CloudBees CI on traditional platforms 2.289.2.2

Rolling release: 2021-06-30

Based on Jenkins LTS 2.289.2-cb-3

Security advisories

Release highlights video

Select to watch a video describing the highlights of this release

Critical issues

Issues with RPM installation for CloudBees CI on traditional platforms customers with custom users - Latest update: 2021-07-09

The RPM-based installation for version 2.289.2.2 is failing for some CloudBees CI on traditional platforms customers with custom users. You may receive the following error:

main process exited, code=exited, status=6/NOTCONFIGURED

This issue has been resolved in version 2.289.2.3. CloudBees recommends that you install version 2.289.2.3 instead of version 2.289.2.2 to avoid potential issues.

If you attempted to upgrade to version 2.289.2.2 and encountered issues, refer to this knowledge base article or contact CloudBees Support.

Remove the jquery and jquery-detached plugins from your CloudBees CI instance

The jquery and jquery-detached plugins have been removed from all CloudBees Jenkins-based products and are no longer part of CloudBees Assurance Program. However, these plugins are not automatically uninstalled from your CloudBees CI instance as other plugins you use may still have dependencies on them. Please ensure that your CloudBees CI instance does not have any dependencies on these plugins, and then remove them. For instructions on how to check for dependencies in a particular plugin, refer to How to determine if a plugin is in use.

New features

A new Original bundle tab has been added to the CloudBees Configuration as Code bundles screen (BEE-1268)

A new Original bundle tab has been added to the controller Configuration as Code bundles screen to export the original bundle that was applied when the controller was set up.

If a controller does not have the correct plugins or global configuration settings that were originally applied, you can export the original bundle and compare it to the current configuration, to determine if recent changes may have been incorrectly applied to the controller.

The Bundle Files tab has also been renamed to Current configuration and a new button added to export the entire current configuration in zip format.

For more information, refer to Configuration as Code (CasC) for Controllers.

A new CasC bundle column has been added to the operations center dashboard (BEE-1252)

A new CasC bundle column has been added to the operations center dashboard to easily determine the Configuration as Code (CasC) bundle assigned to a controller.

For more information, refer to Configuration as Code (CasC) for Controllers.

A new CloudBees Prometheus Metrics plugin has been added to the operations center and is included in the CloudBees Assurance Program (CAP) (BEE-2447)

The plugin exposes basic metrics in Prometheus format and collects:

  • Basic system metrics, such as garbage collection, memory pools, class-loading, and thread counts.

  • Metrics collected by the Metrics plugin for Jenkins, which is installed by default.

For more information, refer to CloudBees Prometheus Metrics plugin.

Feature enhancements

The Controllers view was present only in Kubernetes installations, was not extensible, and required the View Job Filters plugin (BEE-4780)

This Controllers view is now implemented in a common place and available to CloudBees CI on traditional platforms installations (except for Kubernetes-specific view columns), with no need to install a separate View Job Filters plugin.

For CloudBees CI on traditional platforms installations, the Controllers view is now created and set as the default if it does not already exist when a controller is created.

Upgraded the JGroups release used for the High Availability plugin to 4.2.15 (BEE-111)

The version of JGroups used for the High Availability plugin has been upgraded to 4.2.15. Additionally, a maximum length has been added for messages that are exchanged between nodes to prevent potential memory issues.

If you use a custom $JENKINS_HOME/jgroups.xml configuration, you should compare it to the new default configuration and update your custom configuration so that it contains the maximum length setting.

Enhanced logging for cluster operations (BEE-4688)

Any controllers that are scheduled for cluster operations now appear at the top of the build console. This enhancement can help you easily identify operations that have not yet been processed.

Resolved issues

Updated styles on the client controller connection to operations center screen (BEE-452)

The styles on this screen were updated to use the latest icons from Jenkins core. A broken tooltip and help icons were also fixed.

The CloudBees CI user interface previously had a different appearance from CloudBees Software Delivery Automation, including the navigation bar. (BEE-445)

Some aspects of the general CloudBees style are now applied to certain controls in CloudBees CI.

Intermittent failure to restart on Red Hat Enterprise Linux 7 (RHEL) and CentOS7 (BEE-3861)

The scripts that were used in the Jenkins RPM package were intermittently preventing Jenkins from restarting on RHEL 7 and CentOS 7.

This issue has been resolved. The CloudBees RPM packages now use systemd scripts on Fedora, CentOS, and RHEL.

Users unable to sign in through LDAP (BEE-4650)

Users were unable to sign in through LDAP if the LDAP-configured root DN contained characters that were unsafe for a URL, for example, a space.

This has now been resolved. The plugin now works around the upstream issue to restore access.

Updated style on the Security Warnings Administrative Monitor (BEE-5493)

The message style used on the offline Security Warnings Administrative Monitor was updated so that it aligns with other administrative monitors.

Corrected user interface text for CloudBees Update Center (BEE-687)

The CloudBees Update Center was referenced using an outdated name.

The text was updated and it now refers to the CloudBees Update Center using the proper term.

Secret File credentials could not be shared with a connected controller (BEE-3244)

If you attempted to share the Secret File credentials from the operations center to a connected controller, and the file was too large, the operation failed with an exception.

This issue has been resolved. The size of the Secret File credentials file no longer prevents it from being shared. To apply this fix, you must update the plugin on both the operations center and the controller.

Replaced the Fast Archiver plugin as the default archiver (BEE-172)

Previously, the Fast Archiver plugin was enabled on controllers as the default archiver, even if you did not configure it.

Now the Jenkins Core archiver is enabled as the archiver by default, if you do not select another configurable option. For more information, refer to Managing artifacts with CloudBees Fast Archiving plugin.

Terminology updates (BEE-2360, BEE-2362, BEE-2385, BEE-2391, BEE-2397, BEE-2432, BEE-2436, BEE-2443, BEE-2444, BEE-2445, BEE-2494, BEE-2495, BEE-2532, BEE-2535, BEE-2536, BEE-2537, BEE-2539, BEE-5003, BEE-5192)

CloudBees is updating terminology to remove offensive text. During this ongoing initiative, “controller” replaces “master,” “agent” replaces “slave,” “allowlist” replaces “whitelist,” and “denylist” replaces “blacklist.”

A CasC bundle’s availability pattern cannot be defined programmatically (BEE-4848)

If using CloudBees CI 2.277.4.2 - 2.289.1.2, and you sent the casc-bundle/set-master-to-bundle HTTP API endpoint, no CasC bundles were available to assign to the controller and an error was returned.

A new casc-bundle/set-availability-pattern HTTP API endpoint has been added to programmatically define the availability pattern of a CasC bundle.

The casc-bundle/set-master-to-bundle HTTP API endpoint has been deprecated due to offensive terminology. The casc-bundle/set-controller-to-bundle endpoint should be used for all new applications.
Support for additional CasC HTTP API endpoints (BEE-4848 and BEE-5113)

The following HTTP API endpoints have been added for CasC, to correspond with functionality previously implemented in the user interface.

  • casc-bundle/set-global-availability-pattern-behavior to specify the default global availability pattern behavior.

  • casc-bundle/set-controller-to-bundle to assign a bundle to a controller.

    The casc-bundle/set-master-to-bundle HTTP API endpoint has been deprecated due to offensive terminology. The casc-bundle/set-controller-to-bundle endpoint should be used for all new applications.
  • casc-bundle/set-default-bundle to specify a default bundle that is pre-selected in the operations center controller configuration screen when setting up a new controller.

Support for additional CasC CLI commands (BEE-4848 and BEE-5113)

The following CLI commands have been added for CasC, to correspond with functionality previously implemented in the user interface.

  • casc-bundle-set-global-availability-pattern-behavior to specify the default global availability pattern behavior.

  • casc-bundle-set-controller to assign a bundle to a controller.

    The casc-bundle-set-master CLI command has been deprecated due to offensive terminology. The casc-bundle-set-controller command should be used for all new applications.
  • casc-bundle-set-default-bundle to specify a default bundle that is pre-selected in the operations center controller configuration screen when setting up a new controller.

A CasC bundle hot reload generated a NullPointerException if no updates were necessary (BEE-5443)

When signed in to a controller, if you selected Reload Configuration from the CloudBees Configuration as Code bundles screen, the reload failed with a NullPointerException exception if there was nothing to update.

This issue has been resolved and no longer results in an exception.

Users with the Overall/Manage permission should be allowed to perform a hot reload for a CasC bundle (BEE-3618)

Users with the Overall/Manage permission can now perform a hot reload for a CasC bundle. Previously, only users with the Overall/Administer permission could perform a hot reload.

Removed commons-compress dependency (BEE-5351)

A recent update added a dependency to the commons-compress library that is provided by Jenkins core. The component contained a flaw related to uncaught runtime exceptions.

This issue is resolved. The dependency was removed and the version packaged in Jenkins core will be used instead.

Fixed compatibility issues with Credentials and Credentials Binding plugins (BEE-6444)

Changes to the Credentials plugin version 2.5 and the Credentials Binding plugin version 1.25 caused the CloudBees Enhanced Credentials Masking plugin to no longer hide usernames and passwords outside of the withCredentials step.

The issues with the Credentials and Credentials Binding plugins have been resolved. The Enhanced Credentials Masking plugin now hides secrets as expected.

Known issues

Resolving a failed migration of the Role-Based Access Control (RBAC) plugin (BEE-5599)

In CloudBees Role-Based Access Control Plugin 5.42, CloudBees moved RBAC configurations from the config.xml file to a new file named nectar-rbac.xml. Migration data is now spread across multiple plugins, and if all of the plugins are not upgraded at the same time as the RBAC plugin, the RBAC migration may not be completed successfully.

If you upgrade plugins using the Beekeeper Upgrade Assistant, and you selected Allow automatic upgrades of plugins on restart, the migration to version 5.42 is successful. However, if you manually upgraded the RBAC plugin to version 5.42, the upgrade may not be complete. Refer to Migrating from versions prior to 5.42 for more information.