The Jenkins Blog

Damien DUPORTAL

Damien is the Jenkins Infrastructure officer and a software engineer at CloudBees working as a Site Reliability Engineer for the Jenkins Infrastructure project. Not only he is a decade-old Hudson/Jenkins user but also an open-source citizen who participates in Updatecli, Asciidoctor, Traefik and many others.

Jenkins April 2023 Newsletter

Key Takeaways There was one security advisory this month announcing vulnerabilities regarding Jenkins plugins. Cloud Cost Controls with improved resource cleanups and VM usage optimization to face the increased rate of builds on ci.jenkins.io. Thanks to DigitalOcean for their continued support and ($8,400 credit) sponsorship of Jenkins. Ppc64le docker agent images are now available. Jenkins at cdCon + GitOpsCon! Contributed by: Wadeck Follonier In April, there was...

Alyssa Tong
Damien DUPORTAL
Kevin Martens
Mark Waite
Bruno Verachten
Wadeck Follonier May 10, 2023
Jenkins March 2023 Newsletter

Highlights Jenkins 2.397 and 2.387.2 are both using new Linux repository signing keys. The Pipeline graph view plugin continues to evolve and improve as a Pipeline visualization replacement for Blue Ocean. The number of pull requests merged for jenkins.io crossed into triple digits this month (101). Contributed by: Mark Waite Jenkins' installers for Debian and Red Hat have all been signed with new PGP private...

Alyssa Tong
Damien DUPORTAL
Kevin Martens
Mark Waite
Bruno Verachten
Kevin Guerroudj April 12, 2023
Jenkins February 2023 Newsletter

Highlights FOSDEM 2023 insights Jenkins is a mentor organization for Google Summer of Code Several container image updates Jenkins Awards voting is now open Contributed by: Alyssa Tong FOSDEM 2023 Returning to FOSDEM for the first in-person event since COVID was both exciting and nostalgic for our Jenkins contributors. It was exciting to see the same crowd size and enthusiasm by attendees. Many thanks to the wonderful FOSDEM organizers...

Alyssa Tong
Damien DUPORTAL
Kevin Martens
Mark Waite
Kevin Guerroudj
Bruno Verachten March 9, 2023
Maintenance with downtime of JFrog Artifactory (repo.jenkins-ci.org) 18 of December of 2022

Maintenance with downtime of JFrog Artifactory (repo.jenkins-ci.org) December 18, 2022 December 18, 2022: our sponsor JFrog will proceed to perform maintenance of our "jenkinsci" Artifactory instance. Expect a complete downtime of about 6 hours due to the nature of this maintenance. The maintenance involves cloud migration from Google Cloud to Amazon Web Services. Impacts Only Jenkins contributors will be impacted, as no releases or builds...

Damien DUPORTAL December 9, 2022
Docker Image: new Exit and Restart Behavior for Controllers

The Jenkins project provides Docker images for controllers (and more). Beginning with Jenkins 2.344 released April 18, 2022 and Jenkins 2.332.3 released May 04, 2022, the behavior of the "Exit" and "Restart" lifecycle of the controller image jenkins/jenkins changed. TL;DR; Ensure that you have a Container Restart Policy For quick readers: check the How to Add a Container Restart Policy section for immediate...

Damien DUPORTAL
Basil Crow May 27, 2022
Enforced HTTPS for 'mirrors.jenkins.io' and consolidation of the Jenkins Mirrors

The Jenkins project provides a download mirror infrastructure allowing to download Jenkins packages and plugins from a download server close to your location. How Does it Work? When a download request is emitted to either mirrors.jenkins.io or get.jenkins.io, an HTTP redirect response to a mirror download server is answered. The Jenkins infrastructure uses a database of existing mirror servers provided by volunteers and...

Damien DUPORTAL May 13, 2022
Spring Framework RCE, CVE-2022-22965

A remote code execution vulnerability has been identified in the Spring Framework. This vulnerability is identified as CVE-2022-22965. Spring officially reacted early in an early announcement. SpringShell in Jenkins Core and Plugins The Jenkins security team has confirmed that the Spring vulnerability is not affecting Jenkins Core. There is no impact because we are using Stapler as a servlet, and neither Spring MVC nor Spring...

Wadeck Follonier
Damien DUPORTAL
Mark Waite March 31, 2022