Upgrade Notes
- Git plugin uses Apache MINA for SSH transport
-
The Git plugin now uses JGit with Apache MINA only as SSH transporters.
- The
commons-lang3
library is no longer bundled with theinfradna-backup
plugin -
The
commons-lang3
library is no longer bundled with theinfradna-backup
plugin and the dependency now uses thecommons-lang3
plugin.
- Operations center CloudBees Assurance Program plugin changes since 2.452.2.3
-
The following plugins have been added to the Operations center CloudBees Assurance Program since 2.452.2.3:
-
EDDSA API Plugin (
eddsa-api
)
-
- Controller CloudBees Assurance Program plugin changes since 2.452.2.3
-
The following plugins have been added to the Controller CloudBees Assurance Program since 2.452.2.3:
-
EDDSA API Plugin (
eddsa-api
)
-
New Features
- Controller health check endpoint when using Hibernation
-
Added a new HTTP endpoint to the Hibernation monitor. The new endpoint can be used by external health check systems to generate alerts when a controller is not healthy, without waking up the controller.
Feature Enhancements
- In the CloudBees Pipeline Explorer build info bar, link the SCM commit and commit message to that specific commit in the SCM repository
-
When possible, the SCM commit and commit message in the CloudBees Pipeline Explorer build info bar now link to that specific commit in the SCM repository.
- Fixed sharing of
VaultAWSCredentials
between the operations center and controller -
The AWS Credentials defined in the HashiCorp Vault store in the Operations center were not usable in controllers.
The AWS Credentials defined in Operations center are now shared and usable in controllers.
- Vault credentials lookup performs less API calls
-
In
UsernamePassword
credentials and inSSHCredentials
, the CloudBees HashiCorp Vault plugin sent multiple requests to HashiCorp Vault to retrieve credentials information.Now, all information related to the credentials is retrieved in just one request to HashiCorp Vault.
- Support added to store passwords and tokens used in
plugins.yaml
in files -
In Configuration as Code Plugin Management 2.0 (bundles with
apiVersion: 2
), you could define passwords and tokens using environment variables.Now, you can set that value using system properties and text files. For more information, refer to Plugin management with CasC.
- Optional high detail logging for the Configuration as Code (CasC) bundle checkout process
-
Optional logging allows the logging contents of the folders to be involved in the bundle checkout at every step of the process.
This logging can have a performance impact and will generate massive logs, so it’s deactivated by default, and can be enabled with a system property.
- Configuration as Code (CasC) list of bundles is now sorted alphabetically
-
In the Configuration as Code (CasC) UI, where multiple bundles are present per bundle location, the bundles are now shown in alphabetical order.
- Hazelcast data structures enumerated in support bundles of High Availability (HA) controllers
-
The support bundles that are generated from the High Availability (HA) controllers now include, by default, a list of Hazelcast structures and associated statistics that can be useful to diagnose delayed communication between replicas, buffering issues, excessive memory usage, and so on.
Resolved Issues
- Controller side API tokens are not deleted on first use
-
The API tokens created on controllers with the operations center SSO enabled were lost on first usage. They are no longer revoked if the user configuration option
Synchronize details on login
is disabled.This issue is resolved.
- Improvements to multiple CloudBees Pipeline Explorer elements positioning
-
In the CloudBees Pipeline Explorer, various elements positioning have been improved. These elements are: the BFA indicator, the search input when there is an error, and badges that display the log and map.
- CyberArk credentials are now replaced by the credentials from Configuration as Code (CasC) bundles
-
Prior to this fix, the CyberArk credentials within a CloudBees CI instance were not removed when applying a CasC bundle with CyberArk credentials to that instance.
Now, only the CyberArk credentials from the CasC bundle are kept. The other credentials are deleted from CloudBees CI (not from CyberArk).
CyberArk credentials declared in CloudBees CI that were not part of your CasC bundles but were used to view credentials from CasC were added to your credentials list. This fix deletes all credentials that are not in CasC. |
- HTTP status code changed to reflect missing Configuration as Code bundle against a controller
-
When using Configuration as Code (CasC), if a controller is configured against the operations center, but has no associated bundle, the request for a linkfile returns a
400
(bad request) error instead of200
(ok) error.
- Pipeline policy violations might be reported in a nondeterministic order
-
When multiple Pipeline policies or rules were run, the list of policy violations might be displayed in an arbitrary order. Now, the order should be predictable.
NullPointerException
when updating Configuration as Code bundle version withapiVersion 2
-
When updating the Configuration as Code bundle version number while hot reloadable plugins were present resulted in a
NullPointerException
error.This issue is resolved.
NullPointerException
when validating Kubernetes Cluster Endpoint-
When using credentials in the Kubernetes Cluster Endpoints configuration, the
Validate
functionality shows an Angry Jenkins in the UI and aNullPointerException
in the logs.This issue is resolved.
- A
NullPointerException
occurs when an item leaves the queue -
A
NullPointerException
caused noise in the logs that prevented an item that recently left the queue to be proxied.This issue is resolved.
- Clouds do not disappear after the Folder configuration update by a user without Overall/Administer permissions
-
Clouds deselect after a user without Overall/Administer permissions edits the Folder configuration.
This issue is resolved.
- CloudBees CasC Client plugin and CasC bundle retriever alignment
-
The algorithm used to authenticate communications between CloudBees CasC Client plugin (
cloudbees-casc-client
) and the CloudBees CasC bundle retriever (cast-retriever
) has been updated.
The casc-client
and casc-retriever
versions are now aligned as follows:
-
cloudbees-casc-client
>= 2.60 requires casc-retriever >= 1.0.25 -
cloudbees-casc-client
< 2.60 requires casc-retriever ⇐ 1.0.22
- Possible RBAC cache lock issue because of Backup Projects Admin Monitor
-
An Admin Monitor checking Backup Projects for security issues led to possible locks in the RBAC cache.
The check now runs in a way that ensures this problem no longer occurs.