We've added a new Managing Pipeline Secrets guide to help you understand how to securely store and access secrets, and some of the anti-patterns you should avoid 🔐

Have a read through the recommendations and share it with your team 💪

We’ve added a new multiple property to block steps, giving you the ability to select multiple options when unblocking builds ☑️

When the build is unblocked with multiple selected options, the meta-data value will return the options as a newline separated string.

See the block step documentation for more details and examples.

Your pipeline overview page uses each pipeline’s default branch to calculate the graphs and statistics. We've added support for setting a pipeline's default branch to a blank value (which you can now do directly on the pipelines page), allowing you to see the graphs and stats for all builds in a pipeline 📊

To help you get started with GitHub Enterprise installs that use self-signed certificates, we've added the ability to disable TLS certificate verification in your GitHub Enterprise Buildkite settings 🔓

You can find the new setting in your GitHub Enterprise settings, and read more details in our GitHub Enterprise documentation.

To improve API Access Token security we have removed the “All Organizations” scope from tokens. When managing your tokens you now explicitly select each organization 🔐

If you had tokens with “All Organizations” scopes, they have been automatically migrated and include all of your current organization memberships. When you join a new Buildkite organization, and wish to grant a token access to its data, you must edit the token's settings and select the new organization.

You can manage your tokens on the API Access Tokens Settings page.

We've updated the way times are displayed, and they now respect your browser’s preferred language settings 🌏

For example, if your browser’s preferred language is set to Bokmål or Deutsch, Buildkite will now show 14:17 instead of 2:17 PM ⏰

The Environment Variables documentation has had a major update 🤩

🌈A new layout ⚡️A new section for deprecated variables 🍩Many previously undocumented variables added 💥Expanded descriptions

You can find the updated Environment Variables page under the Pipelines section of the documentation 🚀

We’ve added a new Agent Tokens page to the documentation. It explains default organization tokens, creating and revoking tokens using GraphQL, session token exchange, and more 🕵🏻‍♀️

You can find the new Agent Tokens page under the Agent section of the documentation 🎊

We've been rolling out some big upgrades to Buildkite’s Single Sign-On (SSO) support based on your feedback 📣

The upgrades to Single Sign-On include:

• Admins can now invite users into an SSO organization prior to them joining, along with team membership.
• Team membership can now be passed through as a SAML user attribute.
• Contractors and bots can be added to an organization using any email domain.
• SSO can be made optional for some users, allowing you to have a "break glass" account in the case of your SSO provider being unavailable.
• People can participate in multiple Buildkite organizations with SSO enabled, and easily switch between them.

If your organization hasn't already made the switch, we'll be automatically moving your Buildkite organization to the new version of SSO over the next few weeks. There will be no interruption to your logins, and it won't require any changes to your SSO provider setup.

If you have any questions please email support@buildkite.com, and you can read more about SSO updates in our community forum post 😊

To make testing new pipelines easier, you no longer need to specify the "Message" of a build. Buildkite now automatically resolves the message, based on the git commit, when the build starts 🎉

We've also updated the Builds REST API and GraphQL API so your integrations can take advantage of this too.

We've added a new SSO section to the documentation, with instructions for setting up Single-Sign On with Google OAuth, Okta, OneLogin, and ADFS, and custom SAML providers ✨

You can now also find step-by-step instructions for managing SSO with GraphQL, allowing you to enable, disable and update your SSO settings via the Buildkite GraphQL API

Happy 2019! To kick off the year, we've got some new agent changes fresh off the press!

Better error messages for cancelled jobs 🚨

When a job is cancelled, the agent receives the instruction and starts to shutdown the running job. The job is given 10 seconds to finish, after which it's terminated. Previously what had happened wasn't clear. We now clearly show that a command was interrupted by a signal:

Configurable grace period for cancellation ⏱

By default we give cancelled jobs 10 seconds to finish before they terminate. For some things like a Terraform tear-down, this can take a lot longer. We added a config of cancel-grace-period to customize that value.

1
2
# Wait 600 seconds (10 minutes) for cancellation
buildkite-agent start --cancel-grace-period 600

Future improvements will allow this to be set at a pipeline or step level.

Checkout directory is removed on error 🧹

Checkouts can fail for a variety of reasons which can sometimes leave the git repository in a corrupted state that prevents future checkouts.

The default behaviour for the agent is now to remove the checkout directory if there is a terminal checkout failure.

Windows agents run hooks after cancel 🎣

Windows unfortunately doesn't handle signals like posix systems do, so on Windows the cancellation behaviour was to simple terminate the job. This meant that artifacts weren't uploaded and hooks like pre-exit didn't run, which left things like docker-compose without a way to cleanup.

We now use Windows Terminal Process Groups and the CTRL_BREAK message to emulate signal handling in windows, which now means it should behave much like it's fairer cousins!

Windows gets terminal colors! 🖍

Ok this is a small improvement, but it represents our ongoing efforts to take advantage of the neat things that the Windows Terminal team is doing building for Terminal apps.

Spawn Multiple Agents 🐙

Currently we recommend that multiple agents on a host are run via your init system (launchd, systemd, etc). The new --spawn feature allows for multiple parallel agents to be spawned from the one installation.

We're still figuring out how this might fit into the bigger picture, but keen to see how folks use this feature!

Datadog metrics (Beta) 🐶

We are working with the Datadog team on becoming an official integration. First steps are getting some simple job metrics into Datadog.

You can use the new config metrics-datadog and metrics-datadog-host.

Let us know what you think at https://forum.buildkite.community/t/about-our-datadog-integration/216

Vendored Plugins 📦

We now support loading plugins from within your repository. This lets you vendor plugins to ensure that a third-party can't change them.

1
2
3
4
5
steps:
  - label: 'Test with vendored docker plugin'
    plugins:
      - './.buildkite/plugins/docker':
          image: 'hello-world'

Check out https://github.com/buildkite/agent/pull/878 for a bit more context.

Resolve $BUILDKITE_COMMIT correctly at pipeline upload ⚙️

We now resolve manually triggered builds with a commit of HEAD to the actual commit value in $BUILDKITE_COMMIT for your pipeline uploads.

See https://github.com/buildkite/agent/issues/456 for more context. I'm sorry it took us so long!

Better handling of submodules 🧤

We discovered a few gnarly bugs where we weren't ssh keyscanning submodules correctly and also a few cases where we weren't cleaning up lingering submodules in the checkout phase. These are now squashed!

Everyone's favourite illustration from the Buildkite website has been repackaged and deployed as a set of transparent stickers, ready for you to launch onto any surface you choose ✨

You can order your own set of 🚀 stickers from the Buildkite Shop.

You can now link directly to a job from a build annotation! 🔗

This should make the annotations generated by neat annotation generators like test-summary-buildkite-plugin and rspec-buildkite all the more handy.

We've released a new major version of Elastic Stack for AWS.

The Buildkite Elastic CI Stack gives you a private, autoscaling Buildkite Agent cluster. Use it to parallelize legacy tests across hundreds of nodes, run tests and deployments for all your Linux-based services and apps, or run AWS ops tasks.

The new version is focused on moving the underlying instances to Amazon Linux 2, which brings with it modern versions of systemd amongst others.

Check out the full release notes at https://github.com/buildkite/elastic-ci-stack-for-aws/releases/tag/v4.0.0 and let us know what you think at https://forum.buildkite.community/t/upcoming-elastic-stack-v4/78.

There's a new screencast available at buildkite.com/screencasts/docker 🎉

The Docker screencast walks through a Docker workflow in Buildkite: building, testing, and deploying an image to production. The pipeline and code you'll see in the screencast are also available on GitHub: https://github.com/buildkite/screencast-examples/

You can check out the Docker screencast, and all the others, at buildkite.com/screencasts

We've just shipped a small update to the build page to include the user who canceled the build 🙅‍♀️🙅‍♂️

And if your build was canceled due to Build Skipping (e.g. if you’ve enabled "Cancel Intermediate Builds") we'll show that too:

Buildkite Docker Plugin v2.0.0 has been released, and includes:

• Support for multi-line commands
• A new command option for using single-binary/command line Docker images
• Windows container support

1
2
3
4
5
6
steps:
  - command: 'dotnet publish -c Release -o published'
    plugins:
      - docker#v2.0.0:
          image: 'microsoft/dotnet:latest'
          always-pull: true

See all the details, and upgrade instructions, on the release notes: https://github.com/buildkite-plugins/docker-buildkite-plugin/releases/tag/v2.0.0

We’ve just released Buildkite Agent v2.2 (Brangelina) 💑💔

So what's changed since Buildkite Agent 2.1.14?

Features

• The buildkite-agent binary is now built with Golang 1.7 giving us support for macOS Sierra
• 💨 The agent now talks HTTP2 making calls to the Agent API that little bit faster
• 📦 The binary is a statically compiled (no longer requiring libc)
• meta-data-ec2 and meta-data-ec2-tags can now be configured using BUILDKITE_AGENT_META_DATA_EC2 and BUILDKITE_AGENT_META_DATA_EC2_TAGS environment variables

(Possible)? Breaking changes

We've removed our dependency of libc for greater compatibly across *nix systems which has had a few side effects:

• We've had to remove support for changing the process title when an agent starts running a job since it required libc to work. This feature has only ever been available to users running 64-bit Ubuntu. We'd like to bring this feature back in the future in a way that doesn't have us relying on libc
• The agent will now use Golangs internal DNS resolver instead of the one on your system. This probably won't effect you in any real way, unless you've setup some funky DNS settings for agent.buildkite.com

The release has been published to the Buildkite package repositories. For instructions on upgrading your agent please see the Upgrading section in the corresponding section of our installation documentation.

Today we’ve shipped some changes to simplify the Buildkite invitation system, including revamped invitation emails, automatic email address verification and a new screen for you to double check invitations before accepting them.

You can get the lowdown on our Building Buildkite blog post 🌟