Changelog

Agent v3.38.0 and AWS Elastic Stack 5.11.0 release ๐ŸŽ‰

Buildkite agent v3.38.0 and AWS Elastic Stack v5.11.0 are now available!

Agent v3.38.0 adds the ability to trace build jobs using OpenTelemetry. This lets you do all sorts of interesting performance tracking โ€” which jobs are taking the longest, performance and error rate trends, and which job phases are taking up the most time.

Here's a screenshot of OpenTelemetry in action, as viewed from Datadog in waterfall view: image.png

This agent release has been added to the v5.11.0 release of the AWS Elastic Stack, along with the ability to specify which tracing backend to use from the Elastic Stack definition, as well as the ability to specify an arbitrary set of environment variables to start the agent with.

For full list of additions, changes, and fixes, see the agent changelog and the elastic-ci-stack-for-aws changelog on GitHub.

Benno

Default timeouts for command steps

You can now specify default timeouts for command steps โฐ๐Ÿ’ฅ

Timeouts configuration pane showing default and maximum timeout fields

Timeouts can be specified on command steps already, but it's a pain to have to do it every time, and easy to forget. Setting default timeouts means you won't have command steps slip through the cracks and accidentally run forever, or consume too many job minutes.

Default and maximum timeouts can be specified at an organization and pipeline level. Defaults apply in order of specificity โ€”ย the step's timeout will be used if supplied, otherwise it defaults to the pipeline's default if supplied, or finally to the organization. Maximums are always enforced, when supplied โ€” the smallest value will be used.

These timeouts can be configured from your organization's Pipeline Settings page, or on a pipeline's Builds settings page.

We'd love to hear from you if you find these timeouts useful, or if they don't quite fit your needs first. Drop into our Slack community, or send us an email: hello@buildkite.com ๐Ÿ‘‹

Samuel

Beta: Failing builds fast

Today we're introducing a new "failing" build state for faster feedback ๐Ÿƒโ€โ™‚๏ธ๐Ÿ’จ

A build with a job which fails early and makes the build appear to be failing while the rest of the jobs runs

We know it's frustrating when your build fails. But when it does, you want that information as soon as possible so you can get it green.

Now, as soon as a single job fails, the build can be marked as "failing". You'll see a GitHub Commit Status, or a Slack notification โ€”ย whatever your team uses โ€”ย as soon as we know your build is going to fail. And on the dashboard your build will show as failing. If you're using annotations or Test Analytics then your build can also tell you what to do to fix the problem while it's still finishing.

But fast feedback is only half of the equation. There's nothing worse than a build which takes forever just to tell you it's broken. If you're in a big team running lots of builds, running the rest of a failing build might be a waste of time. So we're also introducing "cancel on build failing."

1
2
3
4
steps:
  - command: bundle && bin/rails spec
    parallelism: 100
    cancel_on_build_failing: true

Adding the cancel_on_build_failing: true attribute to your command steps will cause those jobs to be canceled as soon as a build becomes failing. That way your agents can move on to the next piece of work. But we'll still send failing notifications before cancelation is complete.

We realise that some folks might need to update API clients or adjust pipeline and workflows, so this new feature is being introduced as opt-in for a smooth migration path. But you can turn on failing builds right now by going to your pipeline on the Buildkite dashboard, then going to the Settings page, Builds, and enabling Fail Fast:

Fail Fast configuration panel with "Enable Fail Fast" button

You can also turn this on for your whole organization on your org's Pipeline Settings page.

The buttons will go away and the feature will be enabled for everybody on Monday, 5th September, 2022.

If this does exactly what you need, or you have a suggestion, we'd love to hear from you in our community Slack channel, or drop us an email to support@buildkite.com.

Samuel

New environment variable: Pull request draft

For customers triggering builds via GitHub, we've added a new environment variable to track the draft status of a pull request:

1
BUILDKITE_PULL_REQUEST_DRAFT="true"

If a pull request triggers a build while in a draft state, this variable will be present in all the build's command jobs. The variable will be absent otherwise.

This variable allows customizing your uploaded pipelines or running jobs at the agent level based on a pull request's draft status. For example, you might run a faster subset of your tests while a pull request is still in a draft state.

Check out our docs on environment variables for more information.

If you have any feedback, we'd love to hear from you in our community Slack channel, or drop us an email to support@buildkite.com.

Samuel

Specify Team Access Levels in Create Pipelines API

Using the Create Pipeline REST API you can now specify the access level for each associated team ๐Ÿ”

Example of teams property showing a list of teams and associated access level

Previously, new pipelines could be created in teams, but only at the highest access level with the broadest permission. Now that access level can be varied to suit your pipeline and teams. This now matches the dashboard and GraphQL API.

Find out more in our docs about managing pipeline permissions with teams.

If you have any questions or feedback we'd love to hear from you in our community Slack channel, or drop us an email to support@buildkite.com.

Samuel

Automatic job expiration after 30 days

Starting August 1st 2022, jobs which are not run within 30 days will automatically expire ๐Ÿงน

In the past, it's been very easy to have lingering jobs in your Buildkite account which are never assigned an agent, and will never run. Not only does this create unnecessary noise and risk within your account, but it means that Buildkiteโ€™s job processing logic needs to handle years-old jobs.

With this change, we've introduced a new job state: expired. This is similar to the canceled state, and once a job is transitioned to this state, the build will fail.

This will be enabled for everyone on Monday, 1st August 2022, but you can opt in today at an organisation level, or a per-pipeline level, to start testing and verifying that it works with your own builds. Once enabled, jobs older than 30 days that haven't been run by an agent will be automatically transitioned to expired and their builds cancelled. This new state will also appear in the REST and GraphQL APIs.

To enable this today, see the "Job Expiry" section in your organization's pipelines settings page, or each pipeline's Pipeline Settings > Builds page:

Settings page showing job expiry enable button

If you have any questions or feedback we'd love to hear from you in our community Slack channel, or drop us an email to support@buildkite.com.

Samuel

Improved Docs navigation bar

After releasing Test Analytics, we've been working on improving the navigation bar in the Docs to make it easier for you to find and read docs on both Pipelines and Test Analytics.

image.png

This change and other recent UI and UX improvements are already live in the docs.

Sam

Agent names no longer support "%n"

Using %n in agent names is deprecated and will soon be removed ๐Ÿ‘‹

The default name for a Buildkite Agent used to be agent-%n, resulting in agent-1, agent-2, etc. Pretty quickly, though, this gets tricky to keep unique, especially with a big database full of agent names. So to keep our database humming, we're removing support for %n.

We began this process with Buildkite Agent v3.27.0 released on 8th February, 2021, removing %n from the default agent name. Elastic CI Stack for AWS v5.2.0 was also updated to replace usage of %n with %spawn on the same day.

If you're using Elastic CI Stack for AWS, please make sure you're running v5.2.0 or newer. The version you're using should be visible on your agents page:

List of buildkite agents with buildkite-aws-stack tag indicating version v5.9.0)

If you're running your agents another way, please review your agent configuration and confirm you're not using %n.

If you are using %n, there are a few alternatives:

  • If you're running a single agent on each host, use %hostname.
  • If you're running multiple agents, use the spawn option and %hostname-%spawn.
  • If neither of the previous options work, use %random which will turn into a few random characters.

Check out our docs for a complete reference: https://buildkite.com/docs/agent/v3/configuration#name

We'll begin brownouts of %n on Monday, 8th August 2022. Finally, we'll remove support for %n on Monday, 5th September 2022. Agents which still use %n in their name after this date will fail to connect and accept work.

If you need some more time, or have a problem completing this migration, please drop us an email to support@buildkite.com.

Samuel

Filter busy agents

For teams that have a large number of connected agents, weโ€™ve added a new filter to the Agents page so you can quickly find which ones are busy working on jobs ๐Ÿ•ต๏ธโ€โ™€๏ธ๐Ÿ•ต๏ธโ€โ™€๏ธ๐Ÿ•ต๏ธโ€โ™€๏ธ

Agents page listing all agents, and then being filtered to only busy agents

We hope this makes it easier to find and interact with agents which are running jobs in your organization.

If you have any feedback we'd love to hear from you in our community Slack channel, or drop us an email to support@buildkite.com.

Samuel

Buildkite Test Analytics: Identify, track, and fix problematic tests

We know how frustrating finding and fixing flaky tests can be. And how costly your test suite performance degradations can become over time. Weโ€™ve been working to solve these problems for good, with our newest product โ€” Buildkite Test Analytics.

As of today, Test Analytics is out of beta and available to everyone ๐ŸŽ‰

  • Automatically identify flaky tests, see what is causing the most disruption for your team, and get a head-start on fixing them for good.
  • Get deep visibility and tracing for your test suite, integrated with your programming language and test framework.
  • Set targets and identify problems as soon as they occur with configurable speed and reliability monitors.

Test Analytics is included in all Buildkite plans and is free to get started. You can even use it with any CI system, including GitHub Actions, CircleCI, and Jenkins โšก๏ธ

Read more on the website, in our documentation โ€” and if you're super excited, retweet!

Michelle

Agent v3.36.1 + AWS Elastic Stack v5.9.0 Release

Buildkite Agent v3.36.1 and the AWS Elastic Stack v5.9.0 are now available! ๐ŸŽ‰

This agent version ships with experimental support for tracing CI runs through OpenTelemetry, as well as improvements to logging, and an experimental file locking system that should unlock more reliably when the agent hasn't shut down cleanly.

This agent release has been added to the v5.9.0 release of the elastic stack, which also:

  • Adds ability to fetch EC2 instance tags via Instance Metadata
  • Updates the Linux Kernel on elastic stack instances from 4.14 to 5.10
  • Adds an option to enable EC2 Detailed Instance Monitoring

For full list of additions, changes, and fixes, see the buildkite-agent changelog and the elastic-ci-stack-for-aws changelog on GitHub.

Benno

Pull request repository URL protocol

We're changing the $BUILDKITE_PULL_REQUEST_REPO environment variable value supplied for GitHub and GitHub Enterprise repositories from the unauthenticated git protocol to https ๐Ÿ”’

GitHub announced some time ago that they are removing the unauthenticated git protocol. This change has been in effect since 15th March 2022. Now we're modifying how we generate this environment variable to match their change.

$BUILDKITE_PULL_REQUEST_REPO is not used by the Buildkite Agent to clone your repositories. The value is only provided as a reference, and is particularly useful for pull requests from repository forks. Some customers use this value to ensure that pull requests from forks come from trusted sources, for example.

We recommend reviewing your agent hooks and making sure any security rules that utilise this value are adjusted to be agnostic to the protocol used, and are at least able to handle https.

From Monday, 20th June 2022, all new builds will use a https:// protocol URL for $BUILDKITE_PULL_REQUEST_REPO. If you need a little more time, or would like this change to take effect earlier for your organization, please reach out via support@buildkite.com.

Samuel

AWS Elastic Stack v5.8.0 release

The 5.8.0 version of the AWS elastic stack is now available. ๐Ÿš€

This release added:

  • Ability to customise docker address pools to use more, slightly smaller networks rather than a few big ones
  • Support for additional ARM/Graviton instance types: c7g, g5g, lm4gn, lm4gen, and x2gd
  • SecretsBucketRegion parameter and updated s3secrets-hooks
  • Docs on updating the different components #957 (@keithduncan)

It also fixed:

  • Overwrite /usr/bin/buildkite-agent symlink if it already exists

For full list of additions, changes, and fixes, see the elastic-ci-stack-for-aws changelog on GitHub.

Libby

Agent v3.35.0 release

The 3.35.0 version of the buildkite-agent is now available. ๐Ÿš€

This release has added:

  • An option to skip updating the mirror when using git mirrors. Useful when git is mounted from an external volume
  • The more secure SHA256 hashing algorithm alongside SHA1 when working with artifacts
  • Additional security when creating directories, making them only accessible by current user and group

For full list of additions, changes, and fixes, see the buildkite-agent changelog on GitHub.

Libby

Schedules no longer have a user

As announced in 2019, Schedules no longer need a user ๐Ÿƒ๐Ÿผโ€โ™‚๏ธ๐Ÿ’จ

Schedules created before then and not manually migrated have now had their build ownership user removed. Builds created from those schedules will no longer have a creator, which may affect trigger step permission, build.creator conditionals, and $BUILDKITE_BUILD_CREATOR environment variable checks.

image.png

Schedules created since the 2019 announcement are unaffected, as they never had a build ownership user.

Paul

Build Matrix for Multi-step Pipelines

We've added Build Matrix so you can create multiple jobs from a single, multi-variant step definition. ๐Ÿงฎ

Build Matrices can also include multiple dimensions, different combinations with the adjustments key, and matrix jobs can be grouped together to clean up build pages. โšก๏ธ

Read more about it in the blog, documentation, or on Twitter.

Libby

Agent v3.34.0 release

The 3.34.0 version of the buildkite-agent is now available. ๐Ÿš€

This release has added:

  • a new combination flag: spawn-with-priority
  • locked down file permissions on Windows
  • increased security by rejecting pipeline uploads containing redacted vars

For full list of additions, changes, and fixes, see the buildkite-agent changelog on GitHub.

Libby

Group steps with the `group` config option

We've added a new group pipeline step type so you can group steps together, set dependencies between them, reduce YAML repetition, and clean up your build pages ๐Ÿ—โœจ

You can read more about it in the blog post, documentation, or on Twitter.

Libby

GraphQL API Allowed IP Addresses

API Access Tokens can be restricted to allow access only from specific Allowed IP Addresses. Those restrictions have been honoured by the REST API, but not by the GraphQL API โ€” until now. We've made sure these restrictions are also applied to GraphQL requests.

API Access Token edit page showing GraphQL API and Allowed IP Address configuration options

Check out the API Access Token documentation and configure your tokens on the API Access Tokens page.

Samuel

Buildkite and Log4j CVE-2021-44228

Last week a serious vulnerability, CVE-2021-44228, was disclosed in the Java-based logging package Log4j. Weโ€™ve ensured that Buildkite internal systems, and our open source projects, are not vulnerable to this exploit.

We've performed an audit on our internal software and infrastructure, and we have no instances of Log4j in use directly or via dependencies, and therefore are not vulnerable to this exploit. Additionally we've reviewed our open source projects (including the Buildkite Agent and the Elastic CI Stack for AWS) and have verified they also don't have any use of Log4j and are not vulnerable to CVE-2021-44228.

We use a number of services from AWS and other cloud vendors, and are actively monitoring them to validate that they are not vulnerable and take any necessary mitigation.

If you haven't already, we also recommend updating any use of Log4j within your own build tooling.

If you have any further questions please contact support@buildkite.com.

Fred

Start turning complexity into an advantage

Create an account to get started with a 30-day free trial. No credit card required.

Buildkite Pipelines

Platform

  1. Pipelines
  2. Pipeline templates
  3. Public pipelines
  4. Test Engine
  5. Package Registries
  6. Mobile Delivery Cloud
  7. Pricing

Hosting options

  1. Self-hosted agents
  2. Mac hosted agents
  3. Linux hosted agents

Resources

  1. Docs
  2. Blog
  3. Changelog
  4. Webinars
  5. Plugins
  6. Case studies
  7. Events

Company

  1. About
  2. Careers
  3. Press
  4. Brand assets
  5. Contact

Solutions

  1. Replace Jenkins
  2. Workflows for AI/ML
  3. Testing at Scale

Support

  1. System status
  2. Forum