CloudBees CI on modern cloud platforms 2.361.1.2

The project Item Configuration page is undergoing a redesign in Jenkins core. The redesign replaces the tabs on the page and adds a sidebar for quick navigation to the configure project pages. The Item Configuration page redesign provides several enhancements:

Updated plugin dependencies to ensure continued compatibility with the ecosystem.

Migrated CloudBees Nodes Plus plugin to use jakarta.mail instead of javax.mail.

Migrated the Operations Center Server plugin to use jakarta.mail instead of javax.mail.

The Instance Identity plugin was moved from Jenkins core to a plugin. Plugins using instance-identity are now required to add it as a plugin dependency.

Updated plugin dependencies to ensure continued compatibility with the ecosystem.

Updated plugin dependencies to ensure continued compatibility with the ecosystem.

When an inbound TCP agent momentarily disconnected and then automatically reconnected, an issue caused the controller to recognize the new channel connection after the disconnection. As a result, the channel ID was removed from the CloudChannelRegistry, and the agent could no longer be disabled using the UI.

The existing design suffered from scaling issues, leaving idle threads behind.

When using the container step, the build would fail sporadically with the message io.fabric8.kubernetes.client.KubernetesClientException: not ready after 5000 MILLISECONDS.

When you attempt to deploy sidecar injector in Kubernetes environments that use pre-releases, the deployment fails with the message chart requires kubeVersion: >= 1.21.0 which is incompatible with Kubernetes <version>. The issue typically affects cloud-managed Kubernetes environments such as EKS, GKE, or AKS.

A large number of HTTP connections were opened for watching Kubernetes events. This lead to performance issues when an environment had a large number of controllers.

When you used the Test Connection button to validate Azure Blob Storage from a backup step within a cluster operations job, it caused an error.

Removed the forked PingThread from operations center in favor of using the standard PingThread from Jenkins OSS instead.

This release has the fix to a known memory leak: Memory leak caused by regression in C2 JIT Compiler in Java 11.0.16.

The SSHD plugin fails to load in Jenkins LTS version 2.361.x because the Mina SSHD API : Common Plugin and Mina SSHD API : Core Plugin dependencies were not available.

The Shared Libraries cache is now thread safe.

The LDAP plugin now sends authenticated events to SecurityListeners.

The choice parameter is now fully imported and includes a list of possible values.

To protect from the null collection of records, the log from the controllers is merged.

When the property of an item that is defined in the items.yaml file is an array instead of a collection, the item cannot be imported.

The choice parameter can now be configured using CasC.

Only supported items are now exported from all of the item’s hierarchy.

Loading items fails when they expect Secret/SecretBytes properties. For example, this prevents the loading of Secret Text and Secret File folder credentials, and password parameters.

Only one administrative monitor now appears, showing the last error (if any), or no monitor appears if the checkout is successful.

The download attribute is no longer generated for the hyperlink and the downloaded file name is now automatically generated by the browser.

A deactivated bundle source is now displayed as "CasC bundle source xxx is deactivated” in the Load remote CasC bundles action.

Previously, the effective bundle view only displayed the first two levels of any CasC bundles that contained multiple sub-folders. Any sub-folders below the second level did not display. Additionally, if you tried to download the bundle as a .zip file, the full bundle was not properly exported. The links to view, copy, and download individual files did not work.

Non-administrators were not able to validate the Backup Step configuration within a cluster operations job; the Credentials dropdown list was empty, and the Test Connection button did not function properly.

CloudBees is addressing all icon compatibility and inconsistency issues with the Jenkins LTS 2.346 upgrade.

If you used an RPM to upgrade the product while using Java 8, the Jenkins logs were not appended to the following configured service log by default: /var/log/cloudbees-core-[cm|oc]/cloudbees-core-[cm|oc].log.

Beginning with the September release, Java 11 is now required to run CloudBees CI. It is not possible to run the operations center, the controllers, or agents on Java 8 any longer. Java Web Start is no longer supported for inbound agents.

Garbage collection has been updated in Java 11. Many of the previously recommended arguments are no longer supported. When you upgrade your JDK to Java 11, you must also update your garbage collection configuration. Using unsupported Java arguments will result in startup failure.

After assessing the viability of our supported plugins, CloudBees will no longer support the following plugins:

The CloudBees Nodes Plus plugin and the Operations Center Server plugin were updated to use jakarta.mail instead of javax.mail. This migration may break existing scripts that relied upon javax.mail. You may need to recreate any broken scripts.

As a follow up of a security fix from Jenkins Security Advisory 2022-07-27, the Git Client plugin now has SSH host key verification enabled by default using the Known Hosts file strategy. Any git / checkout step that use the SSH protocol now performs strict host key verification based on the ~/ssh/known_hosts file in its environment. Impacted builds fail to check out the code and show the following error:

stderr: No <key_format> host key is known for <hostname> and you have requested strict checking.
▼

Jenkins 2.361 upgrade notes