Security fixes
- Remove jQuery on cloudbees-monitoring-plugin (CPLT2-6943)
-
The following jQuery files are no longer being used and have been removed:
-
/scripts/jquery.flot.time.js
-
/scripts/jquery.flot.resize.js
-
/scripts/jquery-2.1.0.min.js
-
/scripts/jquery.flot.hiddengraphs.js
-
/scripts/jquery.flot.js
-
New features
- Update support-core to 2.72 (FNDJEN-3356)
-
CloudBees now supports the Jenkins Support Core plugin version 2.72 . For more information, see https://github.com/jenkinsci/support-core-plugin/releases.
- Detect Insecure Pipeline Interpolation (Password Leaking) (NGPIPELINE-1277)
-
CloudBees CI now adds warnings on build and log pages when potentially unsafe Groovy constructions are used. For more information, see String interpolation.
Feature enhancements
- New logo for CloudBees Plugin Usage Analyzer plugin (FNDJEN-3316)
-
The plugin now has its own logo in order to differentiate it from the Jenkins Controller plugin manager. For more information on this, see How to determine if a plugin is in use.
- Update Operations Center Context plugin dependencies (CTR-2603)
-
The Operations Center Context plugin is now using jQuery 3.5.1.
- Dependency updates (CTR-2944)
-
-
Minimum jenkins-core upgraded to 2.263.1.2
-
Minimum nectar-license plugin version upgraded to 8.28
-
Minimum cloudbees-template plugin version upgraded to 4.49
-
Minimum script-security plugin version upgraded to 1.75
-
- Change product license URL (CTR-736)
-
The URL of our license terms has changed to https://www.cloudbees.com/r/subscription.
Resolved issues
- Cross Team Collaboration could not use the Operations Center router with CasC for Masters (CTR-2088)
-
With this fix, Cross Team Collaboration can now use the Operations Center router in the Configuration as Code (CasC) for Masters configuration.
- Trigger remote job widget is rendering '[' when error on path (CTR-2560)
-
An invalid path of the downstream job is now properly managed and displayed in the configuration of the Trigger builds on remote/local jobs build step.
- Plugins from an https server with SNI certificates cannot be downloaded in Plugin Catalog through Installation Manager (FNDJEN-3070)
-
Before this release users were unable to download plugins defined in a plugin catalog from servers using SNI certificates.
CloudBees Installation Manager 2.89.0.33 allows downloading plugins from servers configured with SNI certificates. In addition, the new version follows redirections if needed for the plugin download.
Known issues
- Instances using CloudBees Plugin Usage Plugin version 2.0 experience a long start up time (FNDJEN-3377)
-
When using CloudBees Plugin Usage Plugin version 2.0 and the controller restarts, the web UI may display the “Please wait while Jenkins is getting ready to work” message for an unusually long period of time. After the instance is started up, the start-up performance logs show that the {{AnalyzerWork.initialize}} had taken a long time.
The loading of the previous plugin usage report file {{analysis.json}} takes too long. CloudBees will fix this issue in an upcoming release. See this knowledge base article CloudBees Plugin Usage Plugin 2.0 slows down Controller Start Up for immediate steps to remedy the issue until the fix is available.
- Regressions related to user-created content [CBCI-389]
-
This release contains multiple regressions related to files in user-created content served by the following CloudBees products:
-
CloudBees CI
-
CloudBees Jenkins Distribution
-
CloudBees Jenkins Platform
-
CloudBees Jenkins Enterprise
-
You may experience the following issues with user-created content:
-
If you use external artifact storage, like the Artifact Manager S3 Plugin or Compress Artifacts Plugin, it is not possible to download entire directories of archived artifacts as Zip files. Instead, you receive an error message.
-
Zip files containing directories of workspaces, archived artifacts, and similar user-created content do not include top-level directories anymore (typically called “archive” for archived artifacts, and the job name for workspaces), which can break expectations about Zip file structure, for example, in scripted clients.
-
File handles are not closed correctly whenever individual files are downloaded from workspaces, archived artifacts, and similar user-created content. This can result in Jenkins running out of file handles.
These issues are resolved in release 2.263.2.3.
Upgrade notes
CloudBees recommends that you start to prepare for the March release of Jenkins LTS as soon as possible. The March release will include important updates. If you use Jenkins LTS plugins that are not in the CloudBees Assurance Program (CAP), you should update them before upgrading your CloudBees products to ensure compatibility with the March release. If your company uses its own proprietary (non-CloudBees) plugins, CloudBees recommends that you test them against Jenkins version 2.266+ prior to the March release. And, as always, backing up your data before upgrading is strongly encouraged. For details about changes in the March Jenkins LTS release, see https://www.jenkins.io/blog/2020/11/10/spring-xstream/ and https://www.jenkins.io/doc/developer/views/table-to-div-migration/. |
If upgrading from a rolling release older than 2.426.2.2, customers may experience technical difficulties. CloudBees ensures compatibility only between supported versions of the product and recommends upgrading early and often to avoid these difficulties. If you are having difficulties upgrading, contact CloudBees Support for assistance. |