What’s new for June 2020

CloudBees CD

The CloudBees CD team is pleased to announce the general availability of CloudBees CD v10.0 long term support release. This is the culmination of preview releases since January 2020 and first long term support release since Jan 2019.

See CloudBees CD v10.0 release notes for full details.

CloudBees Flow is now CloudBees CD

CloudBees is introducing new, self-describing product names across our entire product line that make them easier for anyone in our target market to find, and to understand intuitively what they do.

With the release of version 10.0, what you’ve known previously as CloudBees Flow, or even ElectricFlow, is now called CloudBees CD. It is still the recognized leader in continuous delivery release orchestration and application release orchestration. The only thing that’s changed is the name—​and all the new features listed below.

Native CI integration

Every company wants to make their software delivery processes as efficient as possible. To this end, native CI integration seamlessly provides CI job and build data access within CloudBees CD.

See Native CI integration for complete documentation.

CloudBees CD on Kubernetes

  • Helm 3 support added

  • Helm chart deployment on Red Hat OpenShift has been certified

  • Agent-only installation using the agent Helm chart

  • Creating persistent shared storage

See Installing CloudBees CD on Kubernetes for complete documentation.

DSL improvements

Improvements were made for managing automation as code: New DSL IDE, directly available from the CloudBees CD main menu, for users to easily test and run local DSL files.

See CloudBees CD domain-specific language (DSL) for complete documentation.

CloudBees Build Acceleration

No June 2020 updates.

CloudBees Jenkins X Distribution

See CloudBees Jenkins X Distribution version 11 release notes for full details.

CloudBees Jenkins X Distribution v11 has been released and includes the following new features:

  • You can now use an existing Vault instance to store your Jenkins X secrets in your CloudBees Jenkins X Distribution cluster. Refer to Configuring external vaults in the Jenkins X documentation for more information.

  • You can now use your own custom build packs for use with CloudBees Jenkins X Distribution. This is useful for users who need specific modifications to the existing CloudBees Jenkins X Distribution build packs in their development environments. Refer to the Using custom build packs section of the Jenkins X documentation for more information.

  • There are several user interface (UI) improvements featured in this release of CloudBees Jenkins X Distribution:

    • You can now create a new project from a list of available “quickstart" templates that are pre-configured to work with CloudBees Jenkins X Distribution. If you want to get started with projects, refer to the Projects page in the CloudBees Jenkins X Distribution documentation.

    • If you have an existing project that you want to manage using Jenkins X, you can now use the UI to import it into your cluster. For more information, refer to Importing an existing project.

    • The UI is now exposed with its own URL and protected by basic authentication. Refer to the Installing the user interface in the CloudBees Jenkins X Distribution documentation.

CloudBees CI, CloudBees Jenkins Distribution, CloudBees Jenkins Platform, and CloudBees Jenkins Enterprise

The following are highlights of the 2020 June release. Refer to the full release notes for a complete list of changes.

Security Advisory

This advisory announces vulnerabilities in Jenkins, CloudBees Jenkins Distribution, CloudBees Jenkins Platform, and CloudBees CI.

Recently there was a security incident involving Continuous Delivery Foundation’s (CDF) Jenkins OSS which required Jenkins to block artifact uploads. This incident did not affect CloudBees products.

New features

  • To reflect the needs of medium to larger organizations, two new permissions have been introduced with Jenkins v2.222 which enable a CloudBees CI administrator to delegate some parts of administration to a user without having to grant them the powerful Overall/Administrator permission.

    The two new permissions include:

    • Overall/Manage: safely grant a user the ability to manage a subset of CloudBees CI configuration options.

    • Overall/SystemRead: grant a user the ability to view most of CloudBees CI configuration options, but in read only mode.

      When using Role-based matrix authorization as your Global Security Authorization Strategy provided by the CloudBees Role-Based Access Control Plugin, the administrator can grant a user/group the Overall/Manage and/or Overall/SystemRead permission to enable this functionality.

      These new permissions are currently “Experimental” and disabled by default. To enable these new permissions, see Delegating Administration.

  • Initial release of the Hibernation for Managed Master feature

    Previously released as a Preview feature, the hibernation of Managed Masters feature is now fully supported. This feature helps you to "turn off" idle or unused Managed Masters. For details, see Managing Masters - Hibernation of Managed Masters.

Feature enhancements

  • Jenkins UI improvements (FNDJEN-2001), (FNDJEN-2076), FNDJEN-1902)

    The following enhancements were made to the Jenkins UI as part of CloudBees' ongoing efforts to improve the usability of the UI:

    • Buttons were restyled.

    • The page footer was updated.

    • The user system fonts are now used.

    • Font sizes are now consistent across the application.

  • Replace Oracle JRE with OpenJDK in Windows distributables (PRD-2460)

    Oracle JRE has been replaced with OpenJDK in Windows distributables. This was necessary to prevent potential Oracle licensing violations.

  • rootCA certificate will expire Oct 2021 (CTR-1724)

    The rootCA certificate bundled with the CloudBees Jenkins Enterprise License Entitlement Check plugin will expire in Oct 2021, breaking the ability to check for new plugins or updates.

    We added a new root certificate and code support for checking against multiple signing certificates.

  • Add telemetry for CloudBees High Availability (CTR-1898)

  • Add JCasC compatibility to Trigger Restrictions Plugin (CTR-1568, FNDJEN-2081)

The Trigger Restrictions Plugin is now compatible with Jenkins Configuration as Code (JCasC).

The CloudBees Skip Next Build Plugin is compatible with Jenkins Configuration as Code (JCasC).

  • Outdated okhttp v2.7.5 library does not support modern features including TLS 1.3. (NGPIPELINE-374)

    Updated to use newer okhttp3 APIs with v3.12.12.

    This update only affects instances with the GitHub Branch Source plugin.

  • Update Kubernetes plugin dependency to 1.25.7 (CPLT2-6552)

    This update addresses compatibility changes with the Kubernetes plugin.

Resolved issues

  • CloudBees High Availability failure in Operations Center because of the lcrypto upgrade (CTR-1785)

    A misaligned version in a dependency caused a ClassNotFoundException.

    The dependency is not needed anymore and has been removed from the product.

  • The Jenkins High Availability plugin not working properly on CB products based on LTS 2.235 (CTR-1855)

    The FORCE_SESSION_TRACKING_BY_COOKIE_PROP property has to be disabled to get CloudBees High Availability (HA) working properly.

  • Confirmation window text misleading Personalized Slack Messaging (STICKY-490)

    The confirmation message displayed when deleting a user refers to the Slack token instead of the user.

    The confirmation message now refers the user.

  • Update wording in Slack integration user administration (STICKY-489)

    There were some typos and references to "Jenkins" in the user configuration page for the CloudBees CI Personalized Slack Messaging feature.

    With this fix, the text now refers to "CloudBees CI" and the typos have been corrected.

  • Slack test message is misleading (STICKY-487)

    The test message for the Personalized Slack Messaging feature was the same as the welcome message; however, the messages serve different purposes so the content was misleading.

    With this fix, the test message is unique from the welcome message and conveys to the user the correct purpose of the message.

  • Add JCasC compatibility to git-validated-merge plugin (FNDJEN-2084)

    Previous versions of git-validated-merge plugin were not tested to be compatible with JCasC.

    The git-validated-merge-plugin is now tested to be compatible with JCasC.

  • Remove Availability option incompatible with permanent agents (CTR-1813)

    In a CloudBees Jenkins Operations Center, creating a Permanent Agent with the Availability option Take this node off-line when idle made the Jenkins instance crash because this Availability option is not compatible with Permanent Agents.

    The Take this node off-line when idle Availability option is now only possible for Shared Agents.

  • Script Security plugin depended on and bundled an outdated version of caffeine. (NGPIPELINE-1172)

    Script Security now depends on and bundles caffeine 2.8.2.

    This update only affects instances with the Script Security plugin.

  • PathRemover should abort early after seeing a large number of exceptions (NGPIPELINE-1073)

    In certain situations, it is possible for Jenkins to be unable to write or delete from disk during a build because of filesystem permissions. A customer reported a situation where this resulted in tens of thousands of FileSystmExceptions being thrown, which in turn ran the instance out of memory, triggering the OOM killer.

    Instead of logging a needlessly large number of these exceptions, we log a reasonable number, 100 or less, and fail the build instead of trying to continue.

  • jenkins-agent configmap is missing latest updates (CPLT2-6549)

    The jenkins-agent configmap hasn’t been updated with the OSS counter part and didn’t have support for WebSockets.

    The configmap now picks up the latest OSS changes, which brings WebSocket support.

  • cloudbees-core-agent container fails when command and args are defined (CPLT2-6606)

    Recent versions of the cloudbees/cloudbees-core-agent image had two volume directories owned by root. In certain customized configurations this could lead to failures to launch an agent pod.

    These directories are now owned by the Jenkins user.

  • Syntax error is making the Helm chart fail (CPLT2-6638)

    A syntax error in the Helm chart became fatal when using a recent Helm release that was built with Go 1.14.

    An updated Helm chart version 3.15.1+94d2a6343fb6 was released to prevent this issue.

Known issues

None

CloudBees Feature Flags

The CloudBees Feature Flags documentation has had several improvements this month.

  • Improved landing page highlighting some of the key features.

  • Improved left navigation to make it easier for customers to find content.

  • New Onboarding section to help customers know how to start using CloudBees Feature Flags, as well as to learn more about the product and its use cases.

  • Rebranded for the CloudBees Feature Flags product name, including the URL. Redirects are in place for links with old product name.

CloudBees SDM

New features

  • New App developer guide provides information on how to extend CloudBees SDM with apps

    The new Developer guide provides information about app manifest, types, data, and relationships as well as app authentication.

  • Refresh tokens

    You can now create a refresh token in the CloudBees SDM UI. A refresh token is a long-lived token used to securely fetch a short-lived access token which can be used to connect to the CloudBees SDM API.

  • Personal access tokens

    You can now create a personal access token in the CloudBees SDM UI. A personal access token is a long-lived token that can be used by scripts and applications to make authenticated requests on behalf of a user.