Please make sure that you are using the latest
provision-builder.sh and init-builder-0.2.sh before you upgrade to this release:
https://s3.amazonaws.com/circleci-enterprise/provision-builder.sh
https://s3.amazonaws.com/circleci-enterprise/init-builder-0.2.sh
As part of this release we’re changing the behavior of artifacts to only serve an allowed set of content-types. This means we won’t serve .html files as text/html. This is a security risk on CircleCI Enterprise since artifacts are served on the same domain as the rest of the site – as a result, any user or malicious code used as part of your build can push a specially-crafted artifact and gain control of another user’s account.
If this is an issue, you can override this behavior by setting “Serve artifacts with unsafe content-types” in the admin console. We don’t recommend this, but we’re providing it for backwards compatibility.
This release also includes some changes to container networking. Containers now each use a /24 in the subnet 172.16.1.0/16 by default.
If this conflicts with your private network, or if you were editing lxc-net
manually in order to fix a prior conflict, you can now use
CIRCLE_CONTAINERS_SUBNET and CIRCLE_CONTAINERS_SUBNET_NETMASK_LENGTH
on the builders to configure those.