Skip to content
Pricing
Search
Results from:
Site
Blog
Docs
Images
Orbs
Resources
Site
Blog
Docs
Images
Orbs
Resources

Changelog

Keep up to date with our latest
releases and enhancements.

Server release 4.7.5    

Updates

Bug Fixes

  • CVE fixes
  • Fixed a bug where the pipeline page for OSS repositories could be visible without being logged into CircleCI. Please reach out to your account team for more information.
  • SSH rerun now works in air-gap and in installations with a self-signed certificate on GitHub Enterprise.

Image Updates

  • frontend (underlying container is now circle-www-api)
  • builds-service
  • orbs-service
  • workflows-conductor
  • insights-service

Server release 4.7.4    

Updates

Bug Fixes

  • Various CVE remediations
  • Fixed a bug where the job page for OSS repositories could be visible without being logged into CircleCI. Please reach out to your account team for more information.

Image Updates

  • branch-service
  • branch-service-migrator
  • execution-gateway
  • runner-admin
  • runner-admin-migrator
  • web-ui-onboarding

Server release 4.6.6    

Updates

  • Added support for additional certificates for OIDC
  • Added support for assume_role_arn to the Machine Provisioner configmap
  • Server version now included in support bundles

Bug Fixes

  • Fixed a bug causing the /workflow-run api route to give 404 errors
  • Various CVE remediations
  • Fixed a bug where the job page for OSS repositories could be visible without being logged into CircleCI. Please reach out to your account team for more information.

Image Updates

  • execution-gateway
  • machine-provisioner
  • machine-provisioner-migrator
  • web-ui-server-admin
  • picard

Server Release 4.7.3    

Updates

  • oidc-tasks-service runs migrations before it’s main container is deployed
  • Remote Docker and Machine jobs can now assume an IAM role by configuring machine_provisioner.providers.ec2.assumedRoleArn in your values.yaml

Bug Fixes

  • /workflow-run/ route has been added to kong. Links for approval jobs will now be correctly routed on GHE
  • The OIDC plugin now supports custom certificates
  • A docker-provisioner custom config can not be provided in your helm upgrade command via --set-file
  • upgraded nextjs to resolve related CVEs

Server Release 4.5.8    

Updates

  • Patched critical CVEs in web-ui-insights and webhook-service.

Bug fixes

  • Fixed a vulnerability that allowed unauthenticated access to artifacts associated with public repositories.
  • Resolved a bug that prevented a job from being rerun using SSH.

Server Release 4.7.2    

Updates

  • Patched critical CVEs in web-ui-insights and webhook-service.

Bug fixes

  • Fixed a vulnerability that allowed unauthenticated access to artifacts associated with public repositories.

Server Release 4.4.11    

Updates

  • Updated the library dependencies for runner-admin
  • CVE patches for web-ui-insights and webhook-service

Bug fixes

  • Fixed a vulnerability where artifacts relating to public repositories could be accessed without authentication
  • Fixed a bug where workflows in a terminal state with blocked jobs were incorrectly cancelled when a new workflow was triggered with redundant pipeline cancellation enabled.

Server Release 4.6.5    

Updates

  • Patched critical CVEs in webhook-service.

Bug fixes

  • Fixed a vulnerability that allowed unauthenticated access to artifacts associated with public repositories. Server Release 4.5.8

Server Release 4.3.14    

Bug fixes

  • Fixed a vulnerability that allowed unauthenticated access to artifacts associated with public repositories.

Server Release 4.4.10    

Bug fixes

  • Resolved a bug where machine_provisioner.providers.gcp.network_tags were incorrectly assigned as labels on VM instances instead of as tags.

Server Release 4.6.4    

Updates

  • The provider manager’s connection pool size is now configurable under domain_service.providersMangerMaxPoolSize. The default is set to 10.

Bug Fixes

  • Fixed a bug where OIDC tokens failed to be injected into a job, causing the environment variables $CIRCLE_OIDC_TOKEN and $CIRCLE_OIDC_TOKEN_V2 being missing.
  • Resolved a bug where machine_provisioner.providers.gcp.network_tags were incorrectly assigned as labels on VM instances instead of as tags.
  • Fixed a bug that prevented remote Docker from working in air-gapped environments. An external reaper container repository has been exposed for this and can be configured via docker_provisioner.reaperContainerRepository.
  • Fixed an issue with IRSA roles on AWS GovCloud, which uses the S3 partition aws-us-gov instead of the default aws. This is now exposed in the values file under s3.partition.

New Known Issues

  • Setting a custom reaper container repository (via docker_provisioner.reaperContainerRepository) is currently incompatible with Windows VMs and prevents Windows jobs from running.

Server Release 4.5.7    

Updates

  • The provider manager’s connection pool size is now configurable under domain_service.providersMangerMaxPoolSize. The default is set to 10.

Bug fixes

  • Resolved a bug where machine_provisioner.providers.gcp.network_tags were incorrectly assigned as labels on VM instances instead of as tags.
  • Fixed a bug that prevented remote Docker from working in air-gapped environments. An external reaper container repository has been exposed for this and can be configured via docker_provisioner.reaperContainerRepository.
  • Fixed an issue with IRSA roles on AWS GovCloud, which uses the S3 partition aws-us-gov instead of the default aws. This is now exposed in the values file under s3.partition.

New known issues

  • Setting a custom reaper container repository (via docker_provisioner.reaperContainerRepository) is currently incompatible with Windows VMs and prevents Windows jobs from running.

Server Release 4.7.1    

Updates

  • The provider manager’s connection pool size is now configurable under domain_service.providersMangerMaxPoolSize. The default is set to 10.

Bug fixes

  • Network tags in GCP now function as expected.
  • Fixed a bug that prevented remote Docker from working in air-gapped environments. An external reaper container repository has been exposed for this and can be configured via docker_provisioner.reaperContainerRepository.
  • Improved handling of AWS errors by machine-provisioner

Server Release 4.3.13    

Bug Fixes

  • Network tags in GCP now function as expected.

Server Release 4.4.9    

Updates

  • The provider manager’s connection pool size is now configurable under domain_service.providersMangerMaxPoolSize. The default is set to 10.

Bug Fixes

  • Fixed a bug that prevented remote Docker from working in air-gapped environments. An external reaper container repository has been exposed for this and can be configured via docker_provisioner.reaperContainerRepository.
  • Fixed an issue with IRSA roles on AWS Gov Cloud, which uses the S3 partition aws-us-gov instead of the default aws. This is now exposed in the values file under s3.partition.

New Known Issues

  • Setting a custom reaper container repository (via docker_provisioner.reaperContainerRepository) is currently incompatible with Windows VMs and prevents Windows jobs from running.

Server Release 4.3.12    

Updates:

  • Ability to specify the AWS partition with .object_storage.s3.partition.
  • Ability to specify the reaper image (pause:3.6) with .docker_provisioner.reaperContainerRepository.

Server Release 4.3.11    

Updates:

  • Improved handling of AWS errors by machine-provisioner

Server releases moving to twice yearly    

CircleCI will be moving to twice-yearly major and minor version releases of Server. Releases will be targeted for Spring (April) and Fall (October). Patch releases for bugs and security updates will be made monthly as needed.

Server Release 4.4.8    

Updates:

  • frontend pod will now redeploy when the circleci license has been changed
  • the timeout for windows and linux machine instances can now be configured using machine_provisioner.terminatePendingWindowsAfter and machine_provisioner.terminatePendingLinuxAfter respectively in your values.yaml
  • fixed table ownership issue which prevented insights data from loading

Server Release 4.6.3    

Updates:

  • frontend pod will now redeploy when the circleci license has been changed
  • the timeout for windows and linux machine instances can now be configured using machine_provisioner.terminatePendingWindowsAfter and machine_provisioner.terminatePendingLinuxAfter respectively in your values.yaml
  • nomad server pod replica count will now default to 5

Image Updates:

  • builds-service
  • ciam-gateway
  • authentication-svc
  • orb-service
  • workflows-conductor
  • machine-provisioner
  • api-service
  • domain-service
  • permissions-service

Server Release 4.5.6    

Updates:

  • Frontend pod will redeploy when license updates are made
  • The timeout for windows and linux machine instances can now be configured using machine_provisioner.terminatePendingWindowsAfter and machine_provisioner.terminatePendingLinuxAfter respectively in your values.yaml

Server release 4.4.7    

Changes

  • Increased the default number of nomad servers from 3 to 5 to improve stability
  • Increased memory request and JVM heap size for frontend to 3GB
  • Added support for HSTS

Bug Fixes

  • Fixed issue where remote docker jobs are unable to checkout when assaignPublicIP is false
  • Fixed templating error in Machine Provisioner which resulted in agent_base_url not being set
  • Fixed issue in templating where some services where not referencing the correct registry credential secrets for image pulls
  • Fixed for failing job cancel button

Image Updates

  • runner-admin
  • contexts-service
  • server-postgres

Server release 4.5.5    

Changes

  • Increased the default number of nomad servers from 3 to 5 to improve stability

Bug Fixes

  • Fixed issue where remote docker jobs are unable to checkout when assaignPublicIP is false
  • Fixed templating error in Machine Provisioner which resulted in agent_base_url not being set
  • Fixed issue in templating where some services where not referencing the correct registry credential secrets for image pulls

Image Updates

  • workflows-conductor
  • machine-provisioner
  • contexts-service
  • ciam-gateway
  • auth-service

Server Release 4.3.8    

Fixes

  • Fixes an issue in 4.3.7 that prevented imagePullSecrets from compiling without secrets set.

Server Release 4.5.2    

What’s changed?

  • Authenticated users are now redirected from /server-login to the app subdomain’s dashboard.
  • Users who require admin approval before logging in will now see an error message on the login screen.
  • Improved error handling when retrieving pipeline values from GCS
  • Default resource class can now be set via Repl.
  • Project-based context restrictions now populate the project list.
  • ~Improved k8s runner start up times. Task agent will now be initialized via init image rather than waiting to copy over the agent after the task pod has started.~

Update: Aug 12, 2024. We discovered that the init container changes were not included in this release and have updated the change log.

Server Release 4.2.7    

Enhancements

  • Updated AMIs. These images are now based on ubuntu 22.04. Older images are no longer available at this time.

Bug Fixes

  • Fix to address a change in the Github API validation for the content-type field which is breaking webhook setup for projects

Server 4.1.10    

Change Log

  • Suspended users will receive a more descriptive error upon failure to log in.
  • Bug fixes for SMPT email value.

Server 4.2.6    

Change Log

  • Suspended users will receive a more descriptive error upon failure to log in.
  • Bug fixes for SMPT email value.

Server Release 4.1.9 and 4.2.5    

Bug Fixes

  • fix for hardcoded smtp email in some services
  • CVE fixes for web-ui deployment
  • fix for duplicate volume in domain-service deployment

Server 4.4.3    

Change Log

  • updated task agent version
  • bug fixes for oidc-service

Server 4.4.2    

CHANGES:

Server 4.3.4    

CHANGES:

Server Release 4.4.1    

Fixes

  • Fix Windows machine executors on EC2
  • Allow disabling statsd collection for build agent to decrease startup time
  • Configure remote Docker engine with proxy settings if present

Server Release 4.1.8    

Fixes

Fix incorrect build-agent version

Server Release 4.3.3    

Fixes

  • Fix Windows machine executors on EC2
  • Allow disabling statsd collection for build agent to decrease startup time
  • Fix bug in the postgres image which threw an error when Postgres triggered JIT compilation for a query

Server Release 4.2.4    

Fixes

  • Security updates
  • Removed the unused distributor_dispatcher.disable_concurrency value

Server Release 4.0.6    

Fixes

  • Updated Go version to 1.21.5 in init-known-hosts to address CVEs
  • Concurrency is disabled by default in distributor-dispatcher. Previously, disabling/enabling concurrency limits was a configurable option.
  • Bump Go version to 1.20.12 in distributor to address CVEs

Server Release 4.3.2    

Changes

  • The default 2500 job concurrency limit per organization is now configurable with the Helm value execution_gateway.plan_concurrency.
  • The timeout for downloading machine provisioner agents is now configurable with the Helm values machine_provisioner.machine_agent_download_timeout_seconds and machine_provisioner.agent_download_timeout_seconds.

Fixes

  • Bump Go version to 1.21.5 in Go-based services to address CVEs.

Server Release 4.1.7    

Fixes

  • Bump Go version to 1.20 in distributor and build-agent to address CVEs
  • Concurrency is disabled by default in distributor-dispatcher. Previously, disabling/enabling concurrency limits was a configurable option.
  • Updated Go version to 1.21.5 in init-known-hosts to address CVEs

Server Release 4.2.3    

Fixes

  • Updates to GitHub’s SSH key fingerprints

Server Release 4.3.1    

Before Upgrading

See the CircleCI server 4.3 release notes and upgrade guide for this release.

Release 4.2.1 & 4.1.5    

Before Upgrading

See the CircleCI server 4.2 release notes for upgrade notes for this release.

Release 4.1.3    

Before Upgrading

See the CircleCI server 4.1 release notes for upgrade notes for this release.

Release 3.4.7    

Before Upgrading

See the What’s new in server 3.x doc for upgrade notes for this release.

Release 4.1.2    

Before Upgrading

See the CircleCI server 4.1 release notes for upgrade notes for this release.

Release 4.0.4    

Before upgrading

See the CircleCI server 4.0 release notes for upgrade notes for this release.

Release 2.19.14    

What’s New in Release 2.19.14

Notes

In March 2022 updates to CircleCI server v2.x will stop. Support for customers using CircleCI server v2.x will continue.

Release 3.3.1    

Before Upgrading

See the What’s new in server 3.x doc for upgrade notes for this release.

Release 3.2.2    

Before Upgrading

See the What’s new in server 3.x doc for upgrade notes for this release.

Release 2.19.07    

What’s New in Release 2.19.07

Fixes

  • Fixed a bug that was preventing authentication to China region ECR images in the docker executor.
  • Removed the recursive chown from startup of the fileserverd service. In instances of heavy usage this was causing the startup process to take a long time, or in some cases, startup was blocked.

Known Issues

  • If any changes have been made to your networking configuration from the default, you should run the following steps to ensure you can use SSH to inspect your builds (for further information on SSH reruns see the SSH Rerun Guide):
    • For customers using AWS, make sure that you have the latest Launch Configuration configured for Nomad clients, and that exiting Nomad clients were spun up using the Launch Configuration.
    • On each Nomad Client machine, create /etc/circleci/public-ipv4
    • This file should contain the public (if applicable) or private IP of the nomad client