CloudBees CI release notes

CloudBees CI is a fully-featured, cloud native flexible, scalable CI/CD solution that can be hosted on-premise or in the public cloud. It provides a shared, centrally managed, self-service experience for all your development teams.

Please refer to maintenance lifecycle policy to learn which versions of CloudBees CI are currently supported as well as the supported platforms page for the product to learn which platforms are supported.

If you skip versions when you upgrade, refer to previous versions of the release notes for any relevant known issues or upgrade notes. The CloudBees supported platforms and CloudBees maintenance lifecycle policies pages contain additional information about what is supported in this release.

Latest 2.440.1.3

Released: February 21, 2024

DevOptics Plugin Incompatibilities with Java 17 (BEE-46482)

If you are actively using devoptics, you must:

  • Not upgrade the devoptics plugin to version 2.0

  • Not upgrade CloudBees CI Modern, to 2.440.1.3

  • Not update the JVM to Java 17 if you use CloudBees CI Traditional

If you are not actively using devoptics, but have it installed:

  • Upgrade to version 2.0 to remove the incompatibility before upgrading CloudBees CI Modern or the JVM for CloudBees CI Traditional or

  • Uninstall the plugin

Introduction of a concrete type for controller exposure (BEE-44367)

Prior to this update, the operations center would dynamically change the behavior of exposing a controller based on a runtime lookup to detect if the underlying Kubernetes infrastructure was OpenShift or not. However, this dynamic check could lead to the creation of an Ingress object for a controller rather than a Route.

After this update, the type needs to be set when configuring the Kubernetes endpoint. Existing configuration will migrate to auto detect but attempts will be made to replace it with the correct type.

Configuration as Code bundles now need to be updated to specify the concrete type of service exposure method and for Ingress types such as ingressClass and IngressAnnotations to be on the ContainerMasterProvisioningDescriptor.

Example 1. View OpenShift CasC snippet:
masterprovisioning:
  kubernetes:
    clusterEndpoints:
      - id: "myEndpoint"
        name: "openshift"

becomes:

masterprovisioning:
  kubernetes:
    clusterEndpoints:
    - id: "myEndpoint"
      name: "openshift"
      serviceExposure: "openShiftRoute"
Example 2. View Generic Kubernetes CasC snippet:
masterprovisioning:
  kubernetes:
    clusterEndpoints:
    - id: "myEndpoint"
      ingressAnnotations: |-
        key1: value1
        key2: value2
      ingressClass: "myingressclass"
      name: "kubernetes"

becomes:

masterprovisioning:
  kubernetes:
    clusterEndpoints:
    - id: "myEndpoint"
      name: "kubernetes"
      serviceExposure:
        ingress:
          ingressAnnotations: |-
            key1: value1
            key2: value2
          ingressClass: "myingressclass"

2.426.2.2 Security release

Released: December 13, 2023

Removal of Unnecessary 'daemonize' Dependency in CI Traditional RPMs (BEE-23166)

Removal of unnecessary 'daemonize' dependency in the CloudBees CI traditional RPM.

We have removed the 'daemonize' package dependency from CloudBees CI traditional RPMs for both the Operations center and Controller, as it was not required in most scenarios. This change simplifies installation and upgrades, particularly in environments where access to the Extra Packages for Enterprise Linux (EPEL) repository is restricted.

2.414.3.7 Security release

Released: October 18, 2023

Controllers fail to start due to plugins moved from the plugin catalog to the CloudBees Assurance Program (CAP)

With the 2.414.3.7 release, the following plugins were added to CAP:

  • GitLab API (gitlab-api)

  • GitLab Branch Source (gitlab-branch-source)

  • Pipeline Maven Integration (pipeline-maven)

  • Pipeline Maven API (pipeline-maven-api)

If your CasC bundle has any of these plugins in the plugin catalog, they must be removed. Otherwise, your bundle becomes invalid and will not start.

With the 2.414.3.7 release, the following plugin was removed from CAP:

  • Maven Integration (maven-plugin)

If this plugin is already installed, it will continue to be installed. If you wish to install this plugin through CasC from the October release onward, it must be included in the CasC bundle’s plugin catalog and in the plugins.yaml file.

YAML section in Pod Template not recognized

Starting with Kubernetes plugin (version 4029.v5712230ccb_f8) the YAML parsing library was updated to snakeyaml-engine:2.5 which implements YAML specification 1.2.2. In this specification, the YAML merge operator (<<) was removed. Therefore, any usage of the merge operator in pod definitions needs to be removed.

An example of a pod definition using YAML anchors and aliases instead of the merge operator:

apiVersion: v1
kind: Pod
spec:
  containers:
  - name: maven
    image: 3.9.4-eclipse-temurin-11
    resources:
      requests: &maven-container-resources
        cpu: 1500m
        memory: 3500Mi
      limits:
        *maven-container-resources
    command:
    - sleep
    args:
    - infinity

An example of the result of YAML specification 1.2.2 on a pod definition using anchors and aliases instead of the merge operator:

apiVersion: v1
kind: Pod
spec:
  containers:
    - name: maven
      image: 3.9.4-eclipse-temurin-11
      resources:
        requests:
          cpu: 1500m
          memory: 3500Mi
        limits:
          cpu: 1500m
          memory: 3500Mi
      command:
        - sleep
      args:
        - infinity

For more information, refer to YAML version 1.2.

2.414.2.2 Security release

Released: September 20, 2023

CasC Export should escape variable expressions (BEE-38184)

CasC Export now escapes variable expressions. However, variable expressions are not replaced when imported, unless a new configuration is set as pass thru.

This fix introduces a breaking change and any bundle using the variable resolution will stop working. To continue to use and resolve variables in your bundle, configure your CloudBees CI instance before loading your CasC bundles. To configure your CloudBees CI instance do one of the following:

  • Enable the Enable or disable the variable resolution in the item creation for administrator setting on the System configuration page.

  • Configure the cascItemsConfiguration value in the YAML file.

2.401.2.3

Released: June 28, 2023

Pod Security Policy removed from Kubernetes 1.25 (BEE-34726)

Pod Security Policy (PSP) was deprecated in Kubernetes 1.21 and removed from Kubernetes 1.25. As an alternative, you can enforce Pod Security Standards by using Pod Security Admission (PSA). Refer to Pod Security Admission for CloudBees CI on modern cloud platforms for more information.

Operations center sign-on (SSO) does not work for controllers connected using WebSocket transport (BEE-37051)

Operations center sign-on (SSO) is not working from controllers connected using WebSocket. An error is displayed when attempting to log in that the public key is missing.

2.401.1.3

Released: May 31, 2023

CloudBees CasC Server plugin 2.0 upgrade (BEE-32075)

The CloudBees CasC Server plugin 2.0 upgrade introduces bundle branch and tag support. The plugin update changes the folder structure within JENKINS_HOME that stores the Configuration as Code for controller bundles. Due to the change to this folder structure, your existing bundles must be migrated. For more information on migrating your bundles, refer to Migrating Bundles.

Jenkins CLI auth with username/password fails after 2.401.x (BEE-40827)

Username/password authentication is no longer supported for use on the Jenkins CLI on a connected controller when the operations center single sign-on (SSO) is in use. Instead, create an API token on the operations center.

2.387.2.3 Security release

Released: April 5, 2023

Promoted Builds integration removed from the Operations Center Context plugin (BEE-31064)::

The Promoted Builds plugin was removed from the CloudBees Assurance Program (CAP). It was previously integrated with the Operations Center Context plugin.

2.375.3.3

Released: February 8, 2023

Kubernetes-client upgrade to 6.x (BEE-28247)::

The Java library used to access Kubernetes, fabric8 Kubernetes-client, has been upgraded from 5.x to 6.x.

This new Java library version enables customers to provide CustomResourceDefinitions (CRDs) to the provisioning lifecycle, even if they are not part of the client Java model.

This update has no impact for customers who do not use the YAML field under Advanced configuration on the controller configuration screen in the Operations center. For customers using the YAML field under Advanced configuration, this update has the following impact:

  • apiVersion on a resource being deserialized is now required. This prevents the unintentional parsing of custom types without a registered class as a built-in type of the same name. Refer to kubernetes-client/MIGRATION-v6.md at main · fabric8io/kubernetes-client for more technical details about this breaking change.

  • If apiVersion is missing, the controller reprovisioning will fail once the operations center is upgraded until the issue is fixed.

For more information about this upgrade, refer to this knowledge base article, The apiVersion on a resource being deserialized is required after upgrading Kubernetes-client 6.x. The article also contains a script that you can run to check for invalid configurations. The configurations listed in the output of this script should be fixed by providing a valid apiVersion.

If you have questions about this upgrade, contact CloudBees Support for assistance.

Older release notes