CloudBees Jenkins Platform 2.235.2.3

RELEASED: 2020-07-15

Based on Jenkins LTS2.235.2-cb-3

Rolling release

Security advisory

Security advisory

New features

CloudBees Core is now CloudBees CI

CloudBees is introducing new, self-describing product names across our entire product line that make them easier for anyone in our target market to find, and to understand intuitively what they do.

With the release of version 2.235.2.3, what you’ve known previously as CloudBees Core, is now called CloudBees CI. CloudBees CI on modern cloud platforms is designed to run on Kubernetes. CloudBees CI on traditional platforms has been developed for on-premise installations. It is still a fully-featured, cloud native solution that can be hosted on-premise or in the public cloud used to deliver CI at scale. The only thing that’s changed is the name—​and all the new features listed below.

Feature enhancements

  • CloudBees Slack Integration plugin: Developer experience improvements (STICKY-332)

    To improve the user experience for users configuring their Slack and GitHub settings, we made various updates to the Personalized Slack Messaging feature, including adding a separate page for a user to configure themselves.

    This update only affects installations that include the CloudBees Slack Integration Plugin.

  • GitHub/Slack integration complete analytics metrics (STICKY-344)

    To make more informed improvements to the Personalized Slack Messaging feature, we are now collecting data on the following:

    • Clicks on Slack message content (STICKY-163)

    • Each time a Slack message is sent to a user (STICKY-161)

    • Configuration of the CloudBees Slack Integration plugin: valid token, number of registered users, number of opted in users and number of opted out users (STICKY-160)

      To make more informed improvements to the CloudBees SCM Reporting feature, we are now collecting data on the following:

    • Bitbucket builds including anonymous details of configurations analogous to that sent for GitHub (STICKY-553)

    • Clicks on links from GitHub to CI (STICKY-188)

    • How often notifications are being sent to GitHub and what kinds of notifications are being sent (STICKY-201)

    • How the CloudBees SCM Reporting plugin is configured and which optional features are in use (STICKY-294)

      No identifying information is included in the data we collect. Data is only sent to CloudBees if you are opted in to statistics collection.
  • SCM/Slack integration optional plugin dependencies added into CAP (STICKY-344)

    We added a couple of plugins to CAP that were dependencies for the Slack/SCM app integrations including:

  • Personalized Slack Messaging uses hibernation friendly URLs (STICKY-546)

    Before, if a Managed Master was using hibernation, then it could happen that after a build the links to CloudBees CI shown in the GitHub pull request (PR) could point to a master which had since hibernated, leading to 503 errors.

    Slack messages linking to CloudBees CI now check for a master with hibernation enabled and automatically select an alternate redirect URL which will automatically wake the master if needed and then open the desired page once it is ready.

    Update only affects installations that include the CloudBees Slack Integration Plugin.

  • CloudBees SCM Reporting uses hibernation friendly URLs (STICKY-170)

    Before, if a Managed Master was using hibernation, then it could happen that after a build the links to CloudBees CI shown in the GitHub pull request (PR) could point to a master which had since hibernated, leading to 503 errors.

    GitHub reporting links to CloudBees CI now check for a master with hibernation enabled and automatically select an alternate redirect URL which will automatically wake the master if needed and then open the desired page once it is ready.

    Update only affects installations with the CloudBees SCM Reporting Plugin.

  • Enable GitHub App wizard for CloudBees SCM Reporting (STICKY-541)

    Before, to enable GitHub Checks, users had to create a GitHub App manually, which was tedious and error-prone.

    repository or organization folders associated with github.com using a personal access token can now be converted to use GitHub App authentication using a wizard. See Enabling GitHub App authentication for more information.

    Currently this option is not offered for GitHub Enterprise due to an outstanding bug in that product’s implementation of app creation.
  • Bitbucket support added to CloudBees SCM Reporting plugin (STICKY-564)

    The CloudBees GitHub Reporting feature now supports Bitbucket as an SCM option and has been renamed to CloudBees SCM Reporting.

    Update only affects installations with the CloudBees SCM Reporting Plugin.

  • Enable use of multiple webhook secrets when using GitHub App wizard (STICKY-329)

    When using the GitHub App creation wizard to configure CloudBees SCM Reporting, even if CloudBees CI already has a webhook secret registered, the wizard can add another secret.

    Update only affects installations with the CloudBees SCM Reporting Plugin.

  • Plugin version mention in Checks feedback link (STICKY-458)

    Before, it was hard to tell from feedback messages what version of the CloudBees SCM Reporting plugin was being run.

    We now include the plugin version number in the feedback link displayed in the Checks tabs.

    Update only affects installations with the CloudBees SCM Reporting Plugin.

  • Manage Jenkins page layout update (CTR-1468)

    With this release we have moved management links to the correct category under Manage Jenkins.

Resolved issues

  • Error when creating Slack message if Root URL is not configured (STICKY-573)

    We now prevent errors with Personalized Slack Messaging if the Jenkins Root URL is not configured when the a Slack message is created.

    Update only affects installations with the CloudBees Slack Integration Plugin.

  • Check Sender object is initialized before sending an event (STICKY-548)

    We created a safety check for the metrics we collect on SCM/Slack app integrations to be sent only if the queue and sender are initialized and ready.

  • CloudBees SCM Reporting length limit of 64Kb for GitHub Checks (STICKY-535)

    Before, when using the GitHub Checks tab, lengthy submissions such as from verbose test runs could exceed a GitHub limit and fail to notify anything at all (seen as an error in the system log).

    With this fix, the reported text is truncated to fit within the limit as needed.

    Update only affects installations with the CloudBees SCM Reporting Plugin.

  • NoAppsNoChecks can fail to send notification for long EndBuildError in CloudBees SCM Reporting (STICKY-378)

    When not using a GitHub App and the Checks tab, certain notifications could attempt to use a long description text that GitHub would reject, leading to a warning in the CloudBees CI system log and a missing notification.

    Now, descriptions are truncated to 140 characters; GitHub Apps/Checks tab notifications are not affected.

    Update only affects installations with the CloudBees SCM Reporting Plugin.

  • Prevent emojis from appearing in code blocks on GitHub Checks tab (STICKY-462)

    Before, code blocks in the Checks tab coming from build results could have rendered emojis.

    With this fix, the colon in an emoji-like sequence is now replaced with a similar-looking character which will not be misinterpreted.

    Update only affects installations with the CloudBees SCM Reporting Plugin.

  • Use random state for GitHub App installation flow (STICKY-495)

    Before, when creating a new GitHub App by wizard, the state passed between CloudBees CI and GitHub used encrypted information about CloudBees CI, which was unnecessary.

    With this fix, the state is now random and can be used only once.

    Update only affects installations with the CloudBees SCM Reporting Plugin.

  • End-build-error step arguments could be multiline strings (STICKY-457)

    Before, when a Pipeline step which failed a build had a multiline argument, which is common for example for sh steps, the summary in the Checks tab would be improperly formatted.

    With this fix, the step arguments are now elided if they do not fit on one line.

    Update only affects installations with the CloudBees SCM Reporting Plugin.

  • Security enforcer does not disable elements in the master UI (CTR-1780)

    Since 2.222.1.1, the security settings enforced by Operations Center to Client Masters appeared as editable in the masters (Global Security configuration), but any change on them was not saved.

    Now those settings are displayed as disabled again.

  • Configuration as Code (CasC) for Masters export is not JSON (CTR-1854)

    Configuration as Code (CasC) for Masters bundle export was returning "application/json" as the media type; however, the content is YAML syntax. As there is no official IETF media type for YAML, this endpoint now returns "text/plain".

  • [JENKINS-62545] Infinite loop in FlowGraphTable.addTreeSibling for corrupted flow graphs (NGPIPELINE-1222)

    Traversing a Pipeline execution using the FlowGraphTable API (used primarily for the Pipeline Steps view) could cause infinite loops for corrupted Pipelines in rare cases.

    With this fix, the FlowGraphTable API now returns an error if it detects that a Pipeline is corrupted in a way that would have previously caused an infinite loop.

  • Upgrade GitHub API and GitHub Branch Source plugins to OkHttp3 (NGPIPELINE-374)

    The outdated okhttp v2.7.5 library does not support modern features including TLS 1.3.

    GitHub API and GitHub Branch Source plugins have been updated to use newer okhttp3 APIs with v3.12.12.

  • Plugin Catalog and CloudBees Configuration as Code should provide a way of specifying a proxy (FNDJEN-2078)

    Configuration as Code for Masters cannot download plugins if they are under a proxy.

    CloudBees Installation Manager now configures the proxy established in the jenkins.yaml file of the configuration bundle before attempting to download any plugin.

Known issues

None.

Upgrade notes

End-of-life announcement

After assessing the viability of our supported plugins, CloudBees will no longer support the CloudBees Secure Copy Plugin after September 1, 2018.

This end-of-life announcement allows CloudBees to focus on driving new technology and product innovation as well as maintaining existing products that are actively used by customers.

After September 1, 2018 the plugin will lose functionality when upgraded. CloudBees recommends replacing it with Cluster-wide copy artifacts.

For more information regarding this end-of-life announcement, please contact your Customer Success Manager.