Released: August 09, 2021
Pipelines 1.17.3 requires Artifactory 7.24.1 and above.
Support for Helm Blue-Green Deployments
Introduced three new native steps to support Helm Blue/Green deployments on Pipelines. These native steps can be used to configure a Blue/Green strategy for Helm deployments on Kubernetes. This feature enables users to test releases in production before making them visible to users, while also providing a quick way to roll back changes if needed. For more information, see HelmBlueGreenDeploy, HelmBlueGreenCleanup, and HelmBlueGreenRoleSwitch.
Pipeline-level Integrations and Resources
When defining a pipeline's YAML, integrations, input resources, output resources, and affinity groups can now be specified globally in the
pipelines configuration section to apply them to all steps in the pipeline. When an affinity group is defined at the pipeline level, all steps in the pipeline are added to the same affinity group. This is especially useful for small pipelines that need to easily share local data. For more information, see Defining a Pipeline.
Signed Pipelines Enhancements
- Added signed pipelines support for Docker images pushed in a DockerPush step and signed release bundles created in the CreateReleaseBundle native step. For more information, see Signed Pipelines.
- Added support for PowerShell versions for signed pipelines in the MvnBuild and GradleBuild native steps.
Support for Adding Values Definition in the UI
When using a template, you can now add values definition for the pipeline source without pointing it to an SCM repository. When adding the pipeline source, the values can be defined directly in the UI. For more information, see Managing Pipeline Sources.
Support for SSH/HTTPS Clone for GitRepo Resource
GitRepo resource now includes a new tag that can be configured to use either SSH or HTTPS protocol when cloning a Git repository. For more information, see GitRepo.
Branch Name in Run View
When working with multi-branch pipelines, the run view now displays a breadcrumb that includes the name of the branch being used and a drop-down that lists all the branches. This enhancement enables you to easily navigate between different branches.
HTTPS Clone Support for BitBucket Server
Pipelines now provides HTTPS Clone support for BitBucket Server.
SMTP Credentials Integration Enhancement
Added a new option to the SMTP Credentials integration called
ignoreTLS that provides more flexibility when connecting with SMTP servers. For more information, see SMTP Credentials Integration.
Support for New AWS Region
Added support for the new AWS region in Osaka, prod-apne3.
- Fixed an issue whereby, Pipelines was exceeding the rate limits of cloud providers.
- Fixed an issue whereby, Jenkins steps were getting skipped due to an unmet dependency.
- Fixed an issue whereby, pipeline source sync was failing with exception when using local templates.
- Fixed an issue whereby, the node init script in RHEL 8 static nodes was failing.
- Fixed an issue whereby, steps were getting stuck when reqKick failed to call stepArtifacts API.
- Fixed an issue whereby, the Runs dropdown was intermittently redirecting to 404.
- Fixed an issue whereby, long logs were not visible in the console logs.
- Fixed an issue whereby, pipeline source sync was failing when the same repo with different capitalization was added multiple times as pipeline source.
- Fixed an issue whereby, the reqSealer microservice, on retry attempts, was uploading head.json, step.json, and info.json files with zero bytes to Artifactory, causing the files to be empty.
- Fixed an issue whereby, the SMTP emailAuthPassword property was not masked when creating SMTP Credentials Integration.
- Fixed an issue whereby, an exception was occurring in pipeline source sync when a step had a node pool specified by name and there were no dynamic node pools.
- Fixed an issue whereby, every commit was triggering pipeline source sync.
- Fixed an issue in authentication header parsing in the incoming webhooks API.
- Several fixes to improve performance and stability.
Released: August 18, 2021
Pipelines 1.17.6 requires Artifactory 7.24.3 and above.
- The security concerns that limited the use of Docker commands on Azure and GCP SaaS environments have been resolved. Docker commands can now be used in all steps.
- Fixed an issue whereby, some API calls were receiving 404s and 401s when control-plane nodes were downscaling and upscaling. Pipelines router was upgraded to 7.23.1 to resolve this issue.
- Fixed an issue whereby, deleting pipelines was resulting in too many API calls and deletion was taking too long to finish.
- Fixed an issue that prevented Pipelines from getting installed on machines that had docker-compose version 1.28.x and above installed.
- Fixed an issue in pipelineSync that was causing memory spikes in both API and pipelineSync.
- Total build minutes on SaaS free tier is now limited to 2000 per month.
Released: August 30, 2021
Pipelines 1.17.8 is Available as On-prem Version
The JFrog Pipelines 1.17.8 release is available as an On-prem version only.
- Fixed an issue whereby, Kubernetes nodepool deployments were getting stuck in a crashloop due to an error in the init container when using custom certificates.
Released: September 13, 2021
Pipelines 1.17.9 is Available as On-prem Version
The JFrog Pipelines 1.17.9 release is available as an On-prem version only.
Fixed an issue whereby, custom certs inside build container were not working on Kubernetes dynamic pool.
Released: July 03, 2021
Pipelines 1.16.0 requires Artifactory 7.21.3 and above.
Pipelines 1.16.0 is Available as a Cloud Version
The JFrog Pipelines 1.16.0 release is available as a Cloud version and will be available for on-premise shortly.
The approval gates feature enables you to insert a manual approval process for a step in a pipeline. Approvers can approve or reject steps, and receive Slack and e-mail notifications for steps that require approval. For more information, see Approval Gates.
The conditional workflow feature enables users to choose if a step executes or skips based on certain conditions set for the previous upstream step. This provides more flexibility in the execution logic of a pipeline. For more information, see Conditional Workflows.
Utility Functions for Signed Pipelines
Added new utility functions to support signed pipelines. For more information, see Pipelines Utility Functions.
Improved Logs for Signed Pipelines
Pipelines will now post logs to step consoles when steps are getting signed. This will help users to identify the cause of failures during the process of signing a pipeline.
Support for failOnValidate
createReleaseBundle native step now supports the
failOnValidate tag, which can be configured to fail a step if the signatures of build artifacts cannot be verified. For more information, see CreateReleaseBundle.
- Resolved an issue, where pipelines sync failed when custom certs were used.
- Resolved an issue, where pipelines branch sync was taking too long.
Steps skipped as a result of a
newVersionOnlysetting in input resource(s) no longer result in a skipped status for the run.
- Updated several third-party dependencies to improve security and stability.
- Individual step timeouts listed in the step YAML will now be limited by the platform and node pool configurations.
Released: July 09, 2021
Pipelines 1.16.1 requires Artifactory 7.21.3 and above.
Support for PostgreSQL 13.3
Pipelines installer now installs PostgreSQL 13.3.
- An RCE vulnerability was fixed in the hookHandler service.
- Resolved an issue, where pipelines failed because steps could not resolve an error.
- Resolved an issue, where a step's maximum timeout value was being limited by the node pool's timeout configuration.
- Resolved an issue, where, Pipelines was taking too long to install and initialize.
- Resolved an issue with RHEL 8 node initialization.
- Updated several third-party dependencies to improve security and stability.
Released: May 26, 2021
Pipelines 1.15.2 requires Artifactory 7.19.4 and above.
The signed pipelines feature is a verification system that determines which pipelines/steps generated a specific artifact. The signing process creates trust and provides a way to validate the immutability of the artifacts, which are generated during the run of a pipeline, and the authenticity of packages. For more information, see Signed Pipelines.
Enhanced GoPublishBinary Native Step
- A new tag has been introduced for the GoPublishBinary native step, which can be configured to fail the step if the signatures of build artifacts cannot be verified. For more information, see GoPublishBinary.
- The GoPublishBinary native step now passes the
--detailed-summaryflag to the JFrog CLI when uploading the binary.
Enhanced HelmDeploy Native Step
In addition to BuildInfo, the HelmDeploy native step now supports ReleaseBundle as an input resource. For more information, see HelmDeploy.
Global Template for Kubernetes Deployments
Pipelines now includes a new global template for Kubernetes deployments that encompasses a full end-to-end workflow, starting with GitRepo and ending with deployment using helm. For more information, see HelmPublishAndDeploy.
Pipelines now provides an option to enable auto-sync for outdated pipeline source, which ensures that if a step fails due to the pipeline source not being in sync, all the matching GitRepo resources using the same repo path, integration, and branch are automatically re-synced, prompting an automatic trigger of the step. For more information, see Pipeline Source Sync Recovery.
This release of Pipelines includes the following UI enhancements:
- The Extensions and Templates pages have now been merged into a single page called 'Extensions & Templates'.
- The Runs dashboard now shows an aggregated view of steps and resources for a specific run.
- Clicking a step directs users to the step details.
The Steps tab lists all the steps in a run. The list has search/filter option and sort capability for each column.
The Resources tab lists all the input and output resources of the run.
Vault mlock Enabled for all Pipelines Installations
Vault mlock is now enabled for both non-k8s and k8s Pipelines installations.
Fixed an issue, whereby out-of-memory errors in the build agent are now handled more gracefully and will show an appropriate message in the step's console logs.
Fixed an issue with the
send_notificationutility function that prevented users from sending email notifications using an SMTP integration.
- Adjusted the HTTP keep-alive interval to reduce the occurrence of HTTP 502 responses due to stale connections
Updated the v1/nodes APIs to prevent certain node operations from being initiated by users.
- All the GET APIs that return an array of results now enforce a default limit on the number of results returned.
- Updated GitRepo clones to only clone one branch when shallow depth is set.
- Pipelines on-prem only: Fixed an issue, whereby the installer would not update the Vault IP address.
- Pipelines on-prem only: Removed installer's dependency on Python 2.
Released: June 03, 2021
Pipelines 1.15.3 requires Artifactory 7.19.4 and above.
- Fixed an issue that prevented adding different branches of the same Bitbucket repository as separate single-branch pipeline sources.
- Fixed an issue, where some pipeline runs were stuck in 'waiting' for longer than expected.
- Pipelines on-prem only: Fixed an issue, where pipelinesync was failing when custom certs were in use.
Released: June 14, 2021
Pipelines 1.15.5 requires Artifactory 7.19.4 and above.
Pipelines 1.15.5 is Available as a Cloud Version
The JFrog Pipelines 1.15.5 release is available as a Cloud version and will be available for on-premise shortly.
Due to a security concern that was recently discovered in Pipelines, the following functionality has been temporarily turned off for customers on Azure and GCP:
- Docker commands (such as Docker build, push, compose, and others) in all steps, except DockerBuild and DockerPush, have been turned off.
- The DockerBuild and DockerPush native steps are not affected and will continue to work as before, but onStart, onSuccess, onFailure, and onComplete configured under the Execution section of YAMLs will not work.
This does not affect customers on AWS.
Released: March 31, 2021
Pipelines 1.14.1 requires Artifactory 7.17.4 and above.
Enhancements to HelmDeploy Native Step
HelmDeploy native step has been enhanced to support filespec and buildinfo input resources. For more information, see HelmDeploy.
Onboarding Wizard for Pipelines
The Pipelines UI now includes an onboarding wizard to help new users get started with adding an integration, a pipeline source, and a node pool.
Environment Variables Configuration Improvements
It is now possible to add a description and configure the possible list of values for environment variables. These configurations are intended to guide users when creating a custom run configuration. For more information, see Pipelines Environment Variables.
Pipeline and run views now include search and filter capabilities. This enables you to quickly search pipelines by name and filter pipelines by status. For more information, see Pipeline History.
Pipelines in Projects
Use Pipelines capabilities in the scope of JFrog Projects. JFrog Projects is a management entity for hosting your resources (repositories, builds, Release Bundles, and Pipelines), and for associating users/groups as members with specific entitlements. Offload and delegate Pipelines tasks, such as adding integrations, pipeline sources, and node pools, to Project Admins on the scope of their specific projects. For more information, see Projects.
Support for PostgreSQL 13
Pipelines installer now installs PostgreSQL 13.
Fixed an issue, where running containers were left behind after a run. The build nodes will now delete any existing docker container before starting the execution of a new affinity group and the list of existing containers will be added to the step console.
Fixed an issue, where the
isSignedproperty of a signed output ReleaseBundle resource was not set correctly in all DistributeReleaseBundle and CreateReleaseBundle steps on Windows.
Fixed an issue with the CreateReleaseBundleand DistributeReleaseBundle steps, where the step failed on Windows when the Distribution integration did not have a signing key.
Fixed an issue, where the runTrigger service crashed when a static node pool was deleted.
Fixed an issue, where static node pools were correctly configured to use insecure docker registries.
Fixed an issue, where extensions did not export environment variables for integrations used as inputs to the step.
Fixed an issue, where dependencyMode would wait for a step even if it was never triggered.
Fixed an issue with the Matrix step type, where posting test reports succeeded only on one steplet when multiNode was set to
Fixed an issue in the UI, where some calls failed with a 400 error if there were a large number of items to be fetched.
Released: April 08, 2021
Pipelines 1.14.2 requires Artifactory 7.17.4 and above.
Fixed a command injection vulnerability in the pipeline sync service.
Released: April 26, 2021
Pipelines 1.14.4 requires Artifactory 7.17.11 and above.
Support for JFrog CLI Version 1.46.1
All native steps now use JFrog CLI version 1.46.1.
Fixed a remote code execution vulnerability in the piplelineSync microservice.
Released: May 11, 2021
Pipelines 1.14.7 requires Artifactory 7.17.12 and above.
Pipelines 1.14.7 is Available as a Cloud Version
The JFrog Pipelines 1.14.7 release is available as a Cloud version and will be available for on-premise shortly.
User-configured Docker Registry and Secret
Pipelines now enables users to specify their own custom registry and secret to resolve the docker images used in the k8s build plane (reqKick and dind). For more information, see the Core Services Configurations section in Pipelines System YAML.
Released: May 26, 2021
Pipelines 1.14.8 requires Artifactory 7.17.13 and above.
Pipelines 1.14.8 is Available as on-prem Version
The JFrog Pipelines 1.14.8 release is available as on-prem version and will be available for Cloud shortly.
Resolved an issue where dynamic Ubuntu 18 nodes were failing when using Pipelines 1.14.6.
Released: March 17, 2021
Pipelines 1.13.0 is Available as a Cloud Version
The JFrog Pipelines 1.13.0 release is available as a Cloud version only.
Support for Extensions in Windows Node
Pipelines nodes now support Windows operating system. Windows can be set as a platform while adding Extension resources and steps. For more information, see Pipelines Extension Resource Model and Pipelines Extension Step Model.
This release includes the following UI enhancements:
- The My Pipelines, Pipeline Sources, Integrations, Node pools, Extensions, and Templates pages now show helpful information instead of empty tables (if there is no data to be displayed).
- On the Run dashboard:
- The Step dropdown has been updated to show the status for each step.
- The Tests tab for a run now displays an error icon if one or more tests of a step fail.
- In the Run History section and the Pipeline dashboard, the Triggered By and Context tabs have been enhanced:
- For runs that were created due to a source control event such as, commit/pr/tag/release, Triggered By shows the user who triggered the run, and Context shows the commitSha and commitmsg.
- For manual triggers, Triggered By shows the user who manually triggered the run, and Context shows the text, 'Manual Trigger'.
- Fixed an issue, where, with some dependencyMode configurations and a waiting child pipeline, a resource input may not have been updated to the latest resource version.
- Fixed an issue, where errors when downloading state files would only retry thrice but not display the error status code.
- Fixed an issue, where the cleanup group in the console logs may not be closed when the final step in a run completes.
- Fixed an issue, where the file name for an extensions readme file had to be in lowercase.
- Fixed an issue, where the templates dropdown would be empty when trying to add a Pipeline Source from a template.
- Fixed an issue, where the Pipeline Sources page is always empty in some cases.
- Fixed an issue, where node initialization incorrectly showed an error about insufficient disk space.
- Fixed an issue, where the UI would show 'Commit' as the event type on GitRepo resources even when the actual event was a PR, tag, or release.
- Fixed an issue, where the GoPublishModule step does not collect environment variables in the build info.
- Fixed an issue, where Windows Server 2019 (w19) build images would not work with Artifactory instances using SSL certs from Let's Encrypt.
Released: March 17, 2021
Pipelines 1.13.1 is Available as a Cloud Version
The JFrog Pipelines 1.13.1 release is available as a Cloud version only.
- Fixed an issue, where, because of a bad health check configuration, Pipelines was failing to initialize for SaaS customers who upgraded from certain versions of Artifactory.
Released: February 09, 2021
Pipelines 1.12.1 is Available as a Cloud Version
The JFrog Pipelines 1.12.1 release is available as a Cloud version. 1.12.2 release is now available for on-prem.
Pipeline of Pipelines View - Runs-level
Pipelines now enables you to view the end-to-end multi-pipeline map for a specific run, which shows the complete path for that run. For more information, see Viewing Pipelines.
Consolidation of Administrator Tasks
Based on customer feedback, several administration tasks, such as adding/editing Integrations, Pipeline Sources and Node Pools, have been consolidated under the Pipelines section in the Administration tab. In addition, Pipelines and Admin integrations can now be added from the same page. For more information, see Configuring Pipelines.
Timestamps on Console Logs
Timestamps are now displayed for console logs and sub-logs, node initialization logs, and sync logs. This eliminates the need for downloading logs to view timestamps.
Set Retention Policies
Pipelines now includes the ability to specify retention policies for pipeline-related artifacts, such as console logs, state, test reports, and others. Retention policy can be set at system level or pipeline level. For more information, see Setting Retention Policy.
- Fixed an issue, where the write_out utility function was failing silently in a small set of scenarios.
- Fixed an issue, where the Hide key button was not working as expected.
- Fixed an issue, where the scroll position on Nodes table was reset every few seconds.
Released: February 18, 2021
- Fixed an issue in k8 installs, where removal of a Rabbit-mq pvc could cause Pipelines to go into a crash-loop.
Released: January 21, 2021
Pipelines 1.11.0 is Available as a Cloud Version
The JFrog Pipelines 1.11.0 release is available as a Cloud version and will be available for on-premise shortly.
As of this release, build nodes no longer need to connect to RabbitMQ. As a result of this, after upgrading to Pipelines 1.11.0:
- Steps that were running before and during upgrade might time out. If this happens, run the steps again.
- Re-initialize all static nodes for the builds to run.
We recommend updating the service and build image registry during upgrade.
Pipeline of Pipelines view - Pipelines-level
Pipelines now includes a graph view for individual pipelines, which displays dependencies across pipelines and makes it easy to understand the end-to-end workflow. For more information, see Viewing Pipelines.
Auto-fetch Repository and Branch for Pipeline Sources
When adding a pipeline source, based on the information you have provided for the selected integration, the full name of the repository and the branch is automatically fetched. For more information, see Adding a Pipeline Source.
Enhanced MvnBuild native step
The MvnBuild native step has been enhanced based on customer feedback. The new step does not require the Artifactory plugin, and step configuration has been updated to add options for resolving dependencies and to work with default configuration.
Native steps updates
All native steps have been updated to display executed commands in console logs. Default configuration values have been added where possible.
Users have the ability to validate several integrations before creating or editing them. These include Artifactory, Distribution, Github, Github Enterprise, Bitbucket, Bitbucket Server, and Gitlab.
- Fixed an issue, where the Control Plane container was running with root access.
- Fixed an issue, where targetRepo was not displayed in the context menu for a BuildInfo resource.
- Fixed an issue, where the error message while adding an integration with a duplicate name was misleading.
- Improved several error messages shown while adding pipeline sources.
- Fixed an issue, where a token for a Jenkins integration could not be erased and regenerated.
Released: February 01, 2021
Custom CA for Pipelines
TLS connections can now be configured to be used within the JFrog Pipelines between different nodes and services. For more information, see Configuring TLS Certificates for Pipelines.
Released: December 23, 2020
Pipelines 1.10.0 is Available as a Cloud Version
The JFrog Pipelines 1.10.0 release is available as a Cloud version and will be available for on-premise shortly.
Pipeline of Pipelines view
Pipelines now includes a graph view, also called Pipeline of Pipelines view, which displays a combined graph view of interconnected dependent pipelines. This makes it easy to view dependencies across pipelines and understand the end-to-end workflow. The Pipeline of Pipelines view is available as a toggle on the My Pipelines page. For more information, see Viewing Pipelines.
Easier addition of Artifactory and Distribution integrations
Username and URL are automatically added when you select Artifactory or Distribution integration. In addition, these integrations provide the option to automatically fetch the existing API key or create a new one. For more information, see Artifactory Integration and Distribution Integration.
Ubuntu 20.04, CentOS 8 and RHEL 8 Platform Support
Pipelines can now be installed on Ubuntu 20.04, CentOS 8 and RHEL 8. Static node pools can be added for all the newly supported platforms, while dynamic node pools can be added for Ubuntu 20.04 and CentOS 8.
Fetch branches for multibranch pipeline sources
Users can now fetch and sync specific branches for a multibranch pipeline source. This helps users in situations where a pipeline is not automatically created for a branch because the branch creation webhook was missed for some reason. For more information, see Fetching Branches.
Clickable rows on My Pipelines page
On the My Pipelines page, clicking anywhere on the row for single branch pipeline now takes you directly to the pipeline. Clicking the parent row for a multibranch pipeline now reveals all branches associated with the pipeline. In addition, clicking one of the branches takes you to the branch view for that pipeline.
Retry mechanism added for Native steps
All native steps have been enhanced by adding retries for commands that could fail due to a network glitch or other external factors.
Changed default branch name for Github/Github Enterprise
The default branch name has been changed to
main while adding a pipeline source with a Github/Github Enterprise integration.
- Improved error handling around addition of pipeline source.
- Fixed an issue, where
excludePatternsconfiguration was not working for
- Fixed an issue, where the
pipelines --versioncommand did not work if the
installcommand was not executed earlier.
- Improved logging to show when
no_proxyenv is set.
Released: December 03, 2020
- Fixed a step skip issue that can occur when source repos have hundreds of branches.
Released: November 19, 2020
Pipelines 1.9.3 is Available as a Cloud Version
The JFrog Pipelines 1.9.3 release is available as a Cloud version and will be available for on-premise shortly.
Pipelines templates now enable users to define templates for pipeline definitions and use these templates while creating pipelines. An example template for building and pushing docker images to Artifactory is included with this version.
A Matrix step can now be configured such that each steplet runs on its own build node in the same node pool.
Support for Insecure Registries for Dynamic Nodes
At the node pool level, users can specify a comma-separated list of allowed insecure docker registries.
Support for External Vault
Pipelines installer can now be configured to use an external Vault.
Access to Resources between different types of branches
Resources between different types of branches are now accessible to each other:
- Resources in single branch pipelines are accessible in multibranch pipelines.
- Resources in multibranch pipelines are accessible in single branch pipelines.
- Resources in multibranch pipelines are accessible across branches.
Show when a Node was last initialized
The Node Pool page now includes a column to show when a node was last initialized.
Set custom values for build name and build number when used in Native steps
Earlier versions of Pipelines did not allow customization of
buildNumber for a BuildInfo resource, when used as an outputResource in Native steps like NpmPublish, DockerPush, etc. With this release, you can set the
JFROG_CLI_BUILD_NUMBER environment variables in the NpmBuild, DockerBuild, or similar build steps, which will be used to set the
buildNumber. The resource definition for BuildInfo has been updated to make
Available Parallel Builds and other enhancements
The Node Pools page has been enhanced to show the following:
- Total number of concurrent builds available (based on license).
- Total number of concurrent builds that are currently executing across all node pools.
Additionally, the following information is available at a node pool level:
- Max limit, which is the maximum number of nodes that can be provisioned in the node pool.
- Nodes provisioned, which is the number of nodes currently provisioned in the pool. Note that some of these nodes might be idle.
- Nodes in use, which is the number of nodes currently processing a step.
Signing key passphrase support for signing release bundles
An optional new field called
Signing key passphrase has been added to the Distribution integration, which allows the user to securely set the signing key passphrase for a release bundle.
Pipelines extensions improvements
Users can now view extension documentation in the UI.
Support for PostgreSQL 12.3 and RabbitMQ 3.8.3
Pipelines installer now installs PostgreSQL 12.3 and RabbitMQ 3.8.3.
New runtime images added for Go 1.14 and 1.15
We released new images that will be used as default images when a user specifies Go 1.14 or 1.15 as the language and version in their pipelines yaml configuration.
- Fixed an issue, where users were not able to add a pipeline source, when trailing slash was present in Bitbucket Server integration URL.
- Fixed an issue, where canceling a Jenkins step did not work for multibranch Jenkins pipelines.
- Fixed an issue, where the first run of a Jenkins step would trigger a multibranch Jenkins pipeline without parameters, causing the step to fail.
- Fixed an issue, where syncing a pipeline was failing if a Jenkins step's branch name contained a slash.
- Fixed an issue, where node pools list default badge was cut off for long names.
- Fixed an issue, where the user was prevented from saving changes to node pool configuration unless specific fields on the Edit node pool page were edited.
Released: September 8, 2020
Requires Artifactory 7.8.0 or newer.
New Extensions Source Format and Version Identification (Breaking Change)
The required format for Pipelines Extensions source repositories has changed to accommodate redesign of version management.
Improved control over execution logic of parent and child pipelines
Pipeline DSL can set a
dependencyMode parameter and
chronological flag so that a pipeline will not execute until its parent pipeline is in a known state of completion. These configuration options help ensure that the resources used by the pipeline are in a steady state that will not be overwritten by another pipeline or run.
Skip build on commit
A developer can now override an automatic pipeline trigger on commit by including the text
[skipRun] in a commit message.
Cancel previous runs on commit
A GitRepo resource now recognizes optional configuration of a
cancelPendingRunsOn event, to automatically cancel any queued or in-progress run that was triggered by the same GitRepo resource.
Skip Downstream When Resource not Updated
Resources may now be optionally configured through a
newVersionOnly flag to trigger only when an input resource has been updated by the prior step or pipeline.
- Fixed an issue where steps were occasionally stuck in Queued state when executing on a dynamic node pool
- Fixed an issue where custom images could not be pulled when executing on a Kubernetes node pool
- Fixed an issue where the My Pipelines page sometimes showed a list of pipelines for a previously logged in user
- Fixed an issue where secure fields in the GET /hooks route were not filtered in the response
- Fixed an issue where steps could get stuck if they were configured to run in parallel and were configured with
- Fixed several validation issues on Integrations pages
- Fixed an issue where Active Runs page did not show Context and other information for some runs
- Fixed an issue where static nodes did not go to Failed state in some cases
Released: October 12, 2020
- Fixed a security issue by ensuring the API /pipelines/:pipelineId/latestState returns a token with user-level permissions.
- Fixed an issue to ensure builds schedule without delays on Kubernetes deployments in heavy loads.
- Fixed an issue where PostgreSQL healthchecks were timing out on Azure due to delayed response.
Released: November 19, 2020
- Fixed a security vulnerability where unauthenticated path traversal could lead to sensitive data exposure.
Released: July 30, 2020
Requires Artifactory 7.7.0 or newer.
Resource Manager Permissions
Users and groups that have been granted Manage Resources permissions can create/edit/delete Pipeline Sources, Integrations, and Node Pools.
Helm 3 support
UI Performance Improvements
Customers will experience improved performance while switching between different Pipelines UI pages
Linting support added to HelmPublish step
Customers can use the lint and lintFlags tags to check for issues with the chart that will be published.
Timestamps for downloaded logs
Downloaded logs now show timestamps for easier debugging.
Updated build images
All runtime images have been updated with latest release versions of tools. The following new images were added:
- Fixed several UI validation issues while adding/editing node pools
- Fixed an issue where integration secrets were sent in clear text when an API was called with an admin token
- Fixed an issue where user-agent for BuildInfo created by Pipelines native steps was set incorrectly
- Improved resiliency with more elegant handling of message queue outages
- Fixed an issue where websockets were not working for Matrix steplets
- Fixed an issue where resource deletion did not work as expected if the resource had 100+ versions
- Fixed validation and error handling for the RemoteFile resource to prevent static properties like fileName and fileLocation from being changed after resource creation.
- Fixed an issue where multiple webhooks were being created for pipeline sources in the source control provider in some cases
- Fixed an issue where Postgres image was pulled during installation, even when customer wanted to use an external database
- Fixed an issue where build plane images for a SaaS installation were not filtered by the relevant region.
- Fixed an issue where Run with custom configuration did not work when the step had an IncomingWebhook inputResource
- Fixed an issue where values for inputs for Run with custom configuration were hidden in the UI
- Fixed an issue where helm chart was not included in the release bundle created with the CreateReleaseBundle native step, when a promoted BulldInfo and a non-promoted BuildInfo pointing to the published Helm chart are provided as inputs
- Fixed an issue where Pipelines health checks were failing for Vault versions 1.3.4+
- Fixed an issue where Copy button wasn't working on the Add Node page, preventing customers from easily copying ssh access scripts to clipboard.
- Fixed an issue where keys and values were reversed while displaying the context menu for a PropertyBag resource in Pipeline and Run visualizations
- Fixed an issue where Pipelines installation using Helm failed if jfrogUrlUI configuration had a trailing slash
- Fixed an issue where a Pipeline source could not be added if the branch names was less than or equal to 3 characters long
- Fixed an issue where stopped.failed Kubernetes nodes continued to be displayed in the Node Pools UI
Released: July 30, 2020
- Fixed an issue where upgrades can fail
- Fixed an issue where branches on a pipelines instance and bitbucket server could become out of sync
Released: August 11, 2020
- Resolves an issue with buildplane image caching when using a Kubernetes node pool
Released: June 29, 2020
Requires Artifactory 7.6.0 or newer.
My Pipelines UX Changes
- Added for all JFrog Platform users the ability to mark pipelines as personal "favorites" to filter display to only the set of pipelines of interest.
- Multibranch pipelines are now presented in an expandable/collapsible row for individual branch status.
Dynamic Node Pools with Kubernetes
Added features that enable extending the Pipelines DSL with user-defined steps and resources. This includes addition of a Pipelines | Extensions tab to add source repositories as extension sources and manage extension lifecycles.
A new Jenkins Server Integration and Jenkins native step have been added to enable initiation of and return from a Jenkins build within a pipeline. The earlier Jenkins integration and methods will still function where used, but have been deprecated.
- Fixed an issue where default docker logging was taking up too much space on the machine where Pipelines was installed
- Fixed an issue where adding or saving an integration did not redirect to Integrations list page
- Fixed an issue where triggering more than 100 runs together was causing unexpected errors
- Fixed several UI issues where optional fields were treated as required
- Added virtual scroll capability to My Pipelines and Pipeline Sources lists
Released: June 29, 2020
Fixed an issue where a force push under certain conditions caused a pipeline trigger to fail.
Released: July 6, 2020
Requires Artifactory 7.6.3 or newer.
Fixed an issue where triggering a run with custom configuration was not working
Fixed an issue where a link from node page to a run was incorrect
Fixed an issue where Extension sync was not started when Helm installation is used
Fixed an issue where Integration pages did not load for Pipelines Cloud customers
Fixed an issue where Pipelines Cloud users could not add an admin level integration for source control provider
Released: June 1, 2020
Added PropertyBag Resource
A new PropertyBag resource type enables passing of properties between steps.
Dynamic Node Pools for Windows Server on AWS
With this version, Pipelines supports dynamic node pools running Windows Server build nodes on Amazon Web Services.
Dynamic Node Pools for Windows Server on Azure
With this version, Pipelines supports dynamic node pools running Windows Server build nodes on Microsoft Azure.
The ability to reset a resource has been added to the UI of the interactive diagram, enabling a user to correct a resource that is in an invalid state. For example, when a source repository invalidates the SHA that is used by a GitRepo resource.
With this version, Pipelines now supports PostgreSQL versions 10.5 and 11.5 when used as an external database in a custom install. For standard installation, PostgreSQL v9.5 is installed.
- Fixed an issue where the Save button on Dynamic node pool configuration page was not being enabled unless users clicked inside some input boxes
- Fixed issues with incompatible JSON for Call Home feature
- Added documentation for the restart command, which helps restart Pipelines services
- Fixed an issue where installation failed with a package conflict error if the machine already had a later version of libpcap pre-installed
- Fixed an issue where status of a Powershell step shows error if a custom runtime image is not found
- Fixed an issue where upgrading to a later Pipelines version did not automatically provide access to new runtime images
- Fixed an issue where user was unable to update timeout setting for a node pool to an empty value, which would enforce the default timeout value of 3600 seconds
- Fixed an issue where Save button was enabled while configuring dynamic node pools, even when a build plane image wasn't selected
- Fixed an issue where for multibranch pipelines, when the branch name included a '/' , the link from the build status in Bitbucket back to the pipeline run that reported it is broken.
- Fixed an issue where logs weren't available for steps that hadn't run for a long time
- Fixed an issue where manual step execution with custom parameters failed with an error in some scenarios
- Fixed an issue where utility functions did not correctly handle pipeline and run variables with spaces
- Fixed an issue with installation using non-default JFROG_HOME setting
- Fixed an issue where core Pipelines services could not gracefully recover from a RabbitMQ restart in some scenarios
- Fixed several issues for pipelines using Bitbucket Server repositories as a gitRepo resource or pipeline source
Released: June 1, 2020
- Fixed an issue where Pipelines core services were unable to communicate with the message queue when there was a mismatch in SSL certificates
Released: July 10, 2020
- Fixed an issue that prevented running dynamic nodes on Azure
Released: April 14, 2020
Windows Server VM Support
With this version, Pipelines supports node pools of Windows Server build nodes, and provides Windows runtime images.
RHEL7 Platform Support
With this version, Pipelines has been validated to operate on RHEL 7.
RHEL7 Support for Static Nodes
With this version, Pipelines supports RHEL7 static node pools.
To support execution in Windows Server runtimes, a Powershell generic step has been added to the DSL for Windows Powershell scripts.
Dynamic Node Pools on GCP
With this version, Pipelines supports dynamic node pools running build nodes on Google Cloud Platform.
Dynamic Node Pools on Azure
With this version, Pipelines supports dynamic node pools running build nodes on Microsoft Azure.
Additional option to fail a build if Xray scan fails
The failOnScan flag was added to the following step definitions: XrayScan, DockerPush, GoPublishBinary, GoPublishModule, GradleBuild, MvnBuild, NpmPublish, and PublishBuildInfo. When true, the step fails when the scan fails, and when false, the step status is unaffected by scan results. Default is true.
- Improved efficiency of save_tests utility function - users can now provide blobs in addition to just directories and files, so the saved data is smaller.
- Fixed an issue with curl command used inside Native Steps, which caused failures with certificates.
- Fixed an issue with region tag being used for custom runtime images.
- Node limits are now respected for Static node pools.
- Fixed an issue with nodePool tag not being respected when specified at a pipeline level.
- Add automatic login for Azure when integration is supplied as input to a step.
- Fixed an issue with DockerPush native step not publishing the correct BuildInfo.
- GET v1/projectIntegrations no longer returns tokens and credentials in clear text.
Released: April 21, 2020
- Fixed an issue around RHEL7 node initialization
- Fix for potential health-check timeout
Released: February 23, 2020
- Jira integration now supports both v2 and v3 Jira API. The Jira Integration URL setting now requires the base URL of Jira only, not the API endpoint.
- Test reports stored by
save_testsmay now be of any size (size limitation was removed).
- Updated JFrog CLI version to 1.33.2 in all runtime images.
- Added a new REST API to return system info.
- User Interface improvements for usability and fixes.
- Fixed an issue whereby the
pullRequestCreatetrigger in a GitRepo resource was not recognized for a GitLab integration.
- Fixed an issue whereby cleanup of a deleted pipeline source failed to delete child GitRepo webhooks.
Released: March 3, 2020
- Fixed an issue with the CreateReleaseBundle Step that causes a failure in creating a new release bundle.
- Fixed an issue with the SignReleaseBundle Step that causes a failure in signing a release bundle.
Released: March 6, 2020
- Fixed a potential memory leak issue
Released: January 12, 2020
Announcing the new JFrog Platform, designed to provide developers and administrators with a seamless DevOps experience across all JFrog products, supporting the following main features:
- Universal package management with all major packaging formats, build tools, and CI servers.
- Security and Compliance that's fully integrated into the JFrog Platform, providing full trust of your pipeline from code to production.
- Radically simplified administration with all configurations in one place.
- Complete trust in your pipeline all the way from code to production.
- Seamless DevOps experience from on-prem, cloud, hybrid or multi-cloud of your choice.
Get started with the JFrog Platform and learn about new features and functionalities here.
This release introduces a new system configuration file, allowing system configurations to be handled externally to the application, before/after the installation process. Learn More >
Fine grained security
JFrog Pipelines now works with the unified permission model to allow you to define fine grained permissions on Pipeline sources. Admins can also control which integrations and node pools are available for each pipeline source. Depending on the user's permission for pipeline sources, they can view appropriate integrations and node pools.
To enable implementing Gitflow based workflows, JFrog Pipelines now supports multi-branch pipelines. Defining a multi-branch pipeline source enables JFrog Pipelines to monitor all the branches of pipeline source Git repository and trigger the respective pipeline in that branch.
Admins can provide AWS credentials to bring up nodes dynamically on AWS for use in a node pool and automatically tear them down after step execution is completed.
New installation types
JFrog Pipelines now supports Kubernetes, RPM and Debian installation types for the core services.