Jenkins 2.326 removes the ability to disable or customize the agent-to-controller security system. This change is specified in JEP-235.
Several plugins are known to be affected by this change. For the following plugins, updates are available as of December 29, 2021:
Cobertura Plugin Plugin needs to be updated to 1.17 or newer.
Code Coverage API Plugin needs to be updated to 2.0.4 or newer
Log Parser Plugin needs to be updated to 2.2 or newer
Maven Integration Plugin needs to be updated to 3.15.1 or newer
Warnings Next Generation Plugin needs to be updated to 5.2.0 or newer
XUnit Plugin needs to be updated to 2.0.3 or newer
Other plugins have not yet been adapted. Their compatibility fixes are tracked in the Jira epic JENKINS-67173.
As part of the change in 2.326, almost all code related to the agent-to-controller security system’s configuration has been removed.
A notable exception is jenkins.security.s2m.AdminWhitelistRule
as that is used by Configuration as Code Plugin and is also expected to be in frequent use in Groovy init scripts.
It is now a stub retaining the basic API — #getMasterKillSwitch
and #setMasterKillSwitch(boolean)
, but both methods only generate log messages informing users about their obsolescence.
Invocations of these methods can be safely removed when running Jenkins 2.326 or newer.