CloudBees CI on modern cloud platforms 2.452.1.2

The CloudBees Pipeline Explorer Pipeline Map now offers a revolutionary map view of your Pipeline that enables a quick and intuitive understanding of its entire structure at a glance. This feature allows you to easily view the big picture and the sequence of stages that provide a visual alternative to traditional methods. For more information, refer to CloudBees Pipeline Explorer Plugin.

CloudBees CI on modern cloud platforms now supports Kubernetes 1.28 on Azure Kubernetes Service, Amazon Elastic Kubernetes Service, Google Kubernetes Engine and Red Hat OpenShift 4.15. For more information refer to, Supported platforms for CloudBees CI on modern cloud platforms.

The CloudBees HashiCorp Vault plugin now supports cluster consistency. It allows users to choose the strategy used by the Vault client to mitigate the Vault cluster eventual consistency.

For versions 2.452.1.1 and later, customers should use Cosign 2.x to verify signed Docker images. For previous versions, use Cosign 1.x.

If a shared cloud (as opposed to a single agent) were defined in 2.426.x or previous versions with an inbound launcher and specific launch configuration, particularly the Use WebSocket checkbox (also tunnel and custom work dir settings), configuring and resaving that cloud in the GUI in 2.440.x would silently drop that configuration, potentially breaking a working setup. The issue does not apply to shared clouds configured using Configuration as Code.

Excessive synchronization in the code running in a controller related to shared agents could lead to heavy thread contention and poor performance.

Certain options for the inbound agent launcher, particularly the checkbox for WebSocket, were removed from the configuration GUI, in favor of passing the corresponding option such as -webSocket on the CLI. This was not sufficient. In the case of inbound shared agents, this did not suffice since the operations center was responsible for launching the cloned agent that connects to the controller. Adding -webSocket to the agent startup options also did not work since it conflicts with the now deprecated -jnlpUrl. It was possible to use WebSocket shared agents only by configuring this field via Configuration as Code, or REST or CLI upload of XML. This issue is now resolved.

Fixed the issue that was found when using Configuration as Code in controllers that run in High Availability (HA) mode. The CloudBees Configuration as Code Export and Update screen used to display inconsistent information about the bundle along with two buttons: Restart and Reload. This was caused by information not being properly synchronized between replicas.

When querying the REST API for the list of computers on an High Availability (HA) controller, static agents are listed multiple times. Duplicates are now removed if the displayName field is selected, with preference given to a replica that holds the connection to the agent (if any) when the offline field is selected.

When using the abort previous builds setting on a pipeline job in High Availability (HA), if a newer builds starts, even if it runs on another replica, the previous build is aborted.

Prior to this fix, the HashiCorp Vault credentials within a CloudBees CI instance were not removed when applying a Configuration as Code bundle with Vault credentials to that instance.

The preference switches have issues toggling when you click on specific areas. This issue has been fixed by updating the display style.

The menu for each log line in the CloudBees Pipeline Explorer used to close immediately if your mouse left the menu. The menu now stays open until you click anywhere on the page.

In some cases, performing a restart from the operations center of a controller configured with Allow External Agents would result in the controller being provisioned without the associated JNLP_NODE_IP, JNLP_NODE_NAME, and JNLP_NODE_PORT environment variables. This is resolved and all stop/start/restart actions respect the value of Allow External Agents, setting the environment variables accordingly.

When enabled, network policies were generated for all components even if some were disabled via values.

New Configuration as Code bundle versions installing new plugins returned an error when it was reloaded and the new bundle was not applied.

When installing CloudBees CI on EKS with network policies enabled, the recommended setup uses AWS Load Balancer controller with ALB in front of all pods serving web traffic (operations center, managed controller, etc.).

The operations center single sign-on system was passing a potentially very large query parameter during a logout redirect from a connected controller. When a user identity in the real security realm (for example, LDAP) defined many groups, this can cause a server or browser error and a failure to log out.

Failed parsing of data from the User Activity Monitoring plugin will overwrite the user activity database. All user activity data that is logged up to that point in time is lost, in order to avoid this, refer to this knowledge base article Why is my user activity missing?.

Because of known issues in the Java HTTP Client, there could be performance issues in Operations Center to Controllers interactions in heavily loaded environments.

If a Pipeline Template Catalog is configured in the Configuration as Code jenkins.yaml file and the id property is not defined, the catalog is duplicated on each instance restart and in the exported Configuration as Code configuration.

The following plugins have been added to the Operations center CloudBees Assurance Program since 2.440.3.7:

The following plugins have been added to the Controller CloudBees Assurance Program since 2.440.3.7: