CloudBees 2025 changelog archive

Enable GA scanning for JFrog Artifactory publish events

(Release ID: 1.79) New feature

JFrog Artifactory container image scanning is now GA. When a publish event occurs in Release Orchestration, the system triggers any enabled binary scanners to automatically scan the new container image.

Snyk Infrastructure-as-Code (IaC) scanner available in the Marketplace

(Release ID: 1.79) New feature

The Snyk IaC scanner is now available in the Unify Marketplace and supports scanning Terraform, OpenTofu, CloudFormation, and Kubernetes configuration files, including Helm charts, for misconfigurations.

Added support for GitLab as an SCM provider for CloudBees CI and Jenkins integration

(Release ID: 1.79) Feature enhancement

You can now connect GitLab repositories as an SCM provider for Multibranch Pipeline jobs in CloudBees CI and Jenkins.

After integrating your controller with the CloudBees platform, create an SCM integration and onboard your GitLab repositories to view and track builds directly from the CloudBees platform.

Both GitLab Cloud and GitLab Data Center are supported.

References:

Release manifest JSON structure updated

(Release ID: 1.79) Feature enhancement

The release manifest JSON no longer includes the following fields:

Enhance the runtime view to show action steps

(Release ID: 1.78) Feature enhancement

The runtime view now shows the action steps nested under the job steps that use them, improving usability and clarity.

CVSS severity label updated from “Very High” to “Critical” in the UI

(Release ID: 1.79) Resolved issues

Security dashboards now display Critical instead of Very High for vulnerabilities with CVSS scores from 9.0 to 10.0, aligning the UI with CVSS qualitative severity ratings.

This change affects display only. Backend standardization of CVSS severity ratings is planned for a future release.

Enhanced checkout action for multi-repository support

(Release ID: 1.77) New feature

The CloudBees platform Checkout action checks out a Git repository under $CLOUDBEES_WORKSPACE, enabling workflows to seamlessly access repository content during execution. This version adds support for GitHub, Bitbucket, Bitbucket Data Center, Gerrit, and GitLab repositories, expanding compatibility across multiple source control systems.

Leverage Git global credentials action for multi-repository support

(Release ID: 1.77) New feature

The CloudBees platform Git global credentials action configures Git credentials globally for use in workflows running in CloudBees platform. This version adds support for GitHub, Bitbucket, Bitbucket Data Center, Gerrit, and GitLab repositories, improving cross-platform compatibility and workflow consistency.

Integrate Gerrit repositories for unified software delivery

(Release ID: 1.77) New feature

Leverage new repository and workflow integrations to:

Integrate GitLab repositories for unified software delivery

(Release ID: 1.77) New feature

Connect your GitLab repositories to CloudBees platform for a fully governed, end-to-end software delivery experience.

Use this GitLab integration to:

Integrate Klocwork SAST using the CloudBees platform workflow and GitHub Actions workflow

(Release ID: 1.77) New feature

CloudBees platform now supports explicit static application security testing (SAST) for teams that prefer direct control over when and how their code is scanned. In addition to automatic implicit scans, you can now run Klocwork SAST on demand by adding a dedicated scanner action to your CloudBees platform workflow or GitHub Actions workflow.

How it works:

With the new explicit Klocwork scanner action, teams can run security analysis at any point in the CI/CD pipeline, for example, during code-push events, pull requests in GitHub Actions, or scheduled scans. The scanner action accepts configuration values passed directly from the workflow, which lets teams configure scan behavior to match their needs.

Enable granular permissions for Feature management by application and environment

(Release ID: 1.76) New feature

CloudBees platform now supports granular permission controls at the intersection of application and environment for feature management users. Administrators can define which users or groups have access to manage feature flags within specific application–environment pairs, providing greater governance, security, and control while reducing the risk of unintended changes across environments.

References:

Identify flag status at a glance

(Release ID: 1.76) New feature

Determine a flag’s status at a glance with new icons and status badges that indicate whether a flag is active, inactive, in setup, stale, or awaiting approval. The Flags overview page is updated and now displays flag activity across environments, expanded filters, status indicators, and a cleanup summary.

References:

Integrate Snyk SAST for implicit security scanning

(Release ID: 1.76) New feature

CloudBees platform now provides seamless static application security testing (SAST) through direct integration with Snyk SAST. With this new capability, organizations can automatically scan their code repositories for vulnerabilities and misconfigurations, without depending on a specific CI/CD engine or modifying existing workflows.

How it works:

Once enabled through Security  Marketplace, Snyk SAST runs automatically when implicit code security analysis is triggered (for example, when creating a component). It delivers security insights directly within CloudBees platform, no workflow changes or manual triggers required. Just secure, actionable results to help you ship safer software, faster.

Integrate Klocwork SAST for implicit security scanning

(Release ID: 1.76) New feature

CloudBees platform now provides seamless static application security testing (SAST) through direct integration with Klocwork SAST. With this new capability, organizations can automatically scan their code repositories for vulnerabilities and misconfigurations, without depending on a specific CI/CD engine or modifying existing workflows.

How it works:

Once enabled through the Security  Marketplace, Klocwork SAST scans repositories automatically when implicit code security analysis is triggered (for example, when creating a component). It delivers security insights directly within CloudBees platform, no workflow changes or manual triggers required. Just secure, actionable results to help you ship safer software, faster.

Monitor application security posture in real time

(Release ID: 1.76) New feature

Gain unified visibility into your applications’ runtime security posture with the new Applications  Security center.

This centralized dashboard aggregates findings from multiple security tools to help teams monitor, prioritize, and remediate security issues across all deployed assets.

Users can view data through an asset-centric or issue-centric lens, triage findings on detailed security pages, and track remediation progress to make informed, risk-based decisions before promoting releases to higher environments.

Track workflow progress with the new release list column

(Release ID: 1.76) New feature

Added a new column, Furthest staged reach, to display the furthest workflow stage (environment) a release has reached. The workflow run that achieved this stage may differ from the currently running workflow, and both runs are now accessible from the release list view.

Enable seamless Okta redirects after SAML authentication

(Release ID: 1.77) Feature enhancement

CloudBees platform administrators can now configure the Okta tile with SAML so authentication redirects return directly to the intended destination in CloudBees platform. This improvement simplifies access management and provides a smoother, more reliable single sign-on (SSO) experience for teams using Okta.

View the organization-level release list

(Release ID: 1.77) Feature enhancement

Access application releases across the selected organization and its child organizations, along with their statuses and key details.

Enhanced release audit report with definition and workflow run details

(Release ID: 1.76) Feature enhancement

The menu:[Releases], Audit report column now includes detailed information about the release definition and workflow run.

Enhance security tool management and visibility

(Release ID: 1.76) Feature enhancement

This release introduces an enhanced Security, Marketplace tab that improves clarity, control, and consistency when managing security tools across organization and sub-organization scopes.

Key improvements:

These updates improve transparency, reduce setup confusion, and strengthen governance across multi-organization environments.

Support for Anchore Security Scanner in CloudBees CI and Jenkins integration

(Release ID: 1.76) Feature enhancement

Set up your Jenkinsfile to run Anchore security scans and publish results to the CloudBees platform.

Use the new registerSecurityScan step to publish the JSON scan reports directly to CloudBees platform, to view consolidated cross-component security metrics and enhanced analytics.

To use this feature, upgrade to the latest version of the CloudBees platform Integration plugin from the Update Center.

Support for Bitbucket as a source control provider in CloudBees CI and Jenkins integration

(Release ID: 1.76) Feature enhancement

Connect Bitbucket repositories as a source control provider for Multibranch Pipeline jobs.

After integrating your controller with the CloudBees platform, create an SCM integration and onboard your Bitbucket repositories to view and track builds directly from the CloudBees platform.

Both Bitbucket Cloud and Bitbucket Data Center are supported.

To use this feature, upgrade to the latest version of the CloudBees platform Integration plugin from the Update Center.

Support for SonarQube Security Scanner in CloudBees CI and Jenkins integration

(Release ID: 1.76) Feature enhancement

Set up your Jenkinsfile to run SonarQube security scans and publish results to the CloudBees platform.

Use the new exportSonarQubeScan step to extract the results, convert to SARIF format, and then publish the scan reports for ingestion to CloudBees platform to view consolidated cross-component security metrics and enhanced analytics.

To use this feature, upgrade to the latest version of the CloudBees platform Integration plugin from the Update Center.

View component-level SBOMs in CycloneDX format

(Release ID: 1.76) Feature enhancement

You can now view a structured Software Bill of Materials (SBOM) for individual components in CycloneDX format directly within CloudBees platform.

Explore component details, licenses, and external references in an interactive JSON view, and export SBOMs in CycloneDX format for compliance or audit purposes. Clear in-product messages appear when SBOM data is unavailable or fails to load.

You can access SBOM details from the Security summary section of each component.

Automatic binary scanning for CloudBees CI artifacts published to ECR

(Release ID: 1.75) New feature

Binary scanning for CloudBees CI artifacts published to Amazon ECR is now generally available.

When container images are published to ECR using the register-build-artifact stage in a CloudBees CI pipeline, CloudBees platform automatically triggers a binary scan. The scan runs all enabled binary scanners, and the results appear in the security dashboards.

This update ensures continuous security coverage for every binary artifact at the time it’s published, helping you detect vulnerabilities early and prevent unscanned or insecure artifacts from entering your development or deployment lifecycle.

Automatic binary scanning for Jenkins artifacts published to ECR

(Release ID: 1.75) New feature

Binary scanning for Jenkins artifacts published to Amazon ECR is now generally available.

When container images are published to ECR using the register-build-artifact stage in a Jenkins Pipeline, the CloudBees platform automatically triggers a binary scan. The scan runs all enabled binary scanners, and the results appear in the security dashboards.

This update ensures continuous security coverage for every binary artifact at the time it’s published, helping you detect vulnerabilities early and prevent unscanned or insecure artifacts from entering your development or deployment lifecycle.

Automatic binary scanning for GitHub Actions artifacts published to ECR

(Release ID: 1.75) New feature

Binary scanning for GitHub Actions artifacts published to Amazon ECR is now generally available.

When container images are published to ECR using the register-build-artifact GitHub Action, the CloudBees platform automatically triggers a binary scan. The scan runs all enabled binary scanners, and the results appear in the security dashboards.

This improvement ensures that all new images are scanned for vulnerabilities automatically—providing continuous security coverage with no additional configuration required.

CloudBees CI and Jenkins integration no longer uses the OpenTelemetry plugin

(Release ID: 1.75) Feature enhancement

The integration for CloudBees CI and Jenkins no longer relies on the OpenTelemetry plugin to send data from CloudBees CI and Jenkins controllers to CloudBees platform.

This change improves reliability and removes the previous limitation for customers who use the OpenTelemetry plugin with other observability platforms.

To apply this update, upgrade to the latest version of the CloudBees platform Integration plugin from the update center.

References:

Edit and delete options now available from the application details view

(Release ID: 1.75) Feature enhancement

You can now edit or delete an application directly from the application details view using the context menu.

Improved UI handling for long job names

(Release ID: 1.75) Feature enhancement

The UI now handles long job names more effectively, ensuring they display correctly without truncation or layout issues.

Missing mandatory fields are now highlighted in the Manual approval drawer

(Release ID: 1.75) Feature enhancement

The Manual approval drawer now highlights any missing mandatory fields, helping users quickly identify and complete the required information needed for approval.

Application-specific custom properties are now available for stickiness

(Release ID: 1.75) Resolved issues

Corrected a configuration error where the API call to populate the flag stickiness dropdown was incorrectly querying by orgId instead of applicationId for tenants in Application Mode.

This fix ensures that the stickiness property dropdown now accurately lists application-specific custom properties, allowing users to properly configure feature flag targeting and experimentation.

Resolved the issue that sometimes prevented new members from being added to teams after invitation

(Release ID: 1.75) Resolved issues

CloudBees resolved an issue that occasionally prevented newly invited members from being added to their selected teams immediately. Team invitations now process correctly, so new members are added to the right teams automatically, without any extra steps.

Added an API endpoint for removing users from organizations

(Release ID: 1.74) New feature

Added a new API endpoint that allows administrators to remove users from organizations programmatically.

References:

Auto-generate deployer workflow from your application artifacts

(Release ID: 1.74) New feature

Introduced a workflow creation flow specifically for deployment. When the deployer workflow type is selected from Create new workflow, the workflow composer editor automatically generates a deployer workflow constructed based on artifacts found in the application components.

AWS ECR binary scanning now triggered by release publish events

(Release ID: 1.74) New feature

AWS ECR binary scanning capability has been made GA. This release responds to 'publish' events from release orchestration functionality and ensures that any enabled binary scanners are triggered for the new container image.

Added Delete and Close options to the release edit menu

(Release ID: 1.74) Feature enhancement

The Release page now includes Delete and Close options when you select the Edit ellipses, for easier release management.

Alert to update the deployer when the application component list changes

(Release ID: 1.74) Feature enhancement

New notification to users making changes to an application model that if its component list changes, the deployer.yaml file also must be updated.

Audit report can be accessed from the *Releases page*

(Release ID: 1.74) Feature enhancement

The audit report can now be accessed from the Releases page by selecting the Audit report icon.

Improved context for resource permissions in Access Control

(Release ID: 1.74) Feature enhancement

The Access Control UI now provides clear context for the location of the resource when assigning permissions. This enhancement helps users easily identify where a resource resides, ensuring more accurate and confident permission assignments.

References:

Initial staged workflow includes the deployer

(Release ID: 1.74) Feature enhancement

When creating a staged release workflow, CloudBees platform instantiates the reusable workflow deployer.yaml in each stage, and provides assistance if the deployer.yaml workflow does not yet exist.

Release definition details added to audit report

(Release ID: 1.74) Feature enhancement

The release audit report now includes release definition details such as the description, workflow name, parameters, and manifest content.

Release workflow parameters in the release definition

(Release ID: 1.74) Feature enhancement

Parameters included in a release workflow are now surfaced in the release definition, allowing users to parameterize and control workflow behavior directly from within a release.

Look up artifact details by ID (name, version, repo URL, digest)

(Release ID: 1.73) New feature

Launched a new action to accept the artifact ID as input, and output the artifact name, version, repository URL, and binary digest. The artifact ID enables artifact versions to be tracked and referenced in the CloudBees platform, and the output is useful for setting up software deployments.

Support for expressions to dynamically resolve environments in jobs

(Release ID: 1.73) New feature

This update empowers users to streamline their workflows and customize job execution more efficiently by utilizing expressions to determine the appropriate environments at runtime.

Enable inheritance of variables and secrets in reusable workflows

(Release ID: 1.72) New feature

Allow a calling workflow to grant a reusable workflow access to its variables and secrets via opt-in inheritance when invoked.

Add environment context variable

(Release ID: 1.72) New feature

Add a context variable (${{ job.environment }}) to retrieve the current job’s environment.

Commit details linked to artifact version

(Release ID: 1.73) Feature enhancement

Connect source code commit details when publishing an artifact version to the system.

Identify wrong dependencies in the staged workflow composer

(Release ID: 1.73) Feature enhancement

The staged workflow composer now helps the user identify wrong job dependencies by showing descriptive error messages.

Include workflow run details in the release audit report

(Release ID: 1.73) Feature enhancement

The release audit report now includes workflow name, SCM repository, branch, commit SHA, run number, trigger details, start time, and duration.

Enable programmatic organization invites with the v3 Invites API

(Release ID: 1.72) Feature enhancement

Invite users to an organization programmatically using the v3 Invites API with personal access token (PAT) authentication.

Actions that register artifact versions now include commit details

(Release ID: 1.72) Feature enhancement

Commit detail inputs in actions utilized to publish artifact versions to the CloudBees platform. Workflow authors can choose to use commit information from the workflow run or supply their own source code commit information.

Fix lost context when managing permissions in sub-organizations

(Release ID: 1.72) Resolved issues

Execute permission updates in the tenant-level organization to prevent failures when working in a sub-organization. Previously, changes could fail due to lost context.

Fixed issue on action repository resolution

(Release ID: 1.72) Resolved issues

Fixed an issue with action repository resolution. Short repository format exclusively resolves to Github Saas full repository URL. Customers hosting their own actions in a SCM provider other than GitHub must always refer to them using the full repository URL.

CloudBees CI and Jenkins Integration with CloudBees Platform

(Release ID: 1.71) New feature

Starting with this release, you can now view all Multibranch Pipelines running on your CloudBees CI and Jenkins controllers directly within CloudBees platform. This new visualization delivers an all-in-one view of Multibranch Pipeline jobs and builds across your entire CI environment. This integration is made possible by the CloudBees Platform Integration plugin (cloudbees-cbp-unify-integration-plugin), which connects your CloudBees CI controller with CloudBees platform for a seamless experience.

Key features:

References:

New environment context variable

(Release ID: 1.71) New feature

A new CloudBees context variable is available to get a job’s environment.

Use multiple SDK keys in one application

(Release ID: 1.71) New feature

Initialize and run multiple independent SDK instances within one application, each bound to an application–environment SDK key, to evaluate flags across environments, tenants, or regions without redeploying; instances are fully isolated, and the change is backward compatible.

References:

Add approval steps to feature flag changes

(Release ID: 1.69) New feature

Use an approval workflow for feature flag configuration changes. This structured review process allows authorized users to propose changes, and authorized approvers to approve or reject changes before they go live.

References:

Bulk delete artifact versions

(Release ID: 1.69) New feature

Delete multiple artifact versions at once using bulk selection and deletion. For traceability and audit integrity, only versions that have never been deployed are eligible for deletion.

References:

Generate a release audit report

(Release ID: 1.69) New feature

Generate a release audit report; the audit report view provides a summary of operations performed during a release, including manual approvals, deployed artifacts, and evidence collected by the last release workflow run. This view can be downloaded as a PDF document.

References:

Integrate with CyberArk Conjur for external secret management

(Release ID: 1.69) New feature

Use the new Conjur action to fetch secrets from external CyberArk Conjur secret stores and securely reference them in your workflows. Secrets are automatically masked in logs to prevent accidental exposure, while remaining available for use in subsequent steps. This feature introduces our first external secret management capability—enabling secure secret retrieval without hardcoding sensitive information in your workflows.

Run commit SHA link for workflows managed in GitHub

(Release ID: 1.69) New feature

Access to the workflow definition commit SHA is now available from workflow runs for that version of the workflow. This makes it easy to view changes for that commit. Currently, this is available for workflows managed in GitHub source control.

Reorder stages in staged composer

(Release ID: 1.71) Feature enhancement

You can now drag and drop jobs to a different position in the staged workflow composer. The system automatically adjusts job dependencies to ensure job execution order.

References:

View and copy flag names

(Release ID: 1.71) Feature enhancement

Hover to view long flag names on the Flag overview page, and copy any flag name directly from the table. On the flag configuration page, long names are truncated; hover to view the full name or select Copy to copy it.

Understand incorrect expression-related errors more easily

(Release ID: 1.70) Feature enhancement

Get clearer error messages when expressions fail at runtime.

Use the improved build and deployment data display

(Release ID: 1.68) Feature enhancement

Call build actions directly in workflows or use build artifacts to display build data in VSM dashboards, eliminating the need to rely solely on Step:Kind information. Similarly, deploy artifacts can now be used to automatically populate deployment data in VSM dashboards instead of using Step:Kind metadata. This enhancement provides more accurate tracking and simplified workflow configuration while delivering richer insights for your software delivery analytics.

Fixed default handling for String input parameters

(Release ID: 1.69) Resolved issues

Input parameters of type string were incorrectly defaulting to “nil” instead of an empty string (""). This fix ensures string inputs now correctly use an empty string as the default when no value is provided.

Improved action repository resolution for self-hosted SCMs

(Release ID: 1.69) Resolved issues

Short repository formats (for example, owner/repo) were being incorrectly resolved and have been fixed in this release. Short formats now resolve exclusively to repositories hosted on GitHub SaaS. If you’re using a source code management (SCM) provider other than GitHub, be sure always to reference your actions using the full repository URL.

Add and remove artifact version labels from environment inventory views

(Release ID: 1.68) New feature

Artifact version labels can now be added and removed from environment inventory views in addition to the component artifact list views. The artifact versions shown can be controlled by filters.

References:

Automatically capture test results from Jenkins pipeline runs

(Release ID: 1.68) New feature

Automatically capture test results from Jenkins pipeline runs including output from unit, integration, and end-to-end test frameworks integrated into Jenkins. The results are collected without requiring additional configuration, enabling better visibility into test performance across your pipelines.

Capture security scan results from Jenkins pipeline

(Release ID: 1.68) New feature

This release enables the capture of security scan results from Jenkins pipeline runs. Security scan results are captured from tools like SAST, DAST, and other scanners integrated into Jenkins pipelines. These results will be collected and processed for further actions.

Define feature management access with custom roles

(Release ID: 1.68) New feature

Define custom roles for feature management using CloudBees platform’s role-based access control (RBAC) system. The updated documentation provides example roles, step-by-step instructions, and UI-based configurations to help you assign fine-grained permissions for feature flags, target groups, and custom properties.

References:

Automatically capture deployment data in dashboards using deployment artifacts

(Release ID: 1.68) Feature enhancement

Deployment metrics are now automatically populated in dashboards when you use the defined format for generating deployment artifacts. You no longer need to manually specify the Step:kind to indicate a deployment step in the workflow—this step is now inferred based on the artifact format.

Select a principal more easily when granting roles

(Release ID: 1.68) Feature enhancement

The access control section under Tenant settings has been enhanced by simplifying the flow for granting roles. Admins now have an option to select either a user or a team as the principal type before proceeding to select the principal and assigning roles.

Cleaned up artifacts created prior to artifact traceability updates

(Release ID: 1.66.1) Resolved issues

Any artifacts that were created before the implementation of artifact IDs to identify artifact versions have now been removed from the platform, and all affected users have been notified. Users do not need to take any action.

Identify application deployments in the environment inventory

(Release ID: 1.66) New feature

View the application name associated with each artifact version in the environment inventory. The application represents the release used to deploy that artifact.

Manage labels for existing artifacts from GitHub Actions (GHA)

(Release ID: 1.66) New feature

Create, update, and remove labels on existing artifacts in the CloudBees platform. This action is published in the GHA marketplace.

Track application deployments with the environment inventory view

(Release ID: 1.66) New feature

Display where applications are deployed with the new application environment inventory view. This feature allows users to determine the environments where a specific application is deployed, improving traceability and insight into deployment.

Add and filter artifact versions using custom labels

(Release ID: 1.64) New feature

Attach one or more custom text labels to artifact versions and filter them based on those labels. This makes organizing, searching, and managing artifact versions easier when viewing component details.

Coordinate multiple component deployments with the application release model

(Release ID: 1.64) New feature

Coordinate the release of multiple components using the application release model. This model includes a manifest editor to specify the exact artifact versions to be deployed with a pre-configured workflow.

References:

Create multiple components in a single step

(Release ID: 1.64) New feature

Create multiple components at once, streamlining setup and saving time. This enhancement removes the previous limitation of creating components one at a time.

References:

Applications now model how your software is built

(Release ID: 1.64) New feature

Applications are a new construct in the CloudBees platform that lets you model how your software is built. Each application can connect to a source code repository, components, and environments. Applications are required to use features such as release orchestration, feature flag management, application security posture management, and more.

References:

Identify cleanup candidates with code references

(Release ID: 1.64) New feature

Use Code references to review where a feature flag appears in your codebase. This helps you assess stale or inactive flags and decide whether to clean them up, reducing technical debt.

References:

Monitor platform health with the system status indicator

(Release ID: 1.64) New feature

Check the current health of the CloudBees platform services using the new system status indicator in the UI. You can also view past incidents and subscribe to real-time updates at "cloudbees.io".

References:

Preview staged workflows to manage end-to-end releases

(Release ID: 1.64) New feature

Staged workflows—now available for preview—let you organize jobs into distinct phases for better control over end-to-end release processes. Staged workflows offer a visual composer for streamlined authoring and a runtime view that shows the current stage in execution. This preview feature will continue to evolve with new capabilities.

References:

Publish external scan results from GitHub Actions

(Release ID: 1.64) New feature

Integrate external security scanning tools such as Trivy, BlackDuck, and Coverity into your GitHub Actions workflows. Scan results can be automatically published to the CloudBees platform, enabling centralized visibility and policy enforcement across your development pipeline.

References:

Attach labels to artifact versions being published from a GitHub Action workflow

(Release ID: 1.65) Feature enhancement

The existing Register a build artifact action now accepts a new labels parameter. Use it to tag published artifact versions with one or more text labels, making it easier to organize, search, and manage artifact versions in the CloudBees Platform.

Authenticate CloudBees GitHub actions using GitHub-issued OIDC tokens

(Release ID: 1.65) Feature enhancement

Authenticate CloudBees GitHub actions using GitHub-issued OIDC tokens to eliminate PATs and enhance security. The enhanced actions are:

Manage triggers in the staged composer

(Release ID: 1.65) Feature enhancement

Manage your triggers for staged workflows in our new staged composer.

View why a job was cancelled in the UI

(Release ID: 1.65) Feature enhancement

View more explicit information about the reasons a job is cancelled for exceeding compute constraints. This provides more feedback so you can adjust your workflow or resource requests accordingly.

Navigate the platform with enhanced clarity and control

(Release ID: 1.64) Feature enhancement

This update improves platform usability with refreshed navigation elements designed for a more intuitive experience:

Introduced support for Github Actions (GHA) workflows within the platform

(Release ID: 1.63) New feature

Configure the CloudBees platform to deeply integrate with GHA. Display GHA workflows and runs in the platform UI, including test results, generated artifacts, and evidence data. In addition, you can run a CloudBees platform workflow from GHA. Use your preferred CI tools seamlessly with the CloudBees platform to increase software development efficiency and performance.

Introduced the ability to run a CloudBees platform workflow from GHA

(Release ID: 1.63) New feature

Trigger a CloudBees platform workflow from a GHA workflow run. This enables you to orchestrate your software workflows between the CloudBees platform and GHA. This action is published in the GHA marketplace.

Introduced the ability to publish an evidence item from GHA

(Release ID: 1.63) New feature

Capture job-level evidence data and publish it to the CloudBees platform. This action is published in the GHA marketplace.

Introduced the ability to publish test results to the CloudBees platform from GHA

(Release ID: 1.63) New feature

Publish test results from JUnit, Tosca, ProdPerfect, and other tools to the CloudBees platform from GHA. This action is published in the GHA marketplace.

Enhanced the action to register build artifacts from a GHA workflow

(Release ID: 1.63) Feature enhancement

Informs the CloudBees platform that an artifact version has been created, and reports build artifact data generated by a GHA workflow run. The previous version associated the given artifact to the component only, and not to the workflow run.

Added AWS ECR integration for private image use

(Release ID: 1.61) New feature

Added support for integrating the CloudBees platform with AWS Elastic Container Registry (ECR). This integration allows you to use your own private container images in workflows.

Included Github Actions information in VSM dashboards

(Release ID: 1.61) Feature enhancement

Enhanced the Software delivery activity dashboard to include workflows and workflow runs from Github Actions (including enriching drill-down views).

Strengthened OIDC token security — action may be required

(Release ID: 1.61) Feature enhancement

Enhanced the security of the OIDC token implementation to better align with industry standards. As part of this update, the documentation is improved with clearer guidance, best practices, and examples for configuring trust policies.

Action required

If you’re using OIDC tokens, take the following steps to ensure continued functionality:

References:

Notified users of a CloudBees platform GitHub App permissions update request

(Release ID: 1.60.1) New feature

Users have been notified by email that a permission update for the installed CloudBees platform GitHub App is necessary to support an upcoming feature that enables users to view GitHub Actions workflows and runs directly in the CloudBees platform.

References:

Enabled hybrid plugin support for security tools

(Release ID: 1.60) New feature

Enhance CloudBees core plugins for seamless integration with the CloudBees platform implicit security orchestration workflow. These updates allow hybrid plugins to function both as plugins and as actions within CloudBees platform. The following security tools are now available as hybrid plugins: Gosec, Trivy, Gitleaks, Grype, SonarQube, Blackduck, and Coverity.

Introduced component environment inventory view

(Release ID: 1.60) New feature

Gain visibility into where your component’s artifacts are deployed with the new component environment inventory view. This feature allows users to see which environments a particular component’s artifacts are deployed to, improving traceability and deployment insights.

Enhanced platform navigation and contextual awareness

(Release ID: 1.60) Feature enhancement

Improved the user experience with significant updates to navigation and contextual awareness, including:

Updated feature management entity inheritance behavior

(Release ID: 1.60) Feature enhancement

Maintain independent configurations in feature management. Previously, any feature management entity created in a parent organization was automatically inherited by sub-organizations. With this enhancement, inheritance has been removed, and feature management entities created in a parent organization are no longer available in a sub-organization.

Introduced action to register build artifacts from a GitHub Actions workflow

(Release ID: 1.59) New feature

Use this new action to instrument a GitHub Actions workflow and register a build artifact to CloudBees platform, enabling a workflow to deploy and track the artifact version in the environment inventory.

Can now view component environment inventory

(Release ID: 1.59) New feature

Visualize the deployed environments from a component’s artifacts with the new component environment inventory view.

Provided input parameters for manual approval jobs

(Release ID: 1.59) Feature enhancement

Provide input parameters as part of a manual approval, making the values available for use in subsequent workflow jobs.

Enhanced artifact feature with delete artifact versions

(Release ID: 1.58) Feature enhancement

Delete registered artifact versions from the component artifact list view.

Added Bitbucket Data Center metrics

(Release ID: 1.57) New feature

View all Bitbucket Data Center metrics directly on the Component summary and Software delivery activity dashboards for better visibility and tracking.

Added a conflict check for ServiceNow blackout windows

(Release ID: 1.57) New feature

Check for conflicting blackout windows before creating a change request in ServiceNow. If a blackout window exists, you can decide whether to proceed, improving control and automation in ServiceNow workflows.

Introduced reusable workflows

(Release ID: 1.57) New feature

Reuse workflows to reduce duplication, simplify maintenance, and promote best practices. Call a reusable workflow within your workflow to streamline automation.

Enabled deployment with the new Chef Client action

(Release ID: 1.56) New feature

Initiate deployments on the Chef Client application directly from a CloudBees platform workflow.

Introduced the ability to initiate a Tosca test scan from a workflow

(Release ID: 1.56) New feature

Initiate a Tosca test scan directly from a CloudBees platform workflow. The scan results are available in the workflow logs and the Test Insights dashboard, providing greater visibility and traceability.

Trigger multiple workflows with the new dispatch action

(Release ID: 1.56) New feature

Use the new dispatch-workflows action to trigger multiple workflows in parallel or sequentially from a single main workflow, with status tracking for each workflow. This feature simplifies multi-component releases by enabling a single workflow to invoke deployment workflows across components.

Enabled use of sidecar services in jobs

(Release ID: 1.56) New feature

Specify sidecar services in your workflow jobs, such as a database, memory cache, or other required services for building and testing code. Sidecar services are automatically spun up before the job starts and torn down after it completes. While the job is running, it can connect to these services and execute scripts seamlessly.

Added validation to prevent deletion of in-use custom properties

(Release ID: 1.57) Feature enhancement

Delete custom properties with built-in checks to ensure safe removal. If a property is in use, deletion is disabled, and the system alerts the user. The property must be removed from all flag configurations before deletion can proceed.

Improved deployment traceability and environment inventory

(Release ID: 1.57) Feature enhancement

Track built and deployed artifacts. A new environment inventory view shows the latest versions of artifacts in an environment with links to the jobs responsible for the deployment or build. The new artifact deployment history view shows where a particular artifact version was deployed and which version is currently active.

References:

Released new REST API documentation

(Release ID: 1.57) Feature enhancement

Introduced new documentation for the CloudBees cloud-native platform REST API. The documentation explains how to integrate with platform data using standard HTTP methods and JSON-formatted responses, including tasks like creating and managing feature flags, target groups, and custom properties. Detailed examples and parameter tables guide you through authentication, retrieving resource IDs, and handling errors. You can automate workflows, build custom integrations, and enhance your CloudBees platform experience with these APIs.

References:

Log in to ECR across multiple regions

(Release ID: 1.56) Feature enhancement

Added support that enables users to log in to Amazon Elastic Container Registry (ECR) across multiple regions, simplifying workflows that require access to ECR repositories in different geographic locations.

Log in to an EKS cluster in a non-default region

(Release ID: 1.56) Feature enhancement

Added support that allows users to log in to an Amazon Elastic Kubernetes Service (EKS) cluster in a region other than the default. This enhancement provides greater flexibility for managing clusters across multiple regions.