Security fixes
- Upgraded multiple dependencies to address security concerns
-
Guava was upgraded to version 32.1.2-jre in the
google-kubernetes-engine
andgoogle-storage
plugins.
JSON Smart was upgraded to version 2.5.0 in the warnings-ng
and analysis-model-api
plugin.
okio-jvm
was upgraded to 3.5.0 in the okhttp-api
plugin.
Spring Security Core was upgraded to 5.8.6 where applicable.
SSHD-Common
was upgraded to 2.10.0 where applicable.
New Features
- Initial release of CloudBees High Availability
-
CloudBees introduces the initial release of the High Availability feature that provides the following:
-
Controller Failover: High Availability protects against a single point of failure of a controller. If a controller fails, the Pipeline builds that normally run on that controller are automatically triggered or continued by another replica.
-
Rolling restart with zero downtime for CloudBees CI on modern cloud platforms: If a controller replica is restarted, all of the other replicas keep running, and the user experiences no downtime.
-
Load balancing: One logical controller can spread its workload across multiple replicas and keep them in sync.
-
Auto-scaling for CloudBees CI on modern cloud platforms: You can set up managed controllers to increase the number of replicas, depending on the workload. They upscale when the CPU usage overcomes a threshold and downscale when the conditions return to normal.
-
Feature Enhancements
- Searching logs in CloudBees Pipeline Explorer now accounts for the active filter by default
-
When performing a search while a tree view filter is active, CloudBees Pipeline Explorer will only search lines included in that filter by default. This behavior can be toggled on and off.
- CloudBees Pipeline Explorer time zone preference
-
The timestamps for within the log view will now use the time zone preference from the user settings, User Defined Time Zone.
- CloudBees Pipeline Explorer resize utility drawers
-
Users can now resize the tree view and the issue explorer drawers when they are open. Closing/opening the drawers maintain previous setting.
- CloudBees Pipeline Explorer improve timestamp formatting experience
-
This experience has been improved by adding a Save button and the reset action was replaced with a Reset button.
- Improve texts on the configuration page for controller items
-
Adapted the label and inline help texts for the Configuration as Code property on the configuration page of controller items.
Resolved Issues
- When CloudBees Pipeline Explorer was enabled, some pages were very slow for complex Pipelines, leading to controller-wide performance issues in some cases
-
When CloudBees Pipeline Explorer was enabled, some pages, such as Blue Ocean and the Pipeline Steps view, were very slow for complex Pipelines. This can lead to high CPU usage on the controller, causing controller-wide performance issues. CloudBees Pipeline Explorer plugin now avoids performance-intensive computation in APIs that are used to access all of the Pipeline steps.
- Credentials cache not working when controller disconnected from operations center
-
When a controller disconnected from the operations center, yet the operations center was still running, attempts to look up credentials from the operations center would fail rather than falling back to a cached list as expected.
This issue is resolved.
- Custom Update Center signature check uses an outdated certificate
-
The Update Center certificate was updated recently, and that modification needs to be taken care of for custom Update Center signature checks. The Custom Update Center signature now uses the updated Update Center certificate.
- Configuration as Code Resolved Issues
-
Pre-validation GitHub subscriber is not ignoring hidden (.*) folders Hidden files are now properly ignored during pre-validation.
Variable not substituted in Jenkins Health Advisor by CloudBees using Configuration as Code ${variable} notation is now supported for email and cc fields.
Trigger builds remotely
and quietPeriod
were not exported with Configuration as Code.
'Trigger builds remotely' and 'Quiet Period' properties are now exported and imported properly.
- CloudBees Pipeline Explorer Resolved Issues
-
The CloudBees Pipeline Explorer did not display the loading status at the initial page load. The loading status is now displayed during the initial load.
The tree view in the CloudBees Pipeline Explorer incorrectly omitted stages and parallel branches sometimes, and displayed parallel branches for incomplete builds in an inconsistent order. The tree view no longer omits stages or parallel branches and always shows parallel branches in a consistent order.
When displaying a line menu, if you leave the menu without any selection and hover again on the line, it displays the menu again. This issue has been resolved.
When the Pipeline Explorer’s LogStorage is active, the classic console view should be robust against most metadata errors. When the CloudBees Pipeline Explorer is enabled, the classic console output view now displays the available content, even if the log file is corrupted and cannot be displayed natively in the CloudBees Pipeline Explorer.
When activating a filter on an incomplete build, the CloudBees Pipeline Explorer displayed an error in some cases. The CloudBees Pipeline Explorer no longer fails when it activates a filter for incomplete builds.
In the Pipeline Explorer, redundant tree context badges appear on the first line of each page. This issue has been fixed and now the redundant markers do not appear on the first line of each page.
Previously auto-polling might not work correctly in some cases in CloudBees Pipeline Explorer This issue has been fixed and auto-polling now works correctly.
- Fix inconsistent behavior when reloading an empty configuration
-
When an RBAC configuration from a disk reloads, and the configuration file was cleared, it does not reflect in the live configuration. This issue has been resolved.
- Download Task sensitive to default HTTP timeouts
-
In environment with slower network, the download or larger plugins may be subjected to the default read and connection timeouts of the HTTP client (10 seconds). In which case it fails with a
SocketTimeoutException
.System properties
com.cloudbees.plugins.updatecenter.UpdateCenter.HTTP_CONNECT_TIMEOUT_SECONDS
andcom.cloudbees.plugins.updatecenter.UpdateCenter.HTTP_READ_TIMEOUT_SECONDS
have been added to be able to adjust those timeouts if needed.
- Removal of
prototype.js
from various plugins -
Removed the usage of
prototype.js
from the following plugins:-
cloudbees-plugin-usage
-
cloudbees-template
-
cloudbees-update-center-plugin
-
cloudbees-workflow-template
-
master-provisioning-core
-
nectar-rbac
-
operations-center-context
-
workflow-cps-checkpoint
-
- Update the login and signup pages in CloudBees CI
-
Improve the CloudBees login experience to clarify that you are logging in to a CloudBees product. The branding for the login and signup pages has now been updated in CloudBees CI.
- Operations center startup blocked by Update Center item loading
-
The loading of Update Center items is slowed down by the sha256 and sha512 calculation of the stored plugin and core binaries. This can delay the startup of the operations center for several minutes for Update Center items with a large plugins base.
Checksums are now saved during download and manual uploads, and during loading only if the checksums file does not exist.
- Updated various plugins to be compatible with SnakeYAML 2.0
-
The following plugins are now compatible with SnakeYAML 2.0:
-
blueocean-rest-impl
-
cloudbees-casc-client
-
cloudbees-casc-items-api
-
cloudbees-casc-server
-
cloudbees-workflow-template
-
google-kubernetes-engine
-
Known Issues
- Failed parsing of data in the User Activity Monitoring plugin leads to incomplete data
-
Failed parsing of data from the User Activity Monitoring plugin will overwrite the user activity database. All user activity data that is logged up to that point in time is lost, in order to avoid this, refer to this knowledge base article Why is my user activity missing?.
- HTTP Client used for Operations Center to Controllers connection leads to performance issues
-
Because of known issues in the Java HTTP Client, there could be performance issues in Operations Center to Controllers interactions in heavily loaded environments.
More details about this issue and workarounds are documented in Operations Center Client leaks HTTP Clients since version 2.401.1.3.
- Older versions of controllers cannot start after receiving new bundle versions
-
When the operations center sends new bundle versions to controllers older than 2.401.1.3, the controller cannot start.
This issue does not affect controllers in version 2.401.1.3 or newer.
There are three ways to fix the issue:
-
Upgrade all controllers to version 2.401.1.3 or newer.
-
Stop configuring controllers in versions prior to 2.401.1.3 using CasC.
-
Install a Plugin Catalog on the operations center with a beekeeper exception to install
cloudbees-casc-server:2.5.1
. The Plugin Catalog can be enabled in operations center by setting the system propertyDcom.cloudbees.jenkins.cjp.installmanager.CJPPluginManager.enablePluginCatalogInOC=true
.
-
- Error when renaming an existing EC2 cloud
-
When the name of an existing cloud node is updated, the user receives a 404 error after selecting save. This is because the cloud page uses the cloud name as part of its URL. When the user saves the name, Jenkins sends the user to the URL with the old cloud name. Please note that all node changes are successfully saved.
- Clouds do not disappear after the Folder configuration update by a user without Overall/Administer permissions
-
Clouds deselect after a user without Overall/Administer permissions edits the Folder configuration.
- Duplicate Pipeline Template Catalogs in the Configuration as Code for controllers
jenkins.yaml
file on each instance restart -
If a Pipeline Template Catalog is configured in the Configuration as Code
jenkins.yaml
file and theid
property is not defined, the catalog is duplicated on each instance restart and in the exported Configuration as Code configuration.