CloudBees CI release notes

CloudBees CI is a fully-featured, cloud native CD solution that can be hosted on-premise or in the public cloud. It provides a shared, centrally managed, self-service experience for all your development teams.

Please refer to Maintenance lifecycle policy to learn which versions of CloudBees CI are currently supported as well as the Supported platforms page for the product to learn which platforms are supported.

2.303.2.3 Security release

Released: 2021-10-06

Do not upgrade to this version if either of the following conditions apply to your CloudBees CI or CloudBees Jenkins Platform installation:
  • You use RPM to upgrade your installation, or

  • You use the the trusted folder feature of the CloudBees Folders Plus plugin

CloudBees CI and CloudBees Jenkins Platform version 2.303.2.3 have been released with CloudBees Folders Plus plugin version 3.18, which has an issue that could prevent the instances from starting. Additionally, the RPM install package was not correctly configured. If you used it to upgrade, it could cause the operations center and client controllers to start as a new instance.

Please use version 2.303.2.5 instead of 2.303.2.3.

2.289.3.2 Security release 1 revision

Released: 2021-07-28

Removal of Apache Commons Digester from Jenkins Core

CloudBees recommends that you start to prepare for the August release of Jenkins LTS as soon as possible. The August release will include a change that removes the Apache Commons Digester from Jenkins Core. If you use Jenkins LTS plugins that are not in the CloudBees Assurance Program (CAP), you should update them before upgrading your CloudBees products to ensure compatibility with the August release. If your company uses its own proprietary (non-CloudBees) plugins, CloudBees recommends that you test them against Jenkins version 2.302+ prior to the August release. As always, backing up your data before upgrading is strongly encouraged. For details about this change and a list of impacted plugins, please see our knowledge base article Commons Digester Library Removal.

2.289.2.2 Security release

Issues with RPM installation for CloudBees CI on traditional platforms customers with custom users - Latest update: 2021-07-09

The RPM-based installation for version 2.289.2.2 is failing for some CloudBees CI on traditional platforms customers with custom users. You may receive the following error:

main process exited, code=exited, status=6/NOTCONFIGURED

This issue has been resolved in version 2.289.2.3. CloudBees recommends that you install version 2.289.2.3 instead of version 2.289.2.2 to avoid potential issues.

If you attempted to upgrade to version 2.289.2.2 and encountered issues, refer to this knowledge base article or contact CloudBees Support.

Remove the jquery and jquery-detached plugins from your CloudBees CI instance

The jquery and jquery-detached plugins have been removed from all CloudBees Jenkins-based products and are no longer part of CloudBees Assurance Program. However, these plugins are not automatically uninstalled from your CloudBees CI instance as other plugins you use may still have dependencies on them. Please ensure that your CloudBees CI instance does not have any dependencies on these plugins, and then remove them. For instructions on how to check for dependencies in a particular plugin, refer to How to determine if a plugin is in use.

Released: 2021-06-30

v2.289.1.2 Security release

Exception occurs in Jetty client on CloudBees CI on traditional platforms when long files are read using SSL

When large HTTP requests are submitted while the built-in Winstone/Jetty container is configured to use SSL/TLS connections, the following exception can occur:

Encrypted buffer max length exceeded

This exception could prevent you from configuring controllers.

This issue is resolved in versions 2.277.4.4 and 2.289.2.2. If you encounter this error, you should upgrade to one of those versions as soon as possible.

Remove the jquery and jquery-detached plugins from your CloudBees CI instance

The jquery and jquery-detached plugins have been removed from all CloudBees Jenkins-based products and are no longer part of CloudBees Assurance Program. However, these plugins are not automatically uninstalled from your CloudBees CI instance as other plugins you use may still have dependencies on them. Please ensure that your CloudBees CI instance does not have any dependencies on these plugins, and then remove them. For instructions on how to check for dependencies in a particular plugin, refer to How to determine if a plugin is in use.

Released: 2021-06-02

v2.277.4.4

Remove the jquery and jquery-detached plugins from your CloudBees CI instance

The jquery and jquery-detached plugins have been removed from all CloudBees Jenkins-based products and are no longer part of CloudBees Assurance Program. However, these plugins are not automatically uninstalled from your CloudBees CI instance as other plugins you use may still have dependencies on them. Please ensure that your CloudBees CI instance does not have any dependencies on these plugins, and then remove them. For instructions on how to check for dependencies in a particular plugin, refer to How to determine if a plugin is in use.

Released: 2021-07-02

v2.277.4.3 Security release

Exception occurs in Jetty client on CloudBees CI on traditional platforms when long files are read using SSL

When large HTTP requests are submitted while the built-in Winstone/Jetty container is configured to use SSL/TLS connections, the following exception can occur:

Encrypted buffer max length exceeded

This exception could prevent you from configuring controllers.

This issue is resolved in versions 2.277.4.4 and 2.289.2.2. If you encounter this error, you should upgrade to one of those versions as soon as possible.

Remove the jquery and jquery-detached plugins from your CloudBees CI instance

The jquery and jquery-detached plugins have been removed from all CloudBees Jenkins-based products and are no longer part of CloudBees Assurance Program. However, these plugins are not automatically uninstalled from your CloudBees CI instance as other plugins you use may still have dependencies on them. Please ensure that your CloudBees CI instance does not have any dependencies on these plugins, and then remove them. For instructions on how to check for dependencies in a particular plugin, refer to How to determine if a plugin is in use.

Released: 2021-05-11

v2.277.4.2 Security release

Remove the jquery and jquery-detached plugins from your CloudBees CI instance

The jquery and jquery-detached plugins have been removed from all CloudBees Jenkins-based products and are no longer part of CloudBees Assurance Program. However, these plugins are not automatically uninstalled from your CloudBees CI instance as other plugins you use may still have dependencies on them. Please ensure that your CloudBees CI instance does not have any dependencies on these plugins, and then remove them. For instructions on how to check for dependencies in a particular plugin, refer to How to determine if a plugin is in use.

Released: 2021-05-05

v2.277.3.1

Released: 2021-04-20 Security release 2 revisions

Remove the jquery and jquery-detached plugins from your CloudBees Jenkins Platform instance

The jquery and jquery-detached plugins have been removed from all CloudBees Jenkins-based products and are no longer part of CloudBees Assurance Program. However, these plugins are not automatically uninstalled from your CloudBees Jenkins Platform instance as other plugins you use may still have dependencies on them. Please ensure that your CloudBees Jenkins Platform instance does not have any dependencies on these plugins, and then remove them. For instructions on how to check for dependencies in a particular plugin, refer to How to determine if a plugin is in use.

v2.277.2.3

Upgrading the CloudBees CasC API plugin

Issue

The CloudBees CasC API plugin has been promoted to the CloudBees Assurance Program (CAP). If you have previously modified the plugin-catalog.yaml file to include the CasC API plugin, when you upgrade, your controller(s) will not start properly and you may receive exceptions.

Workaround

You must edit the plugin-catalog.yaml file to remove the CasC plugin and version string: cloudbees-casc-api: {version: X.X}, where X.X represents the version of the CasC plugin. For more information, see Updating a plugin catalog on operations center.

Remove the jquery and jquery-detached plugins from your CloudBees Jenkins Platform instance

The jquery and jquery-detached plugins have been removed from all CloudBees Jenkins-based products and are no longer part of CloudBees Assurance Program. However, these plugins are not automatically uninstalled from your CloudBees Jenkins Platform instance as other plugins you use may still have dependencies on them. Please ensure that your CloudBees Jenkins Platform instance does not have any dependencies on these plugins, and then remove them. For instructions on how to check for dependencies in a particular plugin, refer to How to determine if a plugin is in use.

Released: 2021-04-07 Security release 1 revision

v2.277.1.2

The setup wizard shows after updating an instance to 2.777.1.x

Issue

After updating an instance, the setup wizard is displayed.

Jenkins 2.277.1 removes the Upgrade Wizard that was no longer operational after Jenkins 2.0. This caused a regression for instances created before 2.4/2.7.1 LTS.

At the time of this writing, no fix is available for this issue.

Workaround

See the Jenkins upgrade guide for a workaround for this issue. On subsequent restarts, the setup wizard will no longer appear.

Important updates in the March release

The March release includes important updates. If you use Jenkins LTS plugins that are not in the CloudBees Assurance Program (CAP), you should update them before upgrading your CloudBees products to ensure compatibility with the March release. If your company uses its own proprietary (non-CloudBees) plugins, CloudBees recommends that you test them against Jenkins version 2.277.1 prior to updating your CloudBees products. And, as always, backing up your data before upgrading is strongly encouraged.

For details about changes in the March Jenkins LTS release, see:

Remove the jquery and jquery-detached plugins from your CloudBees Jenkins Platform instance

The jquery and jquery-detached plugins have been removed from all CloudBees Jenkins-based products and are no longer part of CloudBees Assurance Program. However, these plugins are not automatically uninstalled from your CloudBees Jenkins Platform instance as other plugins you use may still have dependencies on them. Please ensure that your CloudBees Jenkins Platform instance does not have any dependencies on these plugins, and then remove them. For instructions on how to check for dependencies in a particular plugin, refer to How to determine if a plugin is in use.

Released: 2021-03-11 Security release 2 revisions

v2.263.4.1

Released: 2021-02-11 Security release 1 revision

v2.263.2.3

User-created content regressions

Version 2.263.2.3 fixes some critical regressions found in version 2.263.2.2 of the following products:

  • CloudBees CI

  • CloudBees Jenkins Distribution

  • CloudBees Jenkins Platform

  • CloudBees Jenkins Enterprise

Potential issues include:

  • If you use external artifact storage, it is not possible to download entire directories of archived artifacts as Zip files.

  • Zip files containing directories of workspaces, archived artifacts, and similar user-created content are missing top-level directories.

  • File handles are not closed directly whenever individual files are downloaded from workspaces, archived artifacts, and other user-created content. This could result in Jenkins running out of file handles.

CloudBees recommends that you upgrade to version 2.263.2.3 to prevent potential issues with user-created content.

Released: 2021-01-21 Security release

v2.263.2.2

Regression in CloudBees Plugin Usage Plugin 2.0, 2.2

CloudBees CI versions 2.263.1.2 and 2.263.2.2 have a potential issue involving the CloudBees Plugin Usage Plugin versions 2.0 and 2.2:

This plugin produces the analysis.json file in $JENKINS/pup. On large instances, for example with many jobs, this file can be quite large. At the next restart of the controller, the plugin usage analyzer tries to parse this file and with large files this could take some time and it may block the start-up process of the controller thereby leading to longer startup time.

CloudBees recommends that you upgrade to CloudBees CI version 2.263.4.1 or later, or upgrade the CloudBees Plugin Usage Plugin to version 2.6. If you cannot upgrade to 2.263.4.1, it’s best to disable the CloudBees Plugin Usage Plugin (short name cloudbees-plugin-usage) until then. If Jenkins is not accessible, see Disabling a plugin when Jenkins is down

This issue is only a problem on startup. Another workaround is to remove the file $JENKINS/pup/analysis.json before starting or restarting Jenkins.

Released: 2021-01-13 Security release 1 revision

v2.263.1.2

Regression in CloudBees Plugin Usage Plugin 2.0, 2.2

CloudBees CI versions 2.263.1.2 and 2.263.2.2 have a potential issue involving the CloudBees Plugin Usage Plugin versions 2.0 and 2.2:

This plugin produces the analysis.json file in $JENKINS/pup. On large instances, for example with many jobs, this file can be quite large. At the next restart of the controller, the plugin usage analyzer tries to parse this file and with large files this could take some time and it may block the start-up process of the controller thereby leading to longer startup time.

CloudBees recommends that you upgrade to CloudBees CI version 2.263.4.1 or later, or upgrade the CloudBees Plugin Usage Plugin to version 2.6. If you cannot upgrade to 2.263.4.1, it’s best to disable the CloudBees Plugin Usage Plugin (short name cloudbees-plugin-usage) until then. If Jenkins is not accessible, see Disabling a plugin when Jenkins is down

This issue is only a problem on startup. Another workaround is to remove the file $JENKINS/pup/analysis.json before starting or restarting Jenkins.

Released: 2020-12-03 Security release

v2.249.3.3

Released: 2020-11-19 Security release 1 revision

v2.249.3.2

Critical regression fixes in version 2.249.3.2

Version 2.249.3.2 release fixes some critical regressions found in version 2.249.3.1.

CloudBees CI on modern cloud platforms, CloudBees CI on traditional platforms Installing version 2.249.3.2 is required to avoid these issues.

CloudBees Jenkins Enterprise CloudBees Jenkins Enterprise 1.x customers need to download and install using the 1.11.39 installer, which will bundle the corresponding operations center/Managed Master versions.

CloudBees Jenkins Platform CloudBees Jenkins Platform operations center and CloudBees Jenkins Platform Client Master (2.x.y.z) must be upgraded to version 2.249.3.2. CloudBees Jenkins Platform operations center and CloudBees Jenkins Platform Client Master (2.222.x.0.z) must be upgraded to version 2.222.42.0.1-rev6. CloudBees Jenkins Platform operations center and CloudBees Jenkins Platform Client Master (2.190.x.0.z) must be upgraded to version 2.190.33.0.2-rev6.

CloudBees Jenkins Distribution No updates necessary.

Released: 2020-11-12 Security release

v2.249.3.1

Critical regression fixes in version 2.249.3.2

Version 2.249.3.2 release fixes some critical regressions found in version 2.249.3.1.

CloudBees CI on modern cloud platforms, CloudBees CI on traditional platforms Installing version 2.249.3.2 is required to avoid these issues.

CloudBees Jenkins Enterprise CloudBees Jenkins Enterprise 1.x customers need to download and install using the 1.11.39 installer, which will bundle the corresponding operations center/Managed Master versions.

CloudBees Jenkins Platform CloudBees Jenkins Platform operations center and CloudBees Jenkins Platform Client Master (2.x.y.z) must be upgraded to version 2.249.3.2. CloudBees Jenkins Platform operations center and CloudBees Jenkins Platform Client Master (2.222.x.0.z) must be upgraded to version 2.222.42.0.1-rev6. CloudBees Jenkins Platform operations center and CloudBees Jenkins Platform Client Master (2.190.x.0.z) must be upgraded to version 2.190.33.0.2-rev6.

CloudBees Jenkins Distribution No updates necessary.

Released: 2020-11-04 Security release 1 revision

v2.249.1.2

Released: 2020-09-09 Security release 2 revisions

v2.222.4.3

Released: 2020-05-26 Security release 2 revisions

v2.222.2.1

Released: 2020-04-27 Security release 1 revision

v2.222.1.1

Released: 2020-03-25 Security release 1 revision

v2.204.3.7

Released: 2020-03-06 Security release 2 revisions

v2.204.2.2

Released: 2020-01-29 Security release 1 revision

v2.204.1.3

Released: 2019-12-19 Security release 2 revisions

v2.190.3.2

Released: 2019-11-21 Security release 1 revision

v2.176.4.3

Released: 2019-09-25 Security release 1 revision

v2.176.3.2

Released: 2019-08-28 Security release 1 revision

v2.176.2.3

Released: 2019-07-17 Security release 1 revision

v2.164.3.2

Released: 2019-05-08 Security release 4 revisions

v2.164.2.1

Released: 2019-04-10 Security release 2 revisions

v2.164.1.2

Released: 2019-03-19 Security release 2 revisions

v2.150.3.2

Released: 2019-02-07 Security release 4 revisions