CloudBees CI on traditional platforms 2.277.4.2

Rolling release: 2021-05-05

Based on Jenkins LTS 2.277.4-cb-2

New features

Configuration as Code (CasC) bundles can be assigned to more than one controller (BEE-2275)

In the Operations Center, CasC bundles can now be assigned to more than one controller. Additionally, the administrator can globally change or modify the default bundle behavior, allowing a single configuration bundle to be used by all controllers. Once a bundle has been verified with one controller, it can be used across one or multiple controllers. This eliminates the need to create a new bundle each time you set up a new controller thus reducing time, manual error, and overhead. Assigning a bundle to more than one controller is a Preview feature.

The Availability pattern replaces the Master Path field. When upgrading, the Master Path is automatically translated to an Availability pattern, and the appropriate bundle is assigned to the controller from the controller configuration screen.
A new Help menu is now available in CloudBees Software Delivery Automation (BEE-562)

The CloudBees Software Delivery Automation navigation bar has been updated to include a new Help menu that contains useful links for CloudBees documentation, release notes, onboarding, troubleshooting, support, and providing product feedback.

For more information, see Navigating the Operations Center interface.

Feature enhancements

Configuration bundles are assigned to a controller in the controller configuration screen (BEE-1253)

To allow a configuration bundle to be assigned to one or more controllers, the assignment of a bundle to a controller has been moved from the Configuration as Code bundles screen to the controller configuration screen in Operations Center.

A new Bundle dropdown field is available in the controller configuration screen. The list of bundles is filtered using the Availability pattern from the Configuration as Code bundles screen.

The Availability pattern replaces the Master Path field. When upgrading, the Master Path is automatically translated to an Availability pattern, and the appropriate bundle is assigned to the controller from the controller configuration screen.

Resolved issues

All permissions granted to users when RBAC configuration does not load (BEE-2742)

When the nectar-rbac plugin fails to read its configuration at startup, it uses the default authorization, granting administrative permissions to all authenticated users.

Jenkins startup now fails if the nectar-rbac plugin cannot read its configuration file. A user with access to the JENKINS_HOME file system must fix the nectar-rbac.xml configuration file, and restart CloudBees CI.

When a controller is disconnected from the Operations Center, the offline security realm is broken (BEE-1204)

When a controller falls back to the offline security realm, some security realms such as LDAP fail. The configuration is incorrect due to a serialization issue.

The serialization issue has been fixed. The LDAP security realm can now be used even when the controller is disconnected from the Operations Center.

Mail validation fails when defining a shared configuration (BEE-2763)

When you defined a shared configuration in Operations Center, and you added a mail configuration snippet, the validation failed. The validation method was broken due to a compatibility problem with the mailer plugin.

Compatibility issues with the mailer plugin have been fixed and mail validation now works as expected. This issue is resolved.

Missing permission check in update center (BEE-183)

A missing permission check allowed users with read permissions to reload custom update centers.

The permission check has been restored so that you must have configuration privileges on a custom update center to reload it.

Missing authentication call (BEE-2514)

An authentication call was not being activated when users logged in, causing audit implementations to miss it.

The call has been restored and this issue is resolved. Audit implementations are now properly receiving authentication events.

Move/copy/promote log access (BEE-178)

Previously, users could access the move/copy/promote logs without the proper permissions.

This issue has been resolved. Now, only users with the privileges to trigger move/copy/promote operations can access the logs.

SNI support on ElasticSearch Reporter plugin (BEE-1630)

Before this change, HTTP communications were handled by an old version of async-http-client that didn’t support Server Name Indication (SNI).

The underlying http library has now been migrated to use okhttp, which does support SNI. This issue has been resolved.

Legacy terminology update (BEE-1606, BEE-1607, BEE-1608, BEE-1609, BEE-1612, BEE-1613, BEE-1623, BEE-1624, BEE-1625, BEE-1627, BEE-1628, BEE-2347, BEE-2393, BEE-2434)

CloudBees is updating terminology to remove offensive text. During this ongoing initiative, “controller” replaces “master,” “agent” replaces “slave,” “allowlist” replaces “whitelist,” and “denylist” replaces “blacklist.”

Known issues

None.