CloudBees CI release highlights

What’s new in CloudBees CI 2.375.3.5

Watch video

Security fixes

Security vulnerabilities were fixed and backported from Jenkins (BEE-27307)

Refer to CloudBees Security Advisory February 15, 2023 for more information.

Security vulnerabilities were fixed and backported from Jenkins (BEE-27308)

Refer to CloudBees Security Advisory February 15, 2023 for more information.

Security vulnerabilities were fixed and backported from Jenkins (BEE-27309)

Refer to CloudBees Security Advisory February 15, 2023 for more information.

Security vulnerabilities were fixed and backported from Jenkins (BEE-27631)

Refer to CloudBees Security Advisory February 15, 2023 for more information.

Security vulnerabilities were fixed and backported from Jenkins (BEE-29042)

Refer to CloudBees Security Advisory February 15, 2023 for more information.

Security vulnerabilities were fixed and backported from Jenkins (BEE-29267)

Refer to CloudBees Security Advisory February 15, 2023 for more information.

New features

None.

Feature enhancements

None.

Resolved issues

None.

Known issues

Duplicate Pipeline Template Catalogs in the Configuration as Code jenkins.yaml file on each instance restart (BEE-12722)

If a Pipeline Template Catalog is configured in the CasC jenkins.yaml file and the id property is not defined, the catalog is duplicated on each instance restart and in the exported CasC configuration.

Upgrade notes

Java 11 is now required

Beginning with the September release, Java 11 is now required to run CloudBees CI. It is not possible to run the operations center, the controllers, or agents on Java 8 any longer. Java Web Start is no longer supported for inbound agents.

For more information, refer to Migrate to Java 11.

When you upgrade to Java 11, you must update your Java garbage collection arguments (BEE-16018)

Garbage collection has been updated in Java 11. Many of the previously recommended arguments are no longer supported. When you upgrade your JDK to Java 11, you must also update your garbage collection configuration. Using unsupported Java arguments will result in startup failure.

Kubernetes-client upgrade to 6.x (BEE-28247)::

The fabric8 Kubernetes-client has been upgraded from 5.x to 6.x. When configuring a managed controller and using the advanced YAML field; it is now possible to add additional entries such as CustomResourceDefinitions (CRDs) for which the Kubernetes-client has no model. They are now passed as is to the underlying Kubernetes API server.

NOTE: When declaring custom YAML snippets in a controller, apiVersion is now required by the Kubernetes-client library. Additional validation has been added to the UI component to validate that use case.

If the apiVersion is missing, the controller reprovisioning will fail when the operations center is upgraded. For more information on this topic, refer to this knowledge base article, The apiVersion on a resource being deserialized is required after upgrading Kubernetes-client 6.x. This article contains a script you can run to check for invalid configurations. The configurations listed in the output of this script need to be fixed by providing a valid apiVersion.

Contact CloudBees Support for any further questions.

Plugin Removal from the CloudBees Assurance Program (CAP) (BEE-9215)

CloudBees has removed the following plugins from the CloudBees Assurance Program (CAP):

  • Bootstrap 4 API

  • CloudBees Long-Running Build

  • Deployer Framework

  • Deployed on Column

  • JavaScript GUI Lib: Momentjs Bundle

This announcement allows CloudBees to focus on driving new technology and product innovation, as well as maintaining existing products that are actively used by customers.

If you installed any of these plugins using a Configuration as Code bundle via the plugins.yaml file, you must include them in the plugin catalog to continue using them. Refer to Installing non-CAP plugins with plugin catalogs.

For more information regarding this end-of-life announcement, please contact your Customer Success Manager.

Migration to Jakarta Mail (BEE-22565)

The CloudBees Nodes Plus plugin and the Operations Center Server plugin were updated to use jakarta.mail instead of javax.mail. This migration may break existing scripts that relied upon javax.mail. You may need to recreate any broken scripts.