CloudBees CI on modern cloud platforms

Rolling release: 2019-07-03

Based on Jenkins LTS 2.176.1-cb-3

Resolved issues

Updated Kubernetes plugin dependencies (CPLT2-5564)

Updated kube agent management plugin from 1.1.8 to 1.1.9 and Kubernetes plugin from 1.14.9 to 1.15.4.

Updated Base Docker Images for Alpine Java (CPLT2-5662)

Updated the Java version in the Alpine base images from 8u201 to 8u212.

Removed reference to private images in Kubernetes (CPLT2-4417)

Problem: When attempting to deploy cjoc.yml on Kubernetes the installation would fail

Solution: Removed reference to an imagePullSecret named which we used to pull private images for internal builds.

Always reject System.exit (NGPIPELINE-341)

System.exit(int) and similar methods could still be approved in Script Approval, but there’s never a good reason for them to be usable in Pipeline scripts. These methods are now blocked permanently from all sandboxed Groovy execution in Jenkins.

Git plugin’s mergeStrategy case issue resolved (NGPIPELINE-305)

Uses of the Git plugin’s mergeStrategy option in Pipeline started failing in Git 3.9.0 if the specified value was not uppercase. The value of the mergeStrategy option may now be specified in any case in a Pipeline.

Git plugin fetch issue resolved (NGPIPELINE-16)

The git plugin fetched to the local cache before checking remote references for updates causing MissingObjectException if references got updated between these operations. The problem is more notable on large repositories where the fetch operation can take a long time. The fix changes the order of the operations making the issue less likely to occur since listing references is fairly quick.

Script security rejection issue resolved (NGPIPELINE-14)

Certain sandboxed Groovy script idioms, including but not limited to Pipeline, could result in a build failure with a RejectedAccessException without Jenkins offering the corresponding signature as a pending approval. Script Security rejections will now be reported properly in all contexts.

Password updates issues resolved (JENSEC-414)

When users of the EC2, docker-commons, and SSH credentials plugins updated passwords, the original passwords were not hidden nor were previous values encrypted. With this fix, when users of the EC2, docker-commons, and SSH credentials plugins update passwords, the original passwords are hidden and previous values encrypted.

Known issues

Pipeline stages, parallels, and step incorrectly marked unstable

When there is a build with an unstable stage, parallel, or step, all the stages, parallels, and steps are incorrectly marked as unstable instead of just the unstable one that caused the Pipeline to be unstable. This is a known issue in the pipeline-graph-analysis plugin.


Revision 3 (2019-07-11)

Plugin updates

Revision 2 (2019-07-08)

Plugin updates