AWS KMS support for Signed Pipelines

We have added support for AWS KMS signing of pipelines to the buildkite agent and integrated this feature into the Elastic Stack for AWS.

Customers can now easily enable signed pipelines in their elastic stack and take advantage of KMS to securely manage the keys. The settings used to configure this feature is as follows:

signed pipeline settings

For more information on Signed Pipelines using AWS KMS see our documentation.

Mark

Suite repository URL validation

We have updated the validation for the repository URL field on the Suite Settings page. Previously, users could only set GitHub or GitLab URLs. With this update, you can now enter any valid URL as the repository URL.

This provides more flexibility when setting your repository URL, allowing integration with other platforms beyond GitHub and GitLab.

No action is required on your part to benefit from this update. Enjoy the enhanced flexibility!

Katie

Test page header improvements

We have updated the test page to enhance your workflow with several new additions. You can now resolve and assign a flaky test to a team directly from the header.

Test page header

Additionally, you can now view your test within your Git repository through a link in the header. To enable this feature, add your root Git repository URL in the suite settings page.

Test page header Git settings

Meghan

Build row UI uplift

The build row is now easier to parse with updates to where key details appear, including:

  • Showing the running time under the build status.
  • Displaying the build number under the heading.
  • Adding profile pictures to user details.
  • Making the expansion areas on each row clearer with more defined click areas.

Previously, the build list looked like:

Old build list view

The new build list looks like:

New Build list view

Liam

Build header step contrast improvements

You can now more easily identify steps that are pending or in an unexpected state while a build is running.

This change came from customer feedback about the build header placing too much prominence on steps that don’t cause pipelines to fail, such as steps that have passed or soft failed. Steps in these states are expected and generally don’t require immediate attention.

Update

Thank you to the customers who worked alongside us on this small but impactful improvement. Please continue to reach out with your feedback and suggestions!

Brett

Better visibility of missing dependencies

You can now view missing dependencies in job rows. This allows you to quickly debug your pipeline configuration while the build is running or after it fails.

When a build is running, and a job has a dependency that doesn't exist yet, you'll see the following message:

Job row warning for missing dependency

You can expand the job row to see the names of the missing dependencies:

Detailed missing dependency warning in expanded job row

If the step dependency is not resolved and the build fails, you'll see an error message:

Job row error for failed job due to missing dependency

When you expand the job row, you'll see the names of the missing dependencies:

Detailed missing dependency error in expanded job row

Liam

Support for line breaks in block and input steps

You can now add line breaks to your block and input steps in Buildkite Pipelines. For example, see the prompt and hint fields in the following pipeline definition:

Adding line breaks to your block steps in your pipeline YAML

These fields are displayed in the UI as follows:

Example of a block step using line breaks

Liam

UI improvements for links and long commands on jobs

When viewing jobs, the links to agent and queue details now take up less space, and you can see the full command on hover when it's truncated.

A recent change added links from jobs to agent and queue details, but the links took up a significant portion of the job row. We've made the links more compact so you can see more of the job name and command while keeping direct links to the agent and queue details:

A job row shows the agent and queue information in a dropdown

When a longer job command is truncated, you can now see the full command on hover:

A job row shows a full command in a hover state

Liam

Linking to jobs from waterfall view

The waterfall view has been updated to help you debug builds faster.

You can now go directly from a job in the waterfall view:

Screenshot 2024-03-07 at 6.12.08 pm.png

To its log output:

Screenshot 2024-03-07 at 6.13.50 pm.png

Liam

Clusters Generally Available

Clusters is a Buildkite feature used to manage and organize agents and queues, which:

  • allows teams to self-manage their Buildkite agent pools,
  • allows admins to create isolated sets of agents and pipelines within within a single Buildkite organization,
  • helps make agents and queues more discoverable across your organization,
  • gives you more control over your agents and queues like pausing them, and
  • provides easily accessible queue metrics.

All existing agents can now be accessed through Unclustered grouping on the agents page.

Learn more about clusters

Liam

Lower Agent Timeouts

We have reduced agent timeouts from 5 minutes to just 3 minutes, and improved the lost agent cleanup service from 5 minutes to 1 minute! This enhancement offers significant benefits to our customers, particularly those utilizing spot instances for their agents.

With shorter timeouts, jobs now fail faster when spot instances can't compete on price, slashing the time it takes for pipelines to detect and recover from failures from 10 minutes to just 4 minutes. This means faster feedback loops, streamlined pipelines, and ultimately, accelerated development cycles.

Learn more about it

Oz

REST API Rate Limit Changes

Today, we updated our REST API rate limits. ​This update will improve performance, enhance security, and ensure fair usage.

For more information on rate limits please consult our documentation.

Himal

Docs updates to Pipelines landing page, GraphQL cookbook, and visual style

pipelines-landing-new.png We tackled some quick wins the last week, including:

  • Creating a new landing page for Pipelines. This helps distinguish the product from the feature and provides clearer entry points for new users.
  • Adding a dedicated page to describe Pipelines' hybrid architecture.
  • Highlighting H3s when scrolling on a page.
  • Splitting the GraphQL cookbook into multiple pages to make it easier to navigate.
  • Updating the search component.
  • Applying general style updates across the site, from typography and tables to page layout and spacing.

And many more small changes. See the documentation to check them all out. ✨

Michael

Enforce edit permissions check when accessing pipeline provider webhook URLs

Pipeline edit permissions are now required to view pipeline.provider.webhook_url. If the user does not have the correct permissions, a blank string will be shown in place of the webhook URL.

This change will also affect webhook payloads containing pipeline data. To ensure the greatest level of security, pipeline.provider.webhook_url will no longer be visible in these payloads.

Read more about the REST API

Laura

Single Organization Access Tokens

Starting today, newly created API Access Tokens will only access one organization. This update aims to enhance organizations' security by simplifying access token management. Administrators should be aware that tokens cannot be modified to include their organization after they have been originally created.

This change only affects newly created tokens. All existing tokens will remain unaffected by this change; however, existing tokens will not be able to add any additional organizations to their scope.

James

GraphQL Rate Limits

Buildkite has introduced new rate limits for the GraphQL API.

This update will improve performance, enhance security, and ensure fair usage across the Buildkite platform.

Please read the documentation to learn more about the GraphQL rate limits, specifically how to check your current usage:

James

Agent Tokens Removed from Buildkite UI after Creation

Effective from 24 July 2023, agent tokens in the Buildkite UI will undergo a significant modification. They will now behave similarly to API tokens, meaning that after creation, they will no longer be visible in the UI.

To ensure you have access to the complete token, it is crucial to save it immediately upon creation. This change aims to enhance the security of agent tokens within the Buildkite platform.

Please make a note of this update and adjust your workflows accordingly. If you have any questions or concerns, feel free to reach out to our support team (support@buildkite.com) for assistance.

Oz

Access Token Notifications

Buildkite has implemented additional security notifications to keep your data safer.

Security notifications empower customers to promptly address any token changes made to their accounts, ensuring data security and preventing unauthorised access.

Users will now receive an email when they create or update an access token associated with their account.

James

Important Update to Terraform Provider

We're removing support for Import of agent tokens in the Terraform provider. This change coincides with the announcement in this changelog. From 4 July 2023 onwards, any resources or data-sources which are dependent on an agent token being present will likely fail to apply.

We recommend that you update your provider version to >=0.19.0. Any version below this will run a state refresh on the next Terraform operation and cause agent tokens in state to be set to nil, "". If these changes are then deployed, there is a risk that all agents in your organisation will have their tokens removed and no longer be able to connect to Buildkite.

Go to the v0.19.0 release

Go to the terraform registry

Oz

New Security settings section

We've introduced a new 🔒 Security section under Settings for all security related features.

Moving all security related controls into the same space will make them easier to find and manage.

You'll find:

  • Security contact
  • Permissions settings
  • Pipelines permissions
  • Test Analytics permissions
  • API access allowlist

consolidated in this new page: https://buildkite.com/organizations/~/security

Jason

Start turning complexity into an advantage

Create an account to get started with a 30-day free trial. No credit card required.

Buildkite Pipelines

Platform

  1. Pipelines
  2. Pipeline templates
  3. Public pipelines
  4. Test Engine
  5. Package Registries
  6. Mobile Delivery Cloud
  7. Pricing

Hosting options

  1. Self-hosted agents
  2. Mac hosted agents
  3. Linux hosted agents

Resources

  1. Docs
  2. Blog
  3. Changelog
  4. Webinars
  5. Plugins
  6. Case studies
  7. Events

Company

  1. About
  2. Careers
  3. Press
  4. Brand assets
  5. Contact

Solutions

  1. Replace Jenkins
  2. Workflows for AI/ML

Support

  1. System status
  2. Forum