection did not update the radio button to its expected default value, requiring users to manually select the option. Radio button parameters now correctly evaluate and apply the configured default value based on the selected dependency.
- Fixed intermittent EntityExistsException on ACLs during read-path operations
-
Fixed an
EntityExistsExceptionon ACLs that could intermittently fail read-path operations (deploy/process runs, property lookups, exports) when a detached parent ACL collided with a managed copy during a Hibernate flush.
- Updated ectool Parameter Attach/Detach Commands to Match REST API
-
Updated the
ectool attachParameteranddetachParametercommands to match the REST API behavior and request model. The commands no longer require theprocedureNameandstepNamepositional arguments, allowing parameters to be attached to or detached from tasks using the same request structure supported by the REST API.
- Pipeline progress does not update if sub-pipeline restart
-
Fixed an issue where the top-level pipeline progress percentage did not update correctly after restarting a failed sub-pipeline. The main pipeline’s progress now reflects the actual status of restarted sub-pipelines.
- Fixed minimatch security vulnerabilities
-
Fixed minimatch dependency issues across frontend modules to address known security vulnerabilities and ensure consistent dependency versions throughout the frontend codebase.
Known issues
The following issues are included as known issues in this release:
This release has no known issues.
SyncArtifactVersionsprocedure completes with success when it should fail-
SyncArtifactVersionsprocedure completes with success, rather than showing a warning, when manifest is missing andoverwrite = false.
- Automation Platform UI requires artifacts to use English characters in their file names
-
When you use the Automation Platform UI to upload and publish artifact files with non-English characters in their file names, the operation fails with the following error:
Upload file: Exit code 1: ERROR: Publish failure: Unexpected retrieval exception for repository error.
- Must restart server to apply LDAP changes
-
Modifications of LDAP user data (such as email addresses) on an Active Directory server after registration in CloudBees CD/RO do not appear properly in user details (in the Automation Platform UI, the Deploy UI, or
ectool) until the CloudBees CD/RO server is restarted.
- Not all Elasticsearch operations can be performed in a red state
-
(Microsoft Windows platforms only) If the Elasticsearch cluster used by CloudBees Analytics is in the red state (meaning that it only partly functions and some data is unavailable), then upgrade, reconfigure, and uninstall operations will not work. Since the Elasticsearch service cannot be stopped when a cluster is in a red state, you must stop the Elasticsearch service process from the task manager before running the installer for these actions.
- Microsoft Edge® doesn’t support SAML 2.0
-
The Microsoft Edge® browser does not work with SAML 2.0 and is missing a self-signed certificate during redirection from the identity provider to the service provider. Microsoft Edge® is not recommended for sign-in via SAML 2.0.
- LANG environment variable must be set to
en.US.UTF-8 -
The LANG environment variable must be set to
en.US.UTF-8; otherwise, the upgrade fails. Refer to link:https://docs.cloudbees.com/d/kb-360046953992[KBEC-00452 - Error installing CloudBees CD/RO 10.0.x when theLANGenvironment variable is different thanen.US.UTF-8for details.
- Schedules missing configuration do display runtime error prompts
-
Error prompts for runtimes started by a schedule are not visible if the schedule was created with a missing configuration.
- Changing name in Release Dashboard changes stage status color
-
The stage inclusion status in the Release Dashboard changes color after a stage is renamed.
- Steps that cannot access their child steps are not retried
-
If an application process step cannot expand to its child steps (because of an invalid run condition or an invalid formal parameter), then the step is not retried even if it uses
retry on errorerror handling. The job eventually completes with an error.
- Retry count missing from pipeline runtime page
-
The retry count for group tasks or rules using
automated retry on erroris missing from the Pipeline runtime page.
- Email notifications are not supported for complex environment mapping
-
Multiple mapped environments with the same name from different projects are not supported in email notifications.
- Path-to-production view missing from imported project
-
A project import might not include the path-to-production view.
- All subreleases must be present to link to a release
-
All subreleases of a release must appear before the release in the DSL for the release-to-subrelease links to be created.
- CloudBees Analytics report editor doesn’t include search by assignee
-
The ability to search by assignee in a Deployment Report is not available in the CloudBees Analytics report editor.
- Additional Release Command Center configurations for Jira
-
If Release Command Center was set up for Jira for user stories and defects, and the JIRA project name was mapped to the release project name using the field mapping
projectName:releaseProjectName, then before upgrading to 10.0, the field mapping must be updated to mention the actual release project name using the following field mapping format:"release-project-name-in-CloudBees CD/RO":releaseProjectName.
- Approval by email on manual tasks
-
Approval by email on manual tasks should not expect parameters.
ectool exportandectool importshould only be used between same server versions-
If you use the
ectool exportto export your system configuration from a previous release, and then useectool importto import the same configuration to a CloudBees CD/RO 10.0 server, some out-of-the-box content introduced in the releases since the version from which the full export was done, such as new or updated plugins, new catalog items, and persona-based menu items, may be missing in the CloudBees CD/RO server UI. It is recommended to useectool exportandectool importonly between servers at the same version.
- SSO requires additional PHP configuration
-
SSO does not work unless PHP configuration is changed due to a security-related request. As a workaround, change
session.cookie_samesiteto"Strict"in/opt/electriccloud/electriccommander/apache/conf/php.iniand restart the web server.
- No UI to run or review pre-v10.1 triggers
-
CloudBees CD/RO v10.1 introduced new triggers and an updated UI for them. Pre-v10.1 triggers will continue to work but there is no UI to review or run them.
- Legacy definitions and references cause unexpected behavior for full data exports
-
Before using the export command to perform a full data export from the CloudBees CD/RO database, delete any legacy definitions and references to
serviceobjects from applications and releases.
- Reverting changes is not possible for all objects
-
You can only revert changes for high-level design objects such as applications procedures, procedure steps, workflow definitions, and state definitions.
Restarting the CloudBees CD/RO server while new records are created for all tracked objects might take at least as long as an export or import of all projects (10 to 40 minutes for a large project).
- Recursively traversing nested group hierarchies may cause performance issues
-
Enabling Recursively Traverse Group Hierarchy might impact system performance when the LDAP group hierarchy is traversed. The amount of impact varies with the configurations of the CloudBees CD/RO and LDAP servers, the depth of group hierarchy in the LDAP server, and the network latency between the servers. Ensure that your directory provider can handle the additional load for supporting nested group hierarchy traversal.
- Disabling and re-enabling change tracking may cause performance issues
-
System performance might decrease if you disable change tracking at the server level and then re-enable it. Change tracking is enabled by default. For details about using change tracking, refer to change tracking.