CloudBees CI release highlights
What’s new in CloudBees CI 2.332.1.5
- Require Kubernetes 1.19 or later (BEE-1208)
The minimum version of Kubernetes required to run CloudBees CI on modern cloud platforms is now 1.19. Support for older versions of Kubernetes has been dropped. Refer to the Supported platforms for CloudBees CI on modern cloud platforms for more information.
- Duplicate Pipeline Template Catalogs in the Configuration as Code (CasC) for Controllers jenkins.yaml file on each instance restart (BEE-12722)
If a Pipeline Template Catalog is configured in the CasC
jenkins.yamlfile and the
idproperty is not defined, the catalog is duplicated on each instance restart and in the exported CasC configuration.
- Migration to Java 11 will soon be required for new releases (BEE-42)
The Jenkins community will begin supporting Java 11-specific features soon (Java 11 byte code), at which point it will no longer be possible to use a Java 8 runtime environment. Because CloudBees CI on modern cloud platforms is based on the Jenkins LTS, future releases of CloudBees CI on modern cloud platforms will have the same requirement.
CloudBees strongly recommends upgrading your CloudBees CI on modern cloud platforms environment to run Java 11 as soon as possible. Some of the Java 11 updates may require action on your part, and there may be a specific order in which you should upgrade components in your environment. For more information, refer to Migrating to Java 11.
- Updated minimum Jenkins version to LTS 2.332.1 (BEE-10651)
The minimum required Jenkins version was updated to the latest LTS, version 2.332.1.
- When upgrading to Java 11, you must update your Java garbage collection arguments (BEE-16018)
Garbage collection has been updated in Java 11. Many of the previously recommended arguments are no longer supported. When you upgrade your JDK to Java 11, you must also update your garbage collection configuration. Using unsupported Java arguments will result in startup failure.
For more information, refer to Adding Java arguments to the Jenkins service configuration file.
- Jenkins agent-to-controller security changes affect several plugins
Jenkins 2.326 removes the ability to disable or customize the agent-to-controller-security system. The following plugins are known to be affected by this change:
Code Coverage API Plugin
Log Parser Plugin
Maven Integration Plugin
After upgrading to Jenkins 2.326, you must update these plugins.
Other plugins may be affected as well. Refer to Agent → Controller Security Changes in 2.326 for more information.
- Matrix Authorization Strategy plugin version 3.0 upgrade
Version 3.0 of the Matrix Authorization Strategy plugin extends the formats for permission assignments both internally and when used with the Job DSL and Configuration as Code plugins. With the upgrade to version 3.0, all past permission assignments are now considered ambiguous. While existing configurations can still be read, if the permission assignment configurations contain ambiguous entries, warnings will appear in the UI and in logs.
Downgrading to an earlier release of the plugin may cause problems once you have used version 3.0 or later to assign new permissions or migrate existing permission assignments. Earlier releases will not be able to load the updated, version 3.0 permission assignments.
Further, the Matrix Authorization Strategy plugin’s APIs have changed significantly. While some compatibility is retained, other plugins that depend on the Matrix Authorization Strategy plugin will likely need to be adapted to the changes, or they may behave in unexpected ways.
If you use any plugins that have a dependency on the Matrix Authorization Strategy plugin, you should make sure they are compatible with version 3.0 before you upgrade. For example, the Role-based Authorization Strategy plugin has been reported to be incompatible with version 3.0.
Customers that use the CloudBees Role-Based Access Control Plugin for authorization are not affected by this change in behavior.
If you configured the Matrix Authorization Strategy plugin’s job level permissions using the Job DSL plugin’s special syntax (
authorizationtop-level element), you will not be able to assign unambiguous permissions in current releases of the Job DSL plugin, version 1.78.3 and earlier. Instead, you should use the syntax documented here using the
authorizationMatrixchild of the