Continuous Delivery for PE release notes

These are the new features, enhancements, resolved issues, and deprecations for the Continuous Delivery for Puppet Enterprise (PE) 3.x release series.

To upgrade to the Continuous Delivery for PE 4.x series from a version in the 3.x series, go to Migrating 3.x data to 4.x.

Version 3.13.8

Released 1 September 2021

Resolved in this release:
  • We've improved the database migration process from versions in the 3.x series to versions in the 4.x series.

Version 3.13.7

Released 26 April 2021

Resolved in this release:
  • Impact analysis tasks on modules now manage prefixed environments correctly.

Version 3.13.6

Released 18 March 2021

New in this release:
  • Configure the Bolt PCP read timeout period. To prevent job run timeouts caused by file sync delays, you can now adjust the Bolt Puppet Communication Protocol (PCP) timeout period by setting the CD4PE_BOLT_PCP_READ_TIMEOUT_SEC environment variable. For more information, see Adjusting the timeout period for jobs.
Resolved in this release:
  • Impact analysis tasks are now case-insensitive when processing resource names.

Version 3.13.5

Released 17 February 2021

Resolved in this release:
  • Jobs now run successfully on pull requests opened from forked copies of source control repositories.

Version 3.13.4

Released 5 November 2020

Resolved in this release:
  • Logging for the 3.x to 4.x data migration task is now improved.

Version 3.13.3

Released 27 October 2020

Resolved in this release:
  • Code Manager deployments triggered by Continuous Delivery for PE are now automatically retried if certain transient failures occur.
Security notice:
  • CVE-2020-25649. A jackson-databind vulnerability has been resolved.
  • CVE-2020-15250. A JUnit4 vulnerability has been resolved.
  • CVE-2020-13956. An Apache HTTPClient vulnerability has been resolved.
  • Sonatype-2020-0926. A security scanner may have detected a vulnerability in Continuous Delivery for PE version 3.13.x. However, Continuous Delivery for PE does not exercise the vulnerable code path and is not vulnerable.

Version 3.13.2

Released 27 August 2020

Resolved in this release:
  • The 3.x to 4.x migration task now consumes less memory, reducing the possibility of out of memory errors.

Version 3.13.1

Released 25 August 2020

Resolved in this release:
  • When 3.x data is migrated to 4.x, the database no longer creates duplicate users in the 4.x installation.

Version 3.13.0

Released 25 August 2020

New in this release:
  • Status notification prefixes. You now have the option to add a custom prefix to the pipeline stage result notifications Continuous Delivery for PE sends to your source control provider. For more information, see Status notification prefixes for source control.
  • Custom deployment policy improvements. You can now use custom deployment policies when deploying code from your control repo or module repo regex branch pipelines. Additionally, custom deployment policies now support the use of sensitive parameters.
    CAUTION: Custom deployment policies are a beta feature. As such, they may not be fully documented or work as expected; please explore them at your own risk.
  • Data migration to 4.x. Continuous Delivery for PE 4.x is now available. To upgrade to the Continuous Delivery for PE 4.x series from a version in the 3.x series, see Migrating 3.x data to 4.x.
  • Usability improvements. Version 3.13.0 introduces several improvements to the design and usability of the web UI, including:
    • More specific error messaging when adding Puppet Enterprise credentials.
    • Clearer controls when setting up a default pipeline.
Resolved in this release:
  • Clicking Message Center directs you to the messages associated with your username, not the messages associated with your active workspace.
  • Deployments using the direct deployment policy now fail with an error if the max_node_failure value assigned to the deployment is less than zero.
  • Impact analysis tasks run successfully when trace-level logging is enabled.
  • Pagination controls on the nodes view of impact analysis reports work as expected.
  • Clicking the text of an Auto promote control in a pipeline only impacts the associated pipeline stage.
  • The functionality of the User settings control for the root user is restored.
  • When editing a deployment in the web UI after updating a custom deployment policy, the names of custom deployment policies are no longer shown twice.

Version 3.12.4

Released 18 August 2020

New in this release:
  • Export Nodes page information. You can now generate and export a CSV file of the information in your node table.
  • Support for Bitbucket Server source branch update webhook. Continuous Delivery for PE now supports the new webhook for source branch updates in a pull request introduced in Bitbucket Server version 7.0.
    Note: You must manually configure your Bitbucket Server webhooks to recognize source branch updates in order to use this feature with Continuous Delivery for PE. See the Bitbucket Server documentation for more information.
Resolved in this release:
  • The Nodes page now displays data for all responsive PE servers if one server is unresponsive.

Version 3.12.3

Released 5 August 2020

Resolved in this release:
  • The Nodes page now works as expected if SSL is enabled on your Continuous Delivery for PE installation. You must connect using HTTPS.
    Note: Firefox users who have enabled SSL and are using a self-signed certificate must add the certificate to the Firefox trust store.
  • The Nodes page now displays all other available data if any node returns null fact data.
  • The column selector on the Nodes page no longer remains open when you move to a new page of results.
  • An issue with cookies has been resolved, and the Nodes page now loads correctly when using Safari or Firefox.
  • When using PE 2019.7 or 2019.8, clicking View Report on the Nodes page now correctly directs you to the appropriate report in the PE console.

Version 3.12.2

Released 20 July 2020

Resolved in this release:
  • The latest version of the puppetlabs-cd4pe_jobs module is no longer required, and jobs in installations where the module has not been upgraded now work as expected.

Version 3.12.1

Released 20 July 2020

Resolved in this release:
  • When a super user is deleted from Continuous Delivery for PE, the workspaces the user was a member of now remain intact.
Security notice:
  • CVE-2020-14039. A security scanner may have detected a Go vulnerability in Continuous Delivery for PE version 3.11.x and 3.12.x. However, Continuous Delivery for PE does not exercise the vulnerable code path and so is not vulnerable.

Version 3.12.0

Released 15 July 2020

New in this release:
  • Maximum concurrent catalog compiles setting. Each impact analysis-enabled PE instance integrated with Continuous Delivery for PE now has a setting for the maximum number of node catalog compilations each workspace is allowed to perform concurrently – 10 by default. This setting helps to balance the catalog compilation load placed on a PE instance by Continuous Delivery for PE impact analysis report generation. Adjust this setting by editing your PE credentials in the Settings area.
  • Customizable job timeout intervals. You can now adjust the length of time allowed for a job to complete, connect to an endpoint, or access a cached Git repository before timing out. For more information, see Adjusting the timeout period for jobs.
  • Repository caching improvements. By default, Continuous Delivery for PE now omits the .git directory when passing a cached Git repository to job hardware. For more on enabling and customizing Git repository caching, which remains disabled by default, see Improving job performance by caching Git repositories.
  • Usability improvements. Version 3.12.0 introduces several improvements to the design and usability of the web UI, including:
    • If a node catalog compilation fails, the associated impact analysis task's status is shown as FAILED instead of DONE.
    • Many icons have been updated to offer a cleaner, more streamlined look and feel.
Resolved in this release:
  • Custom deployment policies with redundant approval steps – such as those that include a custom approval step and also utilize a built-in deployment policy with its own approval step – now only request approval once.
  • Continuous Delivery for PE now only sends a new status update to your source control provider when the pipeline's status has changed.
Security notice:
  • CVE-2020-13692. A security scanner may have detected a PostgreSQL JBDC driver vulnerability with a 9.8 CVSS score in Continuous Delivery for PE version 3.11.1 and earlier. However, Continuous Delivery for PE does not exercise the vulnerable code path and so is not vulnerable. Continuous Delivery for PE version 3.12.0 includes PostgreSQL version 42.2.13, which resolves the vulnerability.

Version 3.11.1

Released 25 June 2020

Resolved in this release:
  • Bitbucket Server users are now able to see all of their organizations, repositories, and branches when adding a control repo or module repo.

Version 3.11.0

Released 24 June 2020

New in this release:
  • Nodes page. The new Nodes page shows information about the nodes from all PE instances integrated with a workspace. You can create a custom table with columns displaying the fact values you're most interested in. To get started using the Nodes page, see Reviewing node inventory.
    Important: To use the Nodes page, you must upgrade the puppetlabs-cd4pe module to version 2.0.1.
  • Control repository webhooks update automatically. If you update the backend service endpoint for your Continuous Delivery for PE installation, the webhooks connecting the software to your source control provider are automatically updated.
  • Pipeline unique identifier for custom deployment policies. A new environment variable, CD4PE_PIPELINE_ID, is available for inclusion in your custom deployment policies. For more information, see the see the module documentation for puppetlabs-cd4pe_deployments.
    CAUTION: Custom deployment policies are a beta feature. As such, they may not be fully documented or work as expected; please explore them at your own risk.
Resolved in this release:
  • The temporary branches Continuous Delivery for PE creates during deployments now use only lowercase letters.
  • Listing LDAP groups now succeeds when pagination is disabled on your LDAP server.
  • Impact analysis task information is now shown correctly when you click Edit impact analysis in a pipeline.

Version 3.10.1

Released 16 June 2020

Resolved in this release:
  • Git repository caching, which remains disabled by default, is now utilized for deployments.

Version 3.10.0

Released 10 June 2020

New in this release:
  • Clone GitLab repositories using HTTP(S). GitLab users can now select whether to clone repositories using SSH (default) or HTTP(S). The cloning protocol is set per workspace on the Source control page in Settings.
  • Improved search for LDAP groups. This release eliminates a previous limit on the number of LDAP groups recognized by Continuous Delivery for PE, and improves LDAP group search functionality.
  • Usability improvements. Version 3.10.0 introduces several improvements to the design and usability of the web UI, including:
    • Improved error messaging when an impact analysis task fails to locate Code Manager parameters.
Resolved in this release:
  • Duplicate deployment task events are no longer shown on a deployment's details page.
  • For users who have enabled Git repository caching, when a symlink is present in a Git repository, Continuous Delivery for PE now copies the symlink instead of its target.
  • Jobs that produce a large amount of output no longer deadlock.

Version 3.9.3

Released 5 June 2020

Resolved in this release:
  • In order to minimize the unintended effects on smaller repositories, Git repository caching is now disabled by default.

Version 3.9.2

Released 4 June 2020

Resolved in this release:
  • The puppetdb_connection_timeout_sec class parameter now correctly implements the timeout period you set.
  • In some cases, the cached Git repositories that power the job performance improvements introduced in version 3.9.1 can become corrupted. These special cases are now identified and correctly handled by Continuous Delivery for PE when they occur.

Version 3.9.1

Released 2 June 2020

Resolved in this release:
  • Users with large Git repositories who are running a Puppet agent on their job hardware no longer experience job timeouts.

Version 3.9.0

Released 28 May 2020

New in this release:
  • Configure PuppetDB timeout for impact analysis tasks. You can now use the new puppetdb_connection_timeout_sec key in your .cd4pe.yaml files to set a PuppetDB timeout period for impact analysis tasks.
  • Usability improvements. Version 3.9.0 introduces several improvements to the design and usability of the web UI, including:
    • A more helpful error message if an invalid URL is entered as an Artifactory endpoint.
    • Updated icons and improved readability on the Control Repos and Modules pages.
Resolved in this release:
  • Impact analysis reports now correctly reflect Hiera data changes in modules.
  • Installations that include job hardware running a Puppet agent are now able to promote to the next stage of a module pipeline following a stage that ends with a job.
  • Azure DevOps webhook URLs are now parsed correctly when using the deprecated visualstudio.com URL.

Version 3.8.0

Released 13 May 2020

New in this release:
  • Deployment approval functions for custom deployment policies. Two new functions, approve_deployment and decline_deployment are available for inclusion in your custom deployment policies. For more information, see the see the module documentation for puppetlabs-cd4pe_deployments.
    CAUTION: Custom deployment policies are a beta feature. As such, they may not be fully documented or work as expected; please explore them at your own risk.
  • Optional mail attribute setting for LDAP configurations. When configuring your LDAP integration, you now have the option to select the LDAP user attribute that will identify each member's email address in Continuous Delivery for PE. If unset, this field defaults to mail.
  • Environment variables for jobs. When composing a non-Docker-based job, you can now use the $REPO_DIR environment variable to reference the directory that houses the relevant control repo or module repo. Additionally, Continuous Delivery for PE now automatically locates and sets the $HOME environment variable before running a job.
  • Usability improvements. Version 3.8.0 introduces several improvements to the design and usability of the web UI, including:
    • You can now search branch names when selecting the location of a .cd4pe.yaml file.
Resolved in this release:
  • Entering the bind DN password is no longer required when disabling an LDAP configuration stored in Continuous Delivery for PE.
  • The status of impact analysis tasks is now displayed correctly on the impact analysis report's overview page.
  • The latest job and deployment activity for each repo is now displayed properly on the Control Repos and Modules pages.
  • The name of the pipeline used in a deployment is now shown correctly in deployment approval request emails and message center messages.
  • You can now successfully complete a manual promotion from any stage in a pipeline which ends with a job.
  • Users who built module pipelines using an earlier version of Continuous Delivery for PE and then upgraded to the 3.x series now receive the correct URL to the module deployment approval decision page in deployment approval emails.

Version 3.7.1

Released 5 May 2020

Resolved in this release:
  • An error and failure of one deployment no longer occurs whenever two deployments are running in the same workspace at the same time.
  • Deployments no longer unexpectedly restart when certain conditions are met.

Version 3.7.0

Released 28 April 2020

New in this release:
  • Transfer workspace ownership between users. Super users and the root user can now reassign ownership of a workspace to a different Continuous Delivery for PE user. For instructions, see Transfer ownership of a workspace.
  • Set user group permissions on a subset of modules. You can now create user groups that have permissions on only a subset of the modules in your workspace.
  • New direct deployment policy parameter: fail_if_no_nodes. Deployments using the direct deployment policy can now tell Continuous Delivery for PE to stop the deployment and report a failure if the selected environment node group doesn't contain any nodes.
  • Usability improvements. Version 3.7.0 introduces several improvements to the design and usability of the web UI, including:
    • The email address field used for creating login credentials is now case insensitive.
    • The commit at the HEAD of a feature branch is now automatically selected when creating a new on-demand deployment for a regex branch pipeline.
Resolved in this release:
  • Resources with a single parameter change are displayed correctly in impact analysis reports.
  • Optional deployment plan parameters are no longer sent as empty strings to Bolt.
  • Commit authors are shown when listing commits for Bitbucket Cloud repos during the creation of a new on-demand deployment or impact analysis report.
  • Bitbucket Server URLs are rendered correctly in deployment approval emails.
  • When logged in as a super user, clicking the Workspaces settings tab in the root console no longer changes the navigation panel options to those of a non-root workspace.

Version 3.6.1

Released 16 April 2020

Resolved in this release:
  • Deployments using the temporary branch deployment policy now correctly perform a code deploy following a successful orchestrated deployment.

Version 3.6.0

Released 14 April 2020

New in this release:
  • Generate module impact analysis reports on demand. You can now generate an impact analysis report for any module change by clicking Manual actions > New Impact Analysis on a module's details page.
  • Usability improvements. Version 3.6.0 introduces several improvements to the design and usability of the web UI, including:
    • A redesigned Users page with new controls for adding users to your workspace or removing users from your workspace.
    • A redesigned Groups page with an updated workflow for adding and removing group members and user permissions.
Resolved in this release:
  • Impact analysis reports no longer fail to generate if an impacted resource contains null Unicode characters.

Version 3.5.0

Released 2 April 2020

New in this release:
  • Usability improvements. Version 3.5.0 introduces several improvements to the design and usability of the web UI, including:
    • The SMTP Password field now has controls to show or hide the password.
Resolved in this release:
  • Changes to module resources are now correctly reflected in module impact analysis reports.
  • Module deployments using the feature branch deployment policy now correctly create and name branches for GitHub and GitHub Enterprise users.
  • The Continuous Delivery for PE server logs no longer include unnecessary Unsupported PEM format errors.

Version 3.4.1

Released 23 March 2020

Resolved in this release:
  • Webhook-triggered jobs no longer fail for GitLab users.

Version 3.4.0

Released 18 March 2020

New in this release:
  • Use any node with a Puppet agent installed as job hardware. You can now run your Continuous Delivery for PE jobs on any node with a Puppet agent installed. For instructions on configuring new job hardware, see Configure job hardware running a Puppet agent. For instructions on migrating your existing job hardware servers, see Migrate job hardware.
    Note: To successfully configure a Puppet agent node, you must install the puppetlabs-cd4pe_jobs module and ensure the Continuous Delivery user role in PE can run the cd4pe_jobs::run_cd4pe_job task. See the documentation linked above for instructions.
  • Cancel an in-progress impact analysis task. You can now cancel any scheduled or in-progress impact analysis task from the impact analysis details page.
  • Usability improvements. Version 3.4.0 introduces several improvements to the design and usability of the web UI, including:
    • Clearer messaging in impact analysis reports and the removal of unhelpful "diff is too large" messages.
    • Deployments are no longer labeled FAILED when a deployment approval request is declined.
    • The Control Repos page now show 10 control repos per page, and the Modules page now shows 10 modules per page.
    • For deployments that require approval, the Approve and Decline buttons now vanish after an approval decision is provided.
    • Deployments that are awaiting approval now show a PENDING APPROVAL label instead of a RUNNING label in the Events timeline.
    • You can now enter either an IP address or hostname in the Puppet Enterprise Console Address field when adding new PE credentials.
  • Logging improvements. Version 3.4.0 introduces several improvements to the Continuous Delivery for PE logs, including:
    • LDAP queries and replies are now included in the logs.
Resolved in this release:
  • The GitHub access_token query parameter, which has been deprecated by GitHub, is no longer used by Continuous Delivery for PE in requests to the GitHub API.
  • If the value of a port parameter in the puppet_enterprise class in the PE Infrastructure node group is set as a string, automatic integration of PE no longer fails.
  • All events in a stage of a pipeline run no longer show the same timestamp.
  • Version 3.4.0 resolves CVE-2020-7944. When you add a new resource or class with sensitive parameters, impact analysis reports redact the plain text values of the sensitive parameters.
Deprecated in this release:
  • Support for the Continuous Delivery agent on job hardware. As part of our effort to simplify the Continuous Delivery for PE setup process and prioritize the tools PE users already have in place, support for the Continuous Delivery agent is deprecated in version 3.4.0, and will be removed in a future release. For more information, see Migrate job hardware.
Removed in this release:
  • Support for Puppet Enterprise version 2019.1. PE 2019.1 has reached the end of its support lifecycle.
  • Hardware Agents. As part of the deprecation of the Continuous Delivery agent, we've removed the Hardware Agents page from Settings.

Version 3.3.0

Released 19 February 2020

New in this release:
  • Include Bolt tasks in custom deployment policies. You can now include Bolt tasks in the custom deployment policies you run in your Continuous Delivery for PE pipelines. If necessary, you can disable tasks by setting enable_pe_plans: false in the config section of the .cd4pe.yaml file for the impacted control repo or module. For more on tasks, see Tasks and plans in PE.
    CAUTION: Custom deployment policies are a beta feature. As such, they may not be fully documented or work as expected; please explore them at your own risk.
  • Logging improvements. Version 3.3.0 introduces several improvements to the Continuous Delivery for PE logs, including:
    • Information about control repo activities is now included in the logs.
    • Impact analysis information about file changes, module changes, and changed Hierakeys is now included in the logs.
    • To reduce unnecessary noise in the logs, log messages regarding dependency checking during pipeline runs are no longer included unless the logging level is increased to TRACE.
    For more about the Continuous Delivery for PE logs, see Troubleshooting.
Resolved in this release:
  • Impact analysis reports that include Hiera data changes no longer include information on nodes impacted by the Hiera data change that are outside the selected environment.
  • Module deployments using the feature branch policy no longer trigger the control repo pipeline associated with the feature branch policy.
  • If a custom Docker image in the format <IMAGE>:<VERSION> is included in a job, webhooks for that job now fire correctly.

Version 3.2.1

Released 5 February 2020

Resolved in this release:
  • CVE-2020-7238. This Netty vulnerability has been resolved.

Version 3.2.0

Released 4 February 2020

New in this release:
  • Feature branch deployment policy support for modules managed as code. Deployments using the feature branch deployment policy can now be included in a module regex branch pipeline that is managed with a .cd4pe.yaml file.
  • Store custom deployment policies in /site. Continuous Delivery for PE now looks for custom deployment policies in the /site directory of your control repo as well as in the /module and /site-module directories.
  • Usability improvements. Version 3.2.0 introduces several improvements to the design and usability of the web UI, including:
    • When LDAP is enabled, the login screen asks for an LDAP username instead of an email address. This LDAP username maps to the User attribute setting from your LDAP configuration.
    • The YAML code validation tool shows an error message if your pipeline's YAML code includes an invalid regular expression.

Resolved in this release:

  • The deployment_policy_branch parameter is now correctly applied when it is included in a .cd4pe.yaml file.
  • Approval request emails are now delivered to members of the approval group.
  • An appropriate message is shown in the web UI when a deployment approval request is declined.

Version 3.1.1

Released 28 January 2020

Resolved in this release:
  • CVE-2019-16869. This Netty vulnerability has been resolved.

Version 3.1.0

Released 22 January 2020

New in this release:
  • Delete users. Super users and the root user can now permanently delete user accounts from your Continuous Delivery for PE installation. Perform this action with caution: deleting a user also deletes all artifacts created by that user in Continuous Delivery for PE, including workspaces, jobs, integrations, pipelines, control repos, and module repos. For more information, see Delete a user.
  • Impact analysis includes Hiera data referenced in root-level hiera.yaml files. Impact analysis reports now include changes to the Hiera data housed in locations referenced in the hiera.yaml file located at the root level of your control repo or module repo. If your control repo or module repo does not include a hiera.yaml file at the root level, Continuous Delivery for PE will fall back to analyzing Hiera changes in the /data and /hieradata directories.
  • Usability improvements. Version 3.1.0 introduces several improvements to the design and usability of the web UI, including:
    • Better handling of long pipeline names.
    • Clearer messaging when creating a regex branch pipeline.
    • Validation of the selected Docker image name when a new Docker-based job is created.
    • An improved experience and clearer error message if a deployment fails because the target environment node group contains no nodes.
Resolved in this release:
  • Impact analysis tasks can now be included in a module pipeline that is managed with a .cd4pe.yaml file.
  • If a code manager task fails during a deployment attempt, the deployment details page now shows a FAILED status for that event instead of a DONE status.
  • Newly created Docker-based jobs now use the correct default Docker image name.
  • A duplicate description field is no longer present when you configure a manual deployment for a module.
  • The associated control repo is automatically selected when you create an impact analysis stage in a module's pipeline.
  • A deployment to a protected environment no longer shows a PENDING status after the deployment is approved.
  • A Bolt error no longer occurs if a deployment using the temporary branch deployment policy is cancelled prior to the approval step.
  • When Continuous Delivery for PE fails to correctly parse a .cd4pe.yaml file, it logs the parsing error in the application logs and displays it in the web UI.
  • The status of Puppet runs is now correctly displayed on each deployment's details page.
Security notice:
  • CVE-2019-16869 is detectable in version 3.1.0. A security scanner may detect a Netty vulnerability with a 5.0 CVSS score in Continuous Delivery for PE. However, Continuous Delivery for PE does not exercise the vulnerable code path and so is not vulnerable.
Deprecated in this release:
  • Support for MySQL and DynamoDB external databases. As part of our effort to streamline the installation process and ensure Continuous Delivery for PE meets performance standards, support for MySQL and Amazon DynamoDB external databases is deprecated in version 3.1.0, and will be removed in a future release. Before support ends, we'll provide information about how to migrate your external database to a supported option.

Version 3.0.2

Released 19 December 2019

Resolved in this release:
  • Deployments failed for any module regex branch deploying to a PE instance using prefixed environments where the selected prefix was "No prefix."
    Note: If you created a deployment of this type while using Continuous Delivery for PE version 3.0.0 or 3.0.1, you must delete and recreate the deployment for it to work properly.
  • In control repo regex branch pipelines that were converted to management with code, deployments using the feature branch deployment policy failed validation.
  • Module deployments could not be canceled.
  • Control repo and module regex branch pipelines that are managed with code did not trigger correctly.
  • Environment prefixes were not added to target environment names in deployments using the feature branch deployment policy from control repos. As a result, these deployments were not completed correctly.
  • When a root or super user updated the Docker image used as global shared job hardware, the updated image was not used for jobs running on the shared job hardware.

Version 3.0.1

Released 16 December 2019

Resolved in this release:
  • If you attempted to manage a pipeline as code that included a deployment using the feature branch policy, a Parameter specified as non-null is null error occurred and the pipeline did not successfully transition to management with code.
  • Continuous Delivery for PE did not correctly default to looking for custom deployment policy files on the Production branch if a branch had not been set explicitly.

Version 3.0.0

Released 11 December 2019

New in this release:
  • Construct and manage your pipelines as code. You now have the option to use a .cd4pe.yaml file housed in your control repo or module repo to construct, update, and manage your pipelines. Managing pipelines with code creates a version-controlled record of pipeline changes over time. For more information, see Constructing pipelines from code.
  • View Hiera changes in impact analysis reports. When you update a YAML file in your Hiera data directory, impact analysis reports will now report what systems will be impacted and how their desired state will change. For the first version of this feature, Continuous Delivery for PE analyzes changes in /data and /hieradata directories in your control repo or module.
    Important: Hiera changes in impact analysis reports are only supported on PE 2019.2.0 and newer versions.
  • Usability improvements. Version 3.0.0 introduces several improvements to the design and usability of the web UI, including:
    • A redesigned deployment details view featuring a new sequential list of the events that make up a deployment, with details about each event.
    • An updated pipelines design with clearer controls and a refreshed color palette.
    • A new Manual actions selector used for initiating on-demand impact analysis reports, deployments, or pipeline runs.
  • Improved deployment approval messaging. The message sent to designated deployment approvers now contains more information about the proposed deployment, including the URL of the module or control repo, the name of the user who initiated the deployment, the name of the pipeline, and a list of the commits included in the deployment.
  • Fewer stacktrace exceptions included in log files. We've reduced the number of stacktrace exceptions that resulted from checking for dependencies and approvals. You'll no longer see long stacktrace errors for the following: 
    com.puppet.pipelines.cdpe.cdpeTaskUtils.CDPETaskInterruptedException: Dependency check attempt maxtime exceeded.
com.puppet.pipelines.cdpe.cdpeTaskUtils.CDPETaskInterruptedException: Approval check attempts maxiumum exceeded. Thread should yeild and try again.
Special beta feature in this release:
  • Custom deployment policies. We've learned from our users that the deployment policies built into Continuous Delivery for PE don't always align with the deployment work you need to do. In response, we're introducing the ability to compose your own set of steps for deploying Puppet code. For more information, see Creating custom deployment policies.
    CAUTION: Custom deployment policies are a beta feature. As such, they may not be fully documented or work as expected; please explore them at your own risk.
Resolved in this release:
  • The name of the default Docker container is now consistently shown in the Docker Image Name field on the job creation page if no other Docker image is defined.
Security notices:
  • CVE-2019-16869 is detectable in version 3.0.0. A security scanner may detect a Netty vulnerability with a 7.5 CVSS score in Continuous Delivery for PE. However, Continuous Delivery for PE does not exercise the vulnerable code path and so is not vulnerable.
  • Sonatype-2019-0115 is detectable in version 3.0.0. This vulnerability is detected by the Sonatype Nexus scanner. However, Continuous Delivery for PE does not use the library that triggers the vulnerability and so is not vulnerable.
Removed in this release:
  • Incremental branch and blue-green branch deployment policies. We've removed the incremental branch and blue-green branch deployment policies. If your pipeline included a deployment using one of these policies, the deployment has been removed from the pipeline. These policies were deprecated in Continuous Delivery for PE version 2.7.0.
  • Module deployment reports. We've removed this feature from version 3.x.