Feature Enhancements
- High Availability (HA) Feature Enhancements
-
-
The High Availability (HA) footer changes appearance when in developer mode
Jenkins changed the footer design to include buttons instead of a solid banner. The High Availability (HA) footer (that appears in development mode) displays as a colored button and when you click on it, takes you to the CloudBees CI High Availability page.
-
An administrative monitor is displayed if dashboard-view is installed when running High Availability (HA)
Dashboard-view is not compatible with High Availability (HA) as the data displayed on the dashboard about builds/jobs is not accurate. Builds/jobs completed on other replicas are not shown. This plugin is not supported in HA mode, so an administrative monitor is displayed if dashboard-view is installed when running HA.
-
Warn users if the current replica is outdated
When performing a rolling upgrade of a High Availability (HA) controller (typically on Kubernetes though potentially on traditional), it is recommended that you do not make configuration changes when the browser’s sticky session is still on the old replica; wait until the upgrade is complete and you are viewing a new replica. A warning message now appears on the controller’s page footer. If you click on it, it brings you to the HA management page that displays a list of all the replicas and their versions.
-
- CloudBees Pipeline Explorer Search Experience
-
-
The overall log index size and/or the filtered log index size is now displayed to help determine how the search performs.
-
Added a search timeout limit of one minute to the CloudBees Pipeline Explorer.
-
Controller administrators can now define a maximum file size for searching. If a search is attempted on a log/filter that is too large, the search is blocked.
-
- CloudBees Pipeline Explorer Enhancements
-
The following enhancements have been made to the CloudBees Pipeline Explorer:
-
The expand icon now opens in the same tab by default, improving the user experience.
-
Added many minor UI improvements including the icon, component, and alignment improvements.
-
The message that is displayed when there are no search results has been updated.
-
Added a minimum size functionality to the drawer in the CloudBees Pipeline Explorer so it cannot be resized smaller than the minimum size.
-
When a build is in progress, you can hover over the progress bar to display the estimated time (rounded) that remains.
-
Improved compatibility with HA/HS when saving preferences so that it persists across replicas.
-
- Configuration as Code Feature Enhancements
-
-
A new endpoint and CLI command now provides a JSON object containing the whole list of validations, along with additional details regarding each validation.
-
Include the bundle version to the
casc-bundle/check-out
API and thecasc-check-out-bundles
command. -
The single threaded retriever timeout is now configurable.
-
Logfiles from the CasC bundle retriever init-container and sidecar can now be included with support bundles.
-
- Improved Cloud Management User Experience
-
The cloud management page has been separated into the following pages:
-
Extract pod templates from each cloud into its own pod templates tab
-
Create a new screen to list pod templates for a cloud
-
Management of one pod template at a time on a single pod template edit screen
-
Update the left navigation pane for cloud management to include new pages
-
- Update the Pod template list and edit pod templates one at a time
-
You can now select a pod template to edit or delete on the Pod template list. Within the edit screen, the fields to edit are the current existing fields for pod templates. The user can edit only one template at a time.
- HashiCorp Vault integration: Support for Custom AppRole Paths in Authentication Configuration
-
Introduced an enhancement that allows users to specify custom paths while creating an AppRole in the authentication process. If no path is provided, it will resort to the current default behavior.
- New endpoint to gather bundle retriever configuration
-
The old status endpoint can now be accessed without authentication, as it acts as a health status endpoint (gives information about an instance being up and connected to CloudBees CI).
The new secured configuration endpoint provides all the configuration properties the bundle retriever is running with.
Resolved Issues
- High Availability (HA) Resolved Issues
-
-
Make script security plugin behave properly in an HA/HS environment
When running CloudBees CI in High Availability (HA) mode, the approved signatures and scripts were synced properly between different replicas, but this was not actually applied to the running build, leading to inconsistent results. This issue is now resolved, and the behavior is consistent with the current script approval configuration on all replicas.
-
Queue size per the High Availability (HA) replica may be incorrect
The reported queue size per High Availability (HA) replica may be too high or too low if some operations failed. This issue has been resolved.
-
Print the High Availability (HA) owner of the outbound agent immediately
When a High Availability (HA) controller replica launches an outbound agent, it should be recorded in the agent log immediately, instead of waiting when the connection is established.
-
The High Availability (HA) administrative monitor incorrectly warned about new remoting versions
The open-source remoting (
agent.jar
) versions that begin with 3180 are compatible with CloudBees CI active/active High Availability (HA), so it is not required to use a CloudBees-specific version going forward. -
Jenkins CLI authentication with username and password failed after 2.401.1.3
Restored ability to use username/password authentication with Jenkins CLI on a connected controller when the operations center single sign on is in use. It is still recommended to create an API token on operations center instead.
-
Verbose log output about RBAC migration during clean startup
The initial startups of the operations center or controller print a long series of messages about migration of RBAC settings, when there were no RBAC settings to migrate (but the flag noting that migration had been considered and completed was not yet present). Now, these messages are suppressed, and logging is limited to cases where settings actually were migrated (when starting for the first time after an upgrade from a version dating to 2020) or another error occurred.
-
Error during rolling upgrade of the High Availability (HA) controller
If you upgrade a High Availability (HA) controller from the October to the November release, an error related to a newly defined type may prevent new replicas from starting.
-
- Multiple builds run on the High Availability (HA) controller due to duplicated webhooks
-
If multiple deliveries of a single GitHub webhook were made to a single High Availability (HA) controller, an event such as push may result in more than one build (on different replicas). Now, GitHub webhooks are automatically deduplicated by the managed controller hibernation monitor (if that is configured as the endpoint), to prevent redundant builds. The same deduplication can also reduce overhead for non-High Availability (HA) controllers.
- Configuration as Code Resolved Issues
-
The following issues have been resolved:
-
casc-validations-details
CLI and endpoint were throwing an exception. Now the endpoint and CLI work as expected. -
If several controller bundle locations have the same name, an incrementing index is added at the end of the name to avoid duplicate names. An error is also raised to avoid duplicate names.
-
There were missing icons in the item export page. These icons are now displayed in the export page.
-
When configuring the sources for CasC bundles for controllers in operations center the GitHub checks activated checkbox was incorrectly being shown for some entries even though they were not configured to use GitHub as their SCM source. This issue has been resolved.
-
Not all runtime validations were performed if the set of plugins differs from operations center and controller. Runtime validations are now performed on the controller.
-
The CloudBees CasC Client and Server plugins now uses Ionicons icons to match the Jenkins icons; replacing Font Awesome icons.
-
Previously, the ability to include CasC bundle retriever logs in a support bundle required the installation of the deprecated Master Provisioning Core plugin. This dependency has been removed and the checkbox is available without having to install additional plugins on CloudBees CI on modern cloud platforms.
-
- Fix the SSH connections in the CasC Bundle Retriever
-
The SSH connections to SCM were broken in the last CasC Bundle Retriever update. This issue is resolved.
- HashiCorp Vault plugin revokes client token correctly.
-
The HashiCorp Vault plugin did not revoke client tokens correctly. The issue is now fixed.
- YAML file is not validated in the Default YAML field of the Configure Controller Provisioning page
-
If the YAML file content in the Default YAML field is very long, an HTTP error 431 Request Header Fields Too Large would occur when trying to validate it. This issue has been fixed.
- Upgrade
org.json:json
from 20230227 to 20231013 -
Upgraded
org.json:json
from 20230227 to 20231013.
- Remove call to hetero-list YUI button
-
Removed the call to the hetero-list YUI button that was removed from Jenkins core.
- In the CloudBees Pipeline Explorer, a left menu horizontal scrollbar appears when using Firefox
-
The horizontal scrollbar displayed in the left menu when using Firefox has been removed. This issue has been resolved.
- The
scmBundlePath
value should not begin with a forward slash (/
) -
When configuring the
scmBundlePath
value within a bundle, do not start the bundle path with a forward slash (/
) otherwise it returns an error.
- Upgrade All Plugins Cluster Operations step may upgrade plugins to the wrong versions
-
The Upgrade All Plugins Cluster Operations step may upgrade plugins to versions more recent than expected. This is known to happen in controllers defined with CasC. The Upgrade All Plugins is now looping through the plugin updates similarly to what is shown in the Plugin Manager in the UI.
- Allow multiline PodSecurityContext in Helm chart
-
Defining a multiline YAML value for
OperationsCenter.PodSecurityContext
in the Helm chart was failing as the Helm chart was expecting a one line value. This has been fixed and a multiline YAML value will correctly be interpreted.
- Support for Octal Notation in Kubernetes YAML Snippets Restored
-
Resolved an issue preventing octal notation in Kubernetes YAML snippets for controller provisioning. Users can now correctly specify permissions in the defaultMode field, preventing exceptions.
- RBAC mistakenly reports invalid users on external groups
-
When a Security Realm cannot verify an external group (due to a limitation of the API or lack of support for the plugin that implements the Security Realm), the external group shows an invalid user icon that mentions that "This may or may not be a valid user/external group name" and a link to a user with that name. Although it is an external group. The issue has been fixed and the UI improved. The user/external groups that cannot be verified have a distinct icon, description, and link.
Known Issues
- Failed parsing of data in the User Activity Monitoring plugin leads to incomplete data
-
Failed parsing of data from the User Activity Monitoring plugin will overwrite the user activity database. All user activity data that is logged up to that point in time is lost, in order to avoid this, refer to this knowledge base article Why is my user activity missing?.
- HTTP Client used for Operations Center to Controllers connection leads to performance issues
-
Because of known issues in the Java HTTP Client, there could be performance issues in Operations Center to Controllers interactions in heavily loaded environments.
More details about this issue and workarounds are documented in Operations Center Client leaks HTTP Clients since version 2.401.1.3.
- Unable to configure pod templates in the Operations center via the UI
-
A recent update to the way pod templates were managed caused issues upstream to where the operations center is unable to manage pod templates from the UI. A workaround making updates via the API is still available
- Duplicate Pipeline Template Catalogs in the Configuration as Code for controllers
jenkins.yaml
file on each instance restart -
If a Pipeline Template Catalog is configured in the Configuration as Code
jenkins.yaml
file and theid
property is not defined, the catalog is duplicated on each instance restart and in the exported Configuration as Code configuration.
- Inconsistencies between some Configuration as Code (CasC) features and High Availability (HA)
-
When using Configuration as Code in controllers that run in High Availability (HA) mode, the CloudBees Configuration as Code Export and Update screen may display inconsistent information about the bundle along with two buttons: Restart and Reload. This is caused by information not being properly synchronized between replicas. Furthermore, users may experience the following problems when trying to use one of the two buttons on that page:
-
Automatic reload bundle: clicking this button shows an error message.
-
Skip new bundle version: clicking this button forces a restart and the instance will not start again.
-
While the fix for this issue is being worked on, we recommend the following if you are using Configuration as Code in controllers that run High Availability (HA):
-
Controllers that have configured the automatic reload. Users must disable it and configure the automatic restart instead.
-
Controllers that do not have any automation (Bundle Update Timing). Users must stop using the Reload button and start using the Restart button instead.
- Error when renaming an existing EC2 cloud
-
When the name of an existing cloud node is updated, the user receives a 404 error after selecting save. This is because the cloud page uses the cloud name as part of its URL. When the user saves the name, Jenkins sends the user to the URL with the old cloud name. Please note that all node changes are successfully saved.