CloudBees CI release notes

CloudBees CI is a fully-featured, cloud native flexible, scalable CI/CD solution that can be hosted on-premise or in the public cloud. It provides a shared, centrally managed, self-service experience for all your development teams.

Please refer to maintenance lifecycle policy to learn which versions of CloudBees CI are currently supported as well as the supported platforms page for the product to learn which platforms are supported.

If you skip versions when you upgrade, refer to previous versions of the release notes for any relevant known issues or upgrade notes. The CloudBees supported platforms and CloudBees maintenance lifecycle policies pages contain additional information about what is supported in this release.

Latest 2.462.3.3 Security release

Released: October 2, 2024

Apache Tomcat support (BEE-52077)

Upgrade to Apache Tomcat 10 required

The CloudBees CI 2.462.3.3 release for traditional platforms is the last release to support running CloudBees CI in Apache Tomcat 9. You must upgrade to Apache Tomcat 10 before the next CloudBees CI release. Please contact CloudBees Support if you have any concerns or questions.

End of support to run CloudBees CI in Apache Tomcat

If you run CloudBees CI in Apache Tomcat, it was deprecated and CloudBees CI’s support ends after October 2025. An Administrative Monitor was added to advise customers on how to migrate from Tomcat to a CloudBees Linux package. For more information about the migration, refer to Migrate CloudBees CI on traditional platforms from Tomcat to a CloudBees Linux package. Please contact CloudBees Support if you have any concerns or questions.

End of support for Java 11 (BEE-52029)

As of the CloudBees CI 2.462.3.3 release, this is the last release to support Java 11. In the next CloudBees CI release, Java 11 will not be supported. For information on how to migrate from Java 11 to Java 17, refer to Migrate to Java 17. Please contact CloudBees Support if you have any concerns or questions.

Incorrect storage class name on the controller provisioning screen (BEE-51616)

When changing the value of the storage class name using Configuration as Code bundles, the incorrect value of the storage class name is shown on the controller provisioning screen.

When using Configuration as Code to provision controllers, every controller item in the bundle may need to be updated by specifying the storageClassName attribute for each clusterEndpoints and kubernetes objects. For example:

masterprovisioning: kubernetes: storageClassName: "nfs" clusterEndpoints: - id: ... jenkinsUrl: ... name: ... storageClassName: "nfs"
Deprecate the jenkins-agent ConfigMap (BEE-1436)

If you have pod templates that leverage the jenkins-agent ConfigMap, you need to migrate its configuration to the new idiom provided by the Kubernetes plugin. * Check "Inject Jenkins agent in agent container" or add agentInjection: true to the pod template step, or agentInjection true in the declarative pipelines. * Remove volume mounting in the jenkins-agent ConfigMap, and the associated command (the new option injects the required command and arguments automatically). The jenkins-agent ConfigMap will be removed from the Helm chart in late 2025.

2.462.2.2

Released: September 4, 2024

Switch CloudBees container images to distroless distribution of UBI (BEE-49602)

To increase our security posture, we now use the distroless variant of Red Hat UBI to reduce the attack surface of our container images.

If you build a derivative container image based on the one that CloudBees provides, it is an incompatible change, and you will need to update it as our images no longer contain a package manager. This is the case for the operations center, the managed controller images, and also agent images.

If you use agent images, tools like which, vi, are no longer available. You can use the shell builtin command -v as an alternative to which. If you need additional tools for interactive agent debugging, consider using Kubernetes debug containers .

The following Dockerfile example displays an image extension that adds a new system package.

FROM cloudbees/core-mm AS base FROM registry.access.redhat.com/ubi8 AS build COPY --from=base / /cbroot RUN dnf update -y && \ dnf install --installroot /cbroot -y --setopt=install_weak_deps=False <my-extra-package> && \ dnf clean --installroot /cbroot all FROM base COPY --from=build /cbroot/ .

2.440.1.3

Released: February 21, 2024

DevOptics Plugin Incompatibilities with Java 17 (BEE-46482)

If you are actively using devoptics, you must:

  • Not upgrade the devoptics plugin to version 2.0

  • Not upgrade CloudBees CI Modern, to 2.440.1.3

  • Not update the JVM to Java 17 if you use CloudBees CI Traditional

If you are not actively using devoptics, but have it installed:

  • Upgrade to version 2.0 to remove the incompatibility before upgrading CloudBees CI Modern or the JVM for CloudBees CI Traditional or

  • Uninstall the plugin

Introduction of a concrete type for controller exposure (BEE-44367)

Prior to this update, the operations center would dynamically change the behavior of exposing a controller based on a runtime lookup to detect if the underlying Kubernetes infrastructure was OpenShift or not. However, this dynamic check could lead to the creation of an Ingress object for a controller rather than a Route.

After this update, the type needs to be set when configuring the Kubernetes endpoint. Existing configuration will migrate to auto detect but attempts will be made to replace it with the correct type.

Configuration as Code bundles now need to be updated to specify the concrete type of service exposure method and for Ingress types such as ingressClass and IngressAnnotations to be on the ContainerMasterProvisioningDescriptor.

Example 1. View OpenShift CasC snippet:
masterprovisioning: kubernetes: clusterEndpoints: - id: "myEndpoint" name: "openshift"

becomes:

masterprovisioning: kubernetes: clusterEndpoints: - id: "myEndpoint" name: "openshift" serviceExposure: "openShiftRoute"
Example 2. View Generic Kubernetes CasC snippet:
masterprovisioning: kubernetes: clusterEndpoints: - id: "myEndpoint" ingressAnnotations: |- key1: value1 key2: value2 ingressClass: "myingressclass" name: "kubernetes"

becomes:

masterprovisioning: kubernetes: clusterEndpoints: - id: "myEndpoint" name: "kubernetes" serviceExposure: ingress: ingressAnnotations: |- key1: value1 key2: value2 ingressClass: "myingressclass"

2.426.2.2 Security release

Released: December 13, 2023

Removal of Unnecessary 'daemonize' Dependency in CI Traditional RPMs (BEE-23166)

Removal of unnecessary 'daemonize' dependency in the CloudBees CI traditional RPM.

We have removed the 'daemonize' package dependency from CloudBees CI traditional RPMs for both the Operations center and Controller, as it was not required in most scenarios. This change simplifies installation and upgrades, particularly in environments where access to the Extra Packages for Enterprise Linux (EPEL) repository is restricted.

2.414.3.7 Security release

Released: October 18, 2023

Controllers fail to start due to plugins moved from the plugin catalog to the CloudBees Assurance Program (CAP)

With the 2.414.3.7 release, the following plugins were added to CAP:

  • GitLab API (gitlab-api)

  • GitLab Branch Source (gitlab-branch-source)

  • Pipeline Maven Integration (pipeline-maven)

  • Pipeline Maven API (pipeline-maven-api)

If your CasC bundle has any of these plugins in the plugin catalog, they must be removed. Otherwise, your bundle becomes invalid and will not start.

With the 2.414.3.7 release, the following plugin was removed from CAP:

  • Maven Integration (maven-plugin)

If this plugin is already installed, it will continue to be installed. If you wish to install this plugin through CasC from the October release onward, it must be included in the CasC bundle’s plugin catalog and in the plugins.yaml file.

YAML section in Pod Template not recognized

Starting with Kubernetes plugin (version 4029.v5712230ccb_f8) the YAML parsing library was updated to snakeyaml-engine:2.5 which implements YAML specification 1.2.2. In this specification, the YAML merge operator (<<) was removed. Therefore, any usage of the merge operator in pod definitions needs to be removed.

An example of a pod definition using YAML anchors and aliases instead of the merge operator:

apiVersion: v1 kind: Pod spec: containers: - name: maven image: 3.9.4-eclipse-temurin-11 resources: requests: &maven-container-resources cpu: 1500m memory: 3500Mi limits: *maven-container-resources command: - sleep args: - infinity

An example of the result of YAML specification 1.2.2 on a pod definition using anchors and aliases instead of the merge operator:

apiVersion: v1 kind: Pod spec: containers: - name: maven image: 3.9.4-eclipse-temurin-11 resources: requests: cpu: 1500m memory: 3500Mi limits: cpu: 1500m memory: 3500Mi command: - sleep args: - infinity

For more information, refer to YAML version 1.2.

Older release notes