CloudBees Jenkins Enterprise 1.11.34

4 minute read
CloudBees will no longer be supporting CloudBees Jenkins Enterprise 1.x after July 30, 2020. This end-of-life announcement allows CloudBees to focus on driving new technology and product innovation for CloudBees CI. For information on moving to CloudBees CI, please refer to CloudBees Jenkins Enterprise 1.x to CloudBees CI on modern cloud platforms migration guide which has been created to help you with the migration process. Existing customers can also contact their CSM to help ensure a smooth transition.

RELEASED: 2020-08-12

Based on Jenkins LTS2.235.4-cb-3

Rolling release

Security advisory

Security fixes

New features


Feature enhancements

The Docker Commons plugin and Configuration as Code (FNDJEN-2152)

This plugin now supports Configuration as Code.

The CloudBees Docker Hub/Registry Notification plugin and Configuration as Code (FNDJEN-2153)

This plugin now supports Configuration as Code.

Resolved issues

Security Realm idStrategy issue (CTR-1784)

While the authorization strategy for the operations center was not case-sensitive for the username field, the Team Masters were case-sensitive and had to match exactly what was entered on the Team administration page used to add users. This meant that a user recorded in lower-case was able to sign on with upper-case letters to the operations center but was not recognized in the Team Master.

With this fix, Team Masters allow users to sign on with different character cases when using an authorization strategy that is not case sensitive for UserId or external GroupId.

ConnectedMaster ping thread is not implemented (CTR-2075)

The ConnectedMaster ping thread is not implemented which meant that the operations center was not able to detect that a connection to a Master was broken.

With this fix, we implement the ping thread to identify and cleanup disconnected Masters.

RBAC: Empty group members are interpreted as anonymous (CTR-786)

Modifying configuration XML files to specify a group with an empty member name was resulting in any anonymous users automatically considered members of that group.

With this fix, we now sanity check configuration files and filter out empty groups/roles.

Broken link to RBAC group propagated from operations center (CTR-56)

On Client Masters with the Role-based access control (RBAC) Authentication Strategy enforced by operations center, the links to the member Groups on the Roles page were broken.

Now the are links direct the user to the Group configuration in operations center.

Move/Copy/Promote Copy with builds dropdown is not easily accessible (CTR-2158)

Recent UI updates in Jenkins core caused the Copy with builds button dropdown to be less accessible, only appearing when users selected a small section of the button.

With this fix, we split the button in two separated buttons: Copy with builds and Copy without builds.

RBAC CLI command result in NOOP at master’s root (CTR-1439)

When a Master is connected to operations center and the security realm is pushed from operations center, then RBAC groups and roles operations at Master root are not permitted, as those groups and roles come from operations center.

With this fix, RBAC groups and roles operations at Master root are still not permitted, but return a better message to the user indicating the situation.

RBAC Groups REST API fails when accessed from a connected Master item (CTR-535)

When accessing OC_URL/jobs/[master_name]/groups/api/json an error is shown in the UI.

With this fix, the groups and roles created at item level are correctly returned by the HTTP API.

Accessing /groups page is slow when groups have lots of users or the database is slow (CTR-1530)

The load time of the global Groups page was slow when a group had a large number of members.

With this fix, we reduced the amount of data retrieved to render this view.

Deadlock issue in com.cloudbees.opscenter.server.rbac (CTR-458)

There was an issue with com.cloudbees.opscenter.server.rbac that produced a deadlock.

When there were a large amount of Masters with read permissions, an issue was occurring with the alerter of licensing issues that caused a deadlock. With this fix, the issue that was causing the deadlock is no longer a problem.

Thread contention in Agent page using custom probe command (CTR-2137)

Using the CloudBees Nodes Plus plugin custom probe command in agents may have caused thread contention if the script required a lengthy amount of time running checks.

With this fix, CloudBees has fixed the thread contention issue so that queued threads block waiting for the result of the probe command, ending with all Jenkins dashboard rendering pages blocked.

Fix a memory leak on RBAC node containers (CTR-979)

There was a memory leak when a high number of nodes were created and deleted (a common behavior when using clouds to provision ephemeral agents). Node objects were not properly collected by the JVM Garbage Collector.

With this fix, node objects are now stored in a cache with weak keys, so entries are properly garbage collected. Item listeners have been also added, so cache entries are invalidated when items are deleted in Jenkins.

Errors on startup: "The queue was not initialized, the action (enqueue or shutdown) will not take place." (FNDJEN-2037)

The CloudBees Analytics Plugin populated the log when the initialization didn’t finish before sending an analytics message.

The message now is provided only once.

Link to CloudBees download in Beekeeper is broken (FNDJEN-2090)

A broken link to the downloads page for our fixed line release products has been fixed.

Known issues


Upgrade notes

End-of-life announcement

After assessing the viability of our supported plugins, CloudBees will no longer support the CloudBees Secure Copy Plugin after September 1, 2018.

This end-of-life announcement allows CloudBees to focus on driving new technology and product innovation as well as maintaining existing products that are actively used by customers.

After September 1, 2018 the plugin will lose functionality when upgraded. CloudBees recommends replacing it with Cluster-wide copy artifacts.

For more information regarding this end-of-life announcement, please contact your Customer Success Manager.