OneDev server and agent now requires Java 11 or higher. Follow below steps to upgrade agent manually:
- If agent is running as bare metal mode with Java 8, re-download agent package from server and run it
with Java 11 or higher following the instructions
- If agent is running as bare metal mode with Java 11 or higher, it will be updated automatically
- If agent is running in container mode, re-pull the image and start the container
- A boolean property "confidential" must be added to create endpoint of issue resource to indicate whether or not the issue is confidential
- [RESTful api] Service desk name property of project resource moved from basic info endpoint to setting endpoint
- [CI/CD] Docker sock is NOT mounted by default for server docker executor, remote docker executor and Kubernetes
executor for security reasons. If your CI job performs docker operation, the build may fail. You may enable
the mount docker sock option in related executors, but make sure to configure authorized jobs of the executor
to only allow trusted jobs to use the executors
- [RESTful api] Email addresses of a user should now be retrieved via UserResource.getEmailAddresses, and should be operated via EmailAddressResource
- [RESTful api] Access token of a user should now be retrieved via UserResource.getAccessToken
- [RESTful api] User query by login name, full name and email should now be done via UserResource.queryProfile
- [build spec] Registry login setting is removed from build image step (introduced in 6.2.0). Specify registry logins
in job executor if necessary
- A new property
Run In Containeris added and enabled for all command steps in build spec. If you have steps intended to
be executed by shell executor, edit them to disable this property, otherwise the build will be failed with error
This step should be executed by server docker executor, remote docker executor, or kubernetes executor
- Using cache path "." (to cache workspace itself) in job cache definition is no longer supported
- In case install OneDev into a Kubernetes cluster, Kustomization based deployment is replaced by helm based deployment for flexibility reason
- User by default is not able to create/fork projects now. To allow it, specify default login group with appropriate project create permissions in security setting.
- URL of project is changed from http(s)://<onedev-server>/projects/<project name> to http(s)://<onedev-server>/projects/<project id>. This only affects web UI, clone url and REStful api url is not changed.
- Job variable @project_name@ should be replaced by @project_path@.
- Job match condition in job executor is renamed as job requirement, and the criteria to match job name is no longer valid. Executor can now be specified when define the job.
- Service definition is separated from job definition. Previous service defined in job will be moved out of job and take the name <job name>-<service name> to avoid possible name conflicts. You either need to change it back to use original name in case there is no conflicts, or change your build script to use the new service name.
- Job match condition of job executor no longer accepts image criteria. You need to remove it manually if there is any; otherwise the job matching will fail.
- Html report is removed from build spec due to possible XSS vulnerabilities. Check issue #230 for details
- Setting Default Fixed Issues Filter in build spec has been moved to be under project build setting, in order to facilitate issue query auto-updating upon custom field/state change
- Backslash in job commands should not be escaped now. And literal '@' should be written as '@@'
- Various query operator is before and is after is substituted with is until and is since. For instance issue query "Submit Date" is before "yesterday" should be written as "Submit Date" is until "yesterday"
Renamed build variables:
old name new name updated_ref ref updated_branch branch updated_tag tag pull_request_ids pull_request_number
Removed build variables: on_branches, commit_tags,
Version 3.2 uses token authentication instead of password authentication in build spec for security
consideration. As a result of this, password authentication specified previously will be cleared:
You will need to use custom http/ssh clone credential with permission to access submodule projects to retrieve source. Refer to usage scenario for an example.
Project dependency authentication
You will need to define a job secret containing an access token in project build setting page, and then use that secret in project dependency definition. The access token should have permission to download dependency project artifacts of course.