CloudBees CI release highlights

What’s new in CloudBees CI 2.504.3.28224

Watch video

New Features

None.

Feature Enhancements

Disabling template-based jobs through UI by using a toggle switch

Added a toggle switch at the top right of the job configuration page. This allows users to enable or disable "template-based jobs" directly from the UI. The placement of the toggle switch is consistent with existing toggle switches used across different job types.


Backup to AWS S3 Bucket supports custom endpoints

Support for custom endpoints has been added to the S3 store for backup jobs. The following advanced options can now be configured to support most S3-compatible storage systems:

  • custom endpoints and protocol

  • custom signing region

  • path-style access


CloudBees CI version format change – June 2025

Starting with the June 2025 release, the CloudBees CI version format will include a fourth segment, changing from 2.504.3.x to 2.504.3.abcd.

Resolved Issues

API tokens created on the operations center did not propagate to managed controllers using the OpenID Connect or Google OAuth Credentials plugins

If using a service account to interact with managed controllers that use the OpenID Connect Authentication (oic-auth) or Google OAuth Credentials (google-oauth-plugin) plugins for authentication, API tokens created at the operations center-level did not propagate and could not be properly validated when making an API call to the managed controller, unless the service account had performed an explicit sign in or sign out. The API token behavior now aligns with the expected functionality provided in earlier controller versions.


Reclaim threads after WebSocket reverse proxy operations

Whenever a WebSocket agent was connected to an High Availability (HA) controller, a new thread was spawned and retained for a few minutes. This remains true on Java 17. However, on controllers running Java 21 (or newer), this thread is now reclaimed immediately after use, which reduces memory requirements when a large number of WebSocket agents attempt to connect.


Configuration as Code downloads using $JENKINS_HOME for temporary directories

Various Configuration as Code bundle download modes created temporary directories in the root of $JENKINS_HOME. While these were usually deleted soon after use, problems could occur deleting the files when this volume was mounted on NFS. Now, the standard system temporary directory is used.


Fixed the SAML plugin (saml) session serialization issue in High Availability (HA) environments

In the SAML plugin (saml), authenticated user sessions weren’t properly serialized because of the use of NonSerializableSecurityContext. As a result, session data couldn’t be restored correctly when requests were routed to different cluster replicas, causing users to be unexpectedly logged out or to appear unauthenticated. This fix updates the SAML plugin (saml) to use a SecurityContextImpl, which is serializable.


High Availability (HA) Multiple executor permanent agents now dynamically adjust processes on scale up/down

Previously, when scaling up and down a multiple executor permanent agent on High Availability (HA) controllers, agent processes on target operating systems (Linux or Windows) didn’t reflect the change dynamically. Additional executors remained in a disconnected state if the count was increased, and executor processes weren’t terminated when scaling down. This release introduces improvements to the agent runtime behavior. Now, when the executor count is increased or decreased from the controller, new Java agent processes are automatically spawned on target VMs during scale-up, and surplus agent processes are gracefully terminated during scale-down.


Multi-branch pipeline validation no longer fails due to GitHub App credentials if an Owner is not specified

Previously, if a GitHub App was installed to multiple GitHub organizations, the Owner of the App was not specified in the CloudBees CI credentials, and a Multibranch Pipeline was run using the GitHub App as the authentication method, an exception was returned when validating the configuration of the Multibranch Pipeline.


Duplicate id in Role-Based Access Control role exports

When exporting Role-Based Access Control (RBAC) roles using http://<cjoc_url>/roles/id/api/xml for CloudBees CI on modern cloud platforms or http://<cjoc_url>/cjoc/roles/id/api/xml for CloudBees CI on traditional platforms, the id was previously duplicated and returned for both getDisplayName() and getId(). It is now only returned for getId().


withDockerRegistry and withDockerServer steps using obsolete persistence idiom

The withDockerRegistry and withDockerServer Pipeline steps from the Docker Pipeline plugin (docker-workflow), and some related syntactic conveniences for both scripted and declarative syntaxes, used an obsolete method of tracking the locations of temporary directories that were to be deleted at the end of a build stage. This could have caused unexpected behavior when resuming builds across controller restarts, including High Availability (HA) adoption and disaster recovery, particularly in conjunction with retry.


Avoid thread consumption from triggerRemoteJob

When the Pipeline triggerRemoteJob step was running in some modes, it consumed an operating system thread while waiting for the downstream build to complete. This also applied to the build step running in an High Availability (HA) controller when build step emulation is enabled. This remains true on Java 17. However, on controllers running Java 21 (or newer), this step no longer consumes a thread.


Issue accessing Kubernetes pod template

Previously an unhandled exception occurred when navigating to an existing pod template or a newly created pod template while running CloudBees CI 2.504.2.5.


Shared agents with label selector are now properly provisioned when builds are waiting for an agent

Previously, when multiple pipelines requiring the same agent were launched, or when a pipeline with multiple steps requiring the same agent was launched, it caused the pipeline to be stuck. Once the lease on the agent is released, the next build starts.

Known Issues

Duplicate plugins in the Operations Center Plugin Manager UI

When you search for a specific plugin under the Available tab in the operations center Plugin Manager, the search results show duplicate entries for the plugin.