CloudBees CI on traditional platforms 2.440.1.4

Rolling release: 2024-03-06

Based on Jenkins LTS 2.440.1

Security advisories

CloudBees Security Advisory 2024-03-06

Upgrade Notes

Operations center CloudBees Assurance Program plugin changes since 2.426.3.3

The following plugins have been added to the Operations center CloudBees Assurance Program since 2.426.3.3:

  • Gson API Plugin (gson-api)

  • Joda Time API Plugin (joda-time-api)

  • JSON Path API Plugin (json-path-api)

Controller CloudBees Assurance Program plugin changes since 2.426.3.3

The following plugins have been added to the Controller CloudBees Assurance Program since 2.426.3.3:

  • Gson API Plugin (gson-api)

  • Joda Time API Plugin (joda-time-api)

  • JSON Path API Plugin (json-path-api)

Jenkins 2.440 upgrade notes

New Features

None.

Feature Enhancements

None.

Resolved Issues

Operations center single sign-on broken on Java 17 when using an authenticated proxy

When running a connected controller on Java 17 with a proxy configured with username/password authentication, the operations center single sign-on did not work due to a limitation in a Java HTTP client. Now the proxy configuration is ignored and the controller contracts the operations center directly regardless of proxy settings.

NOTE: Saving the proxy configuration in the GUI currently saves a blank username. This will be fixed in a future release. Configuring the proxy via Configuration as Code does not enable authentication unless a username is actually defined.

Known Issues

Cannot add CyberArk / Hashicorp Vault credentials from the Add button of a credentials form

When you try to add a CyberArk credential or Hashicorp Vault credential from the Add button of a credentials form, it fails with the error Domain is read-only and the credential is not created. The workaround is to create the those types of credentials from the Manage Jenkins > Credentials page for root credentials or a Folder Credentials page for folder credentials.

Failed parsing of data in the User Activity Monitoring plugin leads to incomplete data

Failed parsing of data from the User Activity Monitoring plugin will overwrite the user activity database. All user activity data that is logged up to that point in time is lost, in order to avoid this, refer to this knowledge base article Why is my user activity missing?.

HTTP Client used for operations center to controller connection leads to performance issues

Due to known issues in the Java HTTP Client, there could be performance issues in operations center to controller interactions in heavily loaded environments.

For more details about this issue and workarounds, refer to Operations Center Client leaks HTTP Clients since version 2.401.1.3.

Saving shared cloud from GUI lost WebSocket checkbox

If a shared cloud (as opposed to a single agent) was defined in 2.426.x (or earlier) with an inbound launcher and a specific launch configuration, particularly the Use WebSocket checkbox (also tunnel and custom work dir settings), configuring and resaving that cloud in the GUI in 2.440.x will silently drop that configuration, potentially breaking a working setup.

As a workaround, avoid resaving such shared clouds using the GUI. Use Configuration as Code with YAML or REST or CLI with XML if an unrelated aspect of the cloud needs to be adjusted.

Reconfiguring static inbound WebSocket agent improperly added blank tunnel

After reconfiguring a static inbound agent in the GUI using fields, such as WebSocket, deprecated in 2.440.x, the suggested launch instructions incorrectly include -tunnel (with no argument) even if that field had been left blank.

As a workaround, do the following:

  • Manually remove -tunnel from the command line before using.

  • Reconfigure the agent using Configuration as Code YAML or REST or CLI XML to not include the tunnel field.

NullPointerException when validating Kubernetes Cluster Endpoint

When using credentials in the Kubernetes Cluster Endpoints configuration, the Validate functionality shows an Angry Jenkins in the UI and a null pointer exception in Jenkins logs.

Inbound shared agents aligned with new Remoting CLI options

Certain options for the inbound agent launcher, particularly the checkbox for WebSocket, were removed from the configuration GUI in 2.440.x, in favor of passing the corresponding option such as -webSocket on the CLI. In the case of inbound shared agents or clouds, this did not suffice since the operations center was responsible for launching the cloned agent that connects to the controller. This makes it impossible to create new shared agents or clouds using WebSocket transport via GUI configuration.

As a workaround, configure fields, such as webSocket, in the agent/cloud launcher definition via Configuration as Code YAML or REST or CLI upload of XML; or copy a working agent/cloud item instead of creating one from scratch.

GitHub plugin settings would not load on startup

The GitHub plugin configuration failed to load during the Operations center startup. Refer to GitHub Plugin settings not loaded on startup after upgrading for more information.

Clouds do not disappear after the Folder configuration update by a user without Overall/Administer permissions

Clouds deselect after a user without Overall/Administer permissions edits the Folder configuration.

Duplicate plugins in the Operations center Plugin Manager UI

When you search for a specific plugin under the Available tab in the Operations center Plugin Manager, the search results show duplicate entries for the plugin.