CloudBees, Inc.

CloudBees Jenkins Distribution 2.176.2.3

New Features

Major Internal changes on CloudBees Jenkins Distribution Docker image

The Docker image for CloudBees Jenkins Distribution has been modified so now some internal folders and users are the same than for the other types of packages.

Specifically, the following changes have been applied:

  • The user created and used to launch the CloudBees Jenkins Distribution instance is now cloudbees-jenkins-distribution instead of jenkins. Note that the uid of the user has not changed
  • The user group where the cloudbees-jenkins-distribution user belongs is now cloudbees-jenkins-distribution instead of jenkins. Note that the gid of the group has not changed
  • Default JENKINS_HOME is now located in /var/cloudbees-jenkins-distribution instead of /var/jenkins_home
  • Default customization folder (used to create customized instances) has been moved from /usr/share/jenkins/ref to /usr/share/cloudbees-jenkins-distribution/ref
  • War file is now stored in /usr/share/cloudbees-jenkins-distribution/cloudbees-jenkins-distribution.war instead of /usr/share/jenkins/jenkins.war
  • cloudbees-referer.txt file is now stored in /usr/share/cloudbees-jenkins-distribution/ref/.cloudbees-referrer.txt instead of /usr/share/jenkins/ref/.cloudbees-referrer.txt

As a result of these changes, volume mounts to get a persistent JENKINS_HOME now need to point to /var/cloudbees-jenkins-distribution instead of /var/jenkins_home as stated in the documentation

Minor Release Notes

Upgraded Jenkins OSS LTS from 2.176.1-cb-3 to 2.176.2-cb-3

Minor Release Notes

Upgraded Artifact Manager on S3 Plugin from 1.4 to 1.6

Minor Release Notes

Upgraded CloudBees AWS Credentials Plugin from 1.24 to 1.27

Minor Release Notes

Upgraded Amazon Web Services SDK library from 1.11.457 to 1.11.562

Minor Release Notes

Upgraded Blue Ocean Plugin from 1.10.2 to 1.17.0

Minor Release Notes

Upgraded Bitbucket Pipeline for Blue Ocean from 1.10.2 to 1.17.0

Minor Release Notes

Upgraded Common API for Blue Ocean from 1.10.2 to 1.17.0

Minor Release Notes

Upgraded Config API for Blue Ocean from 1.10.2 to 1.17.0

Minor Release Notes

Upgraded Common javascript libraries/utilities for Blue Ocean from 1.10.2 to 1.17.0

Minor Release Notes

Upgraded Dashboard for Blue Ocean from 1.10.2 to 1.17.0

Minor Release Notes

Upgraded BlueOcean Display URL from 2.2.0 to 2.3.0

Minor Release Notes

Upgraded Events API for Blue Ocean from 1.10.2 to 1.17.0

Minor Release Notes

Upgraded Git Pipeline for Blue Ocean from 1.10.2 to 1.17.0

Minor Release Notes

Upgraded GitHub Pipeline for Blue Ocean from 1.10.2 to 1.17.0

Minor Release Notes

Upgraded i18n for Blue Ocean from 1.10.2 to 1.17.0

Minor Release Notes

Upgraded JIRA Integration for Blue Ocean from 1.10.2 to 1.17.0

Minor Release Notes

Upgraded JWT for Blue Ocean from 1.10.2 to 1.17.0

Minor Release Notes

Upgraded Personalization for Blue Ocean from 1.10.2 to 1.17.0

Minor Release Notes

Upgraded Pipeline REST API for Blue Ocean from 1.10.2 to 1.17.0

Minor Release Notes

Upgraded Blue Ocean Pipeline Editor from 1.10.2 to 1.17.0

Minor Release Notes

Upgraded Pipeline SCM API for Blue Ocean from 1.10.2 to 1.17.0

Minor Release Notes

Upgraded REST API for Blue Ocean from 1.10.2 to 1.17.0

Minor Release Notes

Upgraded REST Implementation for Blue Ocean from 1.10.2 to 1.17.0

Minor Release Notes

Upgraded Web for Blue Ocean from 1.10.2 to 1.17.0

Minor Update Branch API plugin to add control triggers(NGPIPELINE-339)

Upgraded Branch API Plugin from 2.0.20.1 to 2.5.2. This release includes a potentially breaking change to how multi-branch scan triggers are configured. It introduces an extension point for organization folders that enables the customization of the children of the organization folder on every organization folder scan. This extension includes a "Child Scan Triggers" setting which sets the scan triggers for the child multi-branch projects.

Previously, users could write scripts to change this value on child projects. This is no longer allowed. Child projects will always use the value provided by the organization folder "Child Scan Triggers" setting and code that attempts to change the scan trigger on child projects will not work.

Minor Release Notes

Upgraded CloudBees Assurance Plugin from 2.138.0.6 to 2.138.0.7

Minor Release Notes

Upgraded Bitbucket Branch Source Plugin from 2.4.2 to 2.4.4

Minor Release Notes

Upgraded CloudBees Folders Plugin from 6.7 to 6.8

Minor Release Notes

Upgraded Copy Artifact Plugin from 1.41 to 1.42.1

Minor Release Notes

Upgraded Credentials Plugin from 2.1.19 to 2.2.0

Minor Release Notes

Upgraded Credentials Binding Plugin from 1.18 to 1.19

Minor Release Notes

Upgraded Deployer Framework Plugin from 1.1 to 1.2

Minor Release Notes

Upgraded Amazon EC2 Plugin from 1.42 to 1.42.1

Minor Release Notes

Upgraded GitHub Branch Source Plugin from 2.4.5 to 2.5.3

Minor Release Notes

Upgraded Jackson2 API Plugin from 2.9.8 to 2.9.9

Minor Release Notes

Upgraded UI library for Blue Ocean from 1.10.2 to 1.17.0

Minor Release Notes

Upgraded JUnit Plugin from 1.26.1 to 1.28

Minor Release Notes

Upgraded Kubernetes Plugin from 1.15.5 to 1.15.9

Minor Release Notes

Upgraded Maven Plugin from 3.1.2 to 3.3

Minor Release Notes

Upgraded Metrics Plugin from 4.0.2.3 to 4.0.2.4

Minor Release Notes

Upgraded CloudBees Jenkins Enterprise License Entitlement Check from 8.18 to 8.20

Minor Release Notes

Upgraded Pipeline Graph Analysis Plugin from 1.7 to 1.10

Minor Release Notes

Upgraded Pipeline: Model API from 1.3.8 to 1.3.9

Minor Release Notes

Upgraded Pipeline: Model Definition from 1.3.8 to 1.3.9

Minor Release Notes

Upgraded Pipeline: Declarative Extension Points API from 1.3.8 to 1.3.9

Minor Release Notes

Upgraded Pipeline: Stage Tags Metadata from 1.3.8 to 1.3.9

Minor Release Notes

Upgraded SCM API Plugin from 2.4.0 to 2.4.1

Minor Release Notes

Upgraded Script Security Plugin from 1.58 to 1.60

Minor Release Notes

Upgraded SSH Credentials Plugin from 1.16 to 1.17

Minor Release Notes

Upgraded SSH Slaves Plugin from 1.26 to 1.30.0

Minor Release Notes

Upgraded Structs Plugin from 1.18 to 1.19

Minor Improvements to User Activity Monitoring

Upgraded User Activity Monitoring Plugin from 1.1.3 to 1.1.5

User activity is now aggregated on a monthly rather than weekly basis. Existing weekly activity is migrated based on the month containing the start of the week. The UI now shows a combined total of the number of users who have authenticated to Jenkins and users whose commits have been included in builds, along with a table showing the data on which this number is based. A detailed report can be downloaded that shows the months in which a user was active.

Minor Release Notes

Upgraded Pipeline API Plugin from 2.33 to 2.35

Minor Release Notes

Upgraded Pipeline Basic Steps Plugin from 2.15 to 2.18

Minor Release Notes

Upgraded Pipeline Groovy Plugin from 2.67 to 2.70

Minor Release Notes

Upgraded Pipeline Nodes and Processes Plugin from 2.30 to 2.31

Minor Release Notes

Upgraded Pipeline Multibranch Plugin from 2.20 to 2.21

Minor Release Notes

Upgraded Pipeline SCM Step Plugin from 2.7 to 2.9

Minor Release Notes

Upgraded Pipeline: Step API from 2.19 to 2.20

Minor Release Notes

Upgraded Pipeline Supporting APIs Plugin from 3.2 to 3.3

Minor Release Notes

Added CloudBees Flow version 1.1.9

Minor Avoid considering folders as backup files (FNDJEN-1291)

The CloudBees Backup plugin was considering every folder in the backup folder as a backup file, therefore the plugin was trying to remove the folder when a retention strategy was specified. If the user running the instance has no permission on this folder, or the folder has some content, it fails. If the instance has permissions, the plugin removes such a folder.

Minor Ability to mark Pipeline stage as Unstable (NGPIPELINE-346)

Individual Pipeline stages did not have independent results, causing visualizations to report every stage as unstable no matter which stage actually caused the build to become unstable. A new API was created for more granular status tracking in Pipelines. Plugins such as JUnit that set the build result to unstable were updated to use the new API. New Pipeline steps were created that users can use to set the stage result to unstable, see the warnError and unstable steps here: https://jenkins.io/doc/pipeline/steps/workflow-basic-steps/. Additionally, the catchError step was updated to allow optionally setting the stage result. Using these new steps allows Blue Ocean to display exactly which stage caused the build to become unstable.

Minor CloudBees Pipeline Stage View Extensions update (NGPIPELINE-477)

Upgraded CloudBees Pipeline Stage View Extensions from 2.1 to 2.2 to reference the latest Jackson API plugin.

Minor Added support for Kubernetes installation

CloudBees provides you a Helm chart to deploy CloudBees Jenkins Distribution on Kubernetes, making easier the installation. Currently, only Amazon EKS installations are supported. Refer to https://go.cloudbees.com/docs/cloudbees-jenkins-distribution/distro-install-guide/kubernetes/ and https://go.cloudbees.com/docs/general/support-policies/supported-platforms/cloudbees-jenkins-distribution/ for support details.

Resolved issues

Minor Connecting agents via CLI does not require restart (CTR-35)

The Operations Center required a restart to connect to shared agents provisioned via CLI when some optional properties were not fully specified in the agent’s xml configuration. With this fix, creating a shared agent via the CLI no longer requires a restart to connect the agent when specifying an empty <properties /> element.

Minor Prevent XSS of Managed/Client master side panel (CTR-250)

A master with a malicious name could inject JavaScript code to be executed on user access to the master configuration page. This vulnerability has been fixed.

Minor Operations Center credential domain requirement update (CTR-275)

If a connected master had a plugin installed that provided a new credential domain requirement type, and the corresponding plugin was not also installed on Operations Center, then no remote credentials were returned when the master queried for them. With this fix, credential domain requirements are deserialized differently on the Operations Center so that missing classes are handled gracefully.

Minor Switch MCP to use NIO to get better failure diagnostics (CTR-305

If a directory or file could not be created during a Move/Copy/Promote Operation there were no details informing the user of the cause of the issue. With this fix, the code uses the newer NIO API to enable better error messages in the case of failure.

Minor White bar on top of Teams view (CTR-305)

A blank or white line appeared at the top of the “Teams” view. With this fix, the page design was updated to remove extraneous whitespace.

Minor Invalid credentials cached if refreshed during shutdown(CTR-318)

Credentials cached by client masters could have been lost if the credentials were fetched from the Operations Center as the Operations Center was shutting down. With this fix, the Operations Center signals to client masters that it is shutting down and updated credentials are not available at this time.

Minor Option to decrease master backup time (FNDJEN-809)

During SFTP backups, every single file which needs to be backed up is transferred, one-by-one, to the SFTP server, where it was packed into the backup file destination. Because of this, even the simplest master backup can required hours to be done. With this fix, users now have the option to backup locally and then upload the backup to the SFTP server to decrease backup time.

Minor Password character blocks masking (JENSEC-50)

When certain characters were included in passwords, masking was blocked. With this fix, password masking now masks strings that match the escaped forms of credentials using the escaping algorithms used in sh, bash, zsh, batch, and powershell. This helps fix the issue where shell echoing is enabled (+x) and credentials are included in parameters echoed back.

Minor Reduce unnecessary repo clones for PRs (NGPIPELINE-245)

For "Merge" pipeline runs of Pull Requests on GitHub, Jenkins resorts to cloning the whole repository on the Jenkins Master in order to merge the source and target branches. With this fix, Jenkins uses the GitHub API to get the merged Jenkinsfile from the Pull Request “merge_commit_sha”, causing pipelines for open merge PRs to run on the first scan after upgrade.

Minor Clicking on imported template gives 404 (NGPIPELINE-451)

Users clicking on an imported template in a catalog were receiving 404 errors. With this fix the link is correctly redirected to the Pipeline Template page when users click on a template in a Pipeline Template Catalog.

Known issues

Minor Security Advisory

Security Advisory

See also