CloudBees CI on traditional platforms 2.440.3.7

The CloudBees HashiCorp Vault plugin now supports AWS credentials.

The CloudBees HashiCorp Vault plugin now supports Vault GitHub App credentials.

The new API version of the CasC Plugin Management offers a smoother experience for users configuring their instances using Configuration as Code and performing activities around plugin management.

The CloudBees High Availability (HA) retention strategy is only supported for outbound agents (for example, using SSH). It is not supported for inbound agents.

In a High Availability (HA) controller, it is possible to configure a maximum load per replica that will cause new queue items to be rejected. When the controller has reached that threshold, it now displays an administrative monitor that notes this fact.

The CloudBees Pipeline Explorer now uses a special icon for the input steps in the tree view, and displays them in all cases. Also, when an input step is waiting for input, the banner at the top of the CloudBees Pipeline Explorer is now highlighted to draw more attention to it.

The list of support components included in a High Availability (HA) controller now includes the missing log files from the agent launches.

A new Administrative Monitor is shown if there are non-recoverable errors when checking out the controller bundles.

Duplicate IDs in credentials could result in the deletion of incorrect credentials. This fix forbids the creation of credentials with similar IDs.

Blue Ocean plugins will soon be removed from CAP. Customers are advised to use CloudBees Pipeline Explorer instead.

After upgrading to CloudBees CI version 2.440.2.1, the global Pipeline Template Catalogs fail to load with a CannotResolveClassException: globalTemplateCatalogManagement. The issue has been fixed.

The Plugin Usage Analyzer had a flaw where it held on to all of the Pipeline runs that it wanted to analyze before performing the analysis of their usage. This caused CloudBees CI to use an excessive amount of memory when the analysis was running. This is now fixed by the Plugin Usage Analyzer plugin only holding in memory the pipeline runs of the current pipeline that is being analyzed (a maximum of 5).

The download icon was small and hard to find. It was changed to a standard Download button.

If a folder was using AggregatedResultsIcons and the CloudBees CI instance was using any security realm, the icons were not visible.

When disabling the operations-center-client plugin in a standalone controller (where it is not useful), an error was displayed during startup related to the header text retrieval. This is now suppressed.

A standalone controller does not require the operations-center-client plugin. However, if this were disabled in a High Availability (HA) controller, several errors were repeatedly printed to the system log and certain functionality, such as load balancing, did not work.

The High Availability (HA) script console did not work for scripts that required a particular CloudBees CI authentication; for example, to look up a project by name. Now, the Groovy script will run under the logged in user’s authentication.

An administrative monitor on a High Availability (HA) controller warns you if you have configured a Pipeline library to check out to a shared location, and offers to migrate the configuration to use a per-build checkout, including optimizations for the clone technique. If there is a library configured with plain Git, after migration it was not possible to clone a library by tag (as opposed to branch) unless the configurations were manually adjusted to include tags in the advanced clone options. Now the clone options will include tags. The behavior is unchanged for derivative Git-based configurations; at least the GitHub Branch Source plugin is able to clone a library by tag even with clone options suppressing the tag retrieval, since the refspec in that case encodes the tag name.

Periodically, in the logs of a controller, a warning is emitted related to a missing getter. The warnings in a system log for fields with no getters have now been silenced.

By default, Hazelcast logs the "The Jet engine is disabled" message on startup. This message can be interpreted as a warning by administrators, prompting for action.

The BundleUpdateLog no longer tries to read the plugins after removing the bundle.

In the exported YAML, the key privateKeys was showing the SSH private keys in plain text.

In some conditions, when using a profile to install plugins at startup, if a plugin in the profile cannot be installed as it was not found, the failure may not have been reported correctly in the logs.

When a communication error occured between the controller and the operations center, some resources associated with the HTTP exchange were not released. This resulted in a memory leak and thread retention.

If a Pipeline Template Catalog is configured in the Configuration as Code jenkins.yaml file and the id property is not defined, the catalog is duplicated on each instance restart and in the exported Configuration as Code configuration.

If a shared cloud (as opposed to a single agent) was defined in 2.426.x (or earlier) with an inbound launcher and a specific launch configuration, particularly the Use WebSocket checkbox (also tunnel and custom work dir settings), configuring and resaving that cloud in the GUI in 2.440.x will silently drop that configuration, potentially breaking a working setup.

After reconfiguring a static inbound agent in the GUI using fields, such as WebSocket, deprecated in 2.440.x, the suggested launch instructions incorrectly include -tunnel (with no argument) even if that field had been left blank.

When using Configuration as Code in controllers that run in High Availability (HA) mode, the CloudBees Configuration as Code Export and Update screen may display inconsistent information about the bundle along with two buttons: Restart and Reload. This is caused by information not being properly synchronized between replicas. Furthermore, users may experience the following problems when trying to use one of the two buttons on that page:

Certain options for the inbound agent launcher, particularly the checkbox for WebSocket, were removed from the configuration GUI in 2.440.x, in favor of passing the corresponding option such as -webSocket on the CLI. In the case of inbound shared agents or clouds, this did not suffice since the operations center was responsible for launching the cloned agent that connects to the controller. This makes it impossible to create new shared agents or clouds using WebSocket transport via GUI configuration.

The following plugins have been added to the Operations center CloudBees Assurance Program since 2.440.2.1:

The following plugins have been added to the Controller CloudBees Assurance Program since 2.440.2.1: