Changelog
Atom feed

Important Update to Terraform Provider

We're removing support for Import of agent tokens in the Terraform provider. This change coincides with the announcement in this changelog. From 4 July 2023 onwards, any resources or data-sources which are dependent on an agent token being present will likely fail to apply.

We recommend that you update your provider version to >=0.19.0. Any version below this will run a state refresh on the next Terraform operation and cause agent tokens in state to be set to nil, "". If these changes are then deployed, there is a risk that all agents in your organisation will have their tokens removed and no longer be able to connect to Buildkite.

Go to the v0.19.0 release

Go to the terraform registry

Oz

Agent Token being Deprecated from GraphQL APIs

At Buildkite we take your security seriously, because of that starting 22 June 2023 you will not be able to retrieve agent tokens for clustered and unclustered agents through the token attribute after it has been created through GraphQL APIs.

Read more about how to create Agent Tokens

Read more about how to create Cluster Agent Tokens

Update: The date for deprecation will be delayed to 4 July 2023 due to the breaking change introduced to Buildkite terraform provider. If you are a customer using the Terraform provider, please make sure to upgrade to version 0.19.0 beforehand.

Oz

New Security settings section

We've introduced a new 🔒 Security section under Settings for all security related features.

Moving all security related controls into the same space will make them easier to find and manage.

You'll find:

  • Security contact
  • Permissions settings
  • Pipelines permissions
  • Test Analytics permissions
  • API access allowlist

consolidated in this new page: https://buildkite.com/organizations/~/security

Jason

Jenkins migration guide added to the docs

We’ve added a guide in the docs to help you migrate from Jenkins to Buildkite.

The new page:

  • Provides a general approach for migration.
  • Explains the key differences.
  • Highlights the most important considerations.

We hope it makes the migration process more straightforward and transparent.

The new page shown in the docs

See Migrate from Jenkins to check it out. ✨

Michael

AWS Elastic CI Stack v5.19.0 release

The v5.19.0 version of the Elastic CI Stack is now avaliable. This includes a fix for an error encountered when creating a new stack from its cloudformation template due to an attempt to create an ACL for object ownership when they are now disabled by default.

For further details of the fix and what else is included in the release, see the Elastic CI Stack's release notes.

Narthana

Docs home page redesign

We've redesigned the documentation home page to make getting to the content you want easier.

The new design of the documentation home page

Notice:

  • A clearer path to get started for new users.
  • Quick access to popular content for everyone.
  • Links to look up reference data for experienced users.
  • A consistent global navigation to make jumping to the section you want easier.

See Buildkite docs to check it out! ✨

Michael

Elastic CI Stack for AWS docs restructure

We've restructured the documentation for the Elastic CI Stack for AWS to create clearer and more focused pages that are easier to navigate.

The new navigation structure for the Elastic CI Stack for AWS section in the docs

See the Overview to check out the changes. ✨

Michael

Shaziya

Agent Stack for Kubernetes

We've released a new way to run your Buildkite jobs in Kubernetes natively. The Agent Stack for Kubernetes will allow your Kubernetes cluster to orchestrate your Buildkite Pipeline steps as Kubernetes jobs.

2023-03-29T00:51:02,558878350+11:00.png

Learn more about the Agent Kubernetes stack

Narthana

Secure your organization with session IP address pinning

Prompt your users to re-authorize when their origin changes.

With session IP address pinning enabled, authorized sessions can only come from the IP address that created the session. If another IP address attempts to access the organization, the session will be immediately revoked. By pairing IP pinning with SSO session durations, we're taking a proactive approach to combating stolen session cookies.

We're committed to keeping our customers' data secure and are constantly exploring new ways to enhance our security measures.

Learn more about session IP address pinning

Juanito

Clusters

Clusters allow you to organize agents into groups. These groups, or clusters, will enable the management of pipelines and queues within that cluster.

Clusters can be turned on by an admin by accessing pipeline settings in the organization settings tab. Note that once clusters is enabled, you will be unable to disable it.

Learn more about clusters

Oz

OIDC support is now available

You can now request an OpenID Connect (OIDC) token from the Buildkite Agent 🔑

Decoded payload of an OIDC token including many JSON attributes

OIDC tokens are JWTs signed by Buildkite and decode into JSON which includes many attributes like the pipeline slug and the build branch. buildkite-agent oidc request-token will return a token representing the current job that can be exchanged with federated systems to authorize actions like deployments or allow access to context-sensitive information like secrets based on these attributes.

Learn more about OpenID Connect support from the Buildkite Agent

David

Export audit logs to EventBridge

Explore organization change events in your existing AWS monitoring suite.

Enterprise customers can now route Buildkite Audit Log events via the AWS Event Bridge event bus.

Learn more about configuring Buildkite with AWS EventBridge

Himal

API access allowlist

Restrict API access to IP addresses and CIDR block ranges you trust.

You can now easily create and manage a list of IP addresses and CIDR blocks that are authorized to access your organization via the Buildkite API, improving security and reducing the risk of unauthorized access.

Learn more about configuring IP/CIDR allowlist via the UI, API, or Terraform

James

New environment variables for group steps

Jobs that belong to group steps will now have access to information about their group with three new environment variables:

  • BUILDKITE_GROUP_ID
  • BUILDKITE_GROUP_KEY
  • BUILDKITE_GROUP_LABEL

You could use these variables to upload steps to the same group, or alter the behaviour of jobs based on their group. These environment variables will be absent for jobs that do not belong to group steps.

Learn more about environment variables

David

Signal and signal reason in automatic retry rules

Jobs can now be automatically retried based on the signal received by the command process that caused it to exit, in addition to the job's exit code.

This is particularly useful in catching terminated agent hosts, such as you'd see when using EC2 Spot Instances:

  - label: "Tests"
    command: "tests.sh"
    retry:
      automatic:
        # Catch cleanly-terminated instances
        - limit: 2
          signal_reason: "agent_stop"
        # Catch timed-out agents
        - limit: 2
          exit_status: -1
          signal_reason: none

Learn more about the new attributes

David

Build Matrix support for plugins and agents

Build Matrix has been extended to support matrix variable interpolation inside the plugins and agents attributes of command steps.

steps:
- label: "💥 Matrix Build"
  command: "echo {{matrix.os}} {{matrix.arch}}"
  agents:
    queue: "builder-{{matrix.arch}}"
  matrix:
    setup:
      arch:
        - "amd64"
        - "arm64"
      os:
        - "windows"
        - "linux"
  plugins:
    - artifacts#v1.9.0:
        upload: "out/{{matrix.arch}}.gz"

Learn more about increased Build Matrix support

David

Build waterfall view

The waterfall view visualizes the timeline of each step in a build. You can see this summary in your Builds page a toggle–enabling to switch between list and waterfall views.

Screenshot 2023-03-24 at 2.22.06 pm.png

Oz

Go straight from failed jobs to Test Analytics

Quickly view insights about failed tests by going directly from a job to its related information in Test Analytics – providing a faster path from fail to fix.

test-analytics.png

Michelle

Test Analytics now automatically detects flaky tests

Flaky tests are automated tests that produce inconsistent or unreliable results, despite being run on the same code and environment. They cause frustration, decrease confidence in testing, and waste time while you investigate whether the failure is due to a genuine bug.

Test Analytics finds your flakes by surfacing when the same test is run multiple times on the same commit SHA with different results. The tests might run multiple times within a single build or across different builds. Either way, they are detected as flaky if they report both passed and failed results.

Results are available in the Test Analytics UI and via a new REST API endpoint.

Learn more about flaky test tracker and its API

image.png

Michelle

Start turning complexity into an advantage

Create an account to get started with a 30-day free trial. No credit card required.

Buildkite Pipelines

Platform

  1. Pipelines
  2. Public pipelines
  3. Test Engine
  4. Package Registries
  5. Mobile Delivery Cloud
  6. Pricing

Hosting options

  1. Self-hosted agents
  2. Mac hosted agents
  3. Linux hosted agents

Resources

  1. Docs
  2. Blog
  3. Changelog
  4. Example pipelines
  5. Plugins
  6. Webinars
  7. Case studies
  8. Events
  9. Migration Services
  10. Comparisons

Company

  1. About
  2. Careers
  3. Press
  4. Security
  5. Brand assets
  6. Contact

Solutions

  1. Replace Jenkins
  2. Workflows for AI/ML
  3. Testing at scale
  4. Monorepo mojo
  5. Bazel orchestration

Legal

  1. Terms of Service
  2. Acceptable Use Policy
  3. Privacy Policy
  4. Subprocessors
  5. Service Level Agreement

Support

  1. System status
  2. Forum
© Buildkite Pty Ltd 2025