Compare releases

Compare releases and check for compatibility between your existing Octopus Server and new releases.

What's new

These are the most important features you'll get by upgrading from 2020.1.22 to 2020.3.9

Octopus 2020.3

Highlights

Customer-driven runbook improvements, Jenkins Pipelines support, streamlined process editor and early access to our Octopus Linux Docker image.

  • Runbooks improvements: This release includes a batch of customer-driven improvements, including runbook-only projects, Octopus CLI support, environment scoping, guided failure mode per runbook, and the addition of runbook retention policies.
  • Jenkins Pipelines support enables you to integrate with Octopus from your Jenkinsfile.
  • Streamlined process editor allows you to edit multiple steps at once and save your changes with a single update.
  • Octopus Linux Docker image (Early access) is now available, making it possible to run Octopus in a Linux Docker container.

Read our blog post to learn more.

Breaking changes

This release includes two breaking changes:

  • Deprecated our Azure VM extensions - We recommend using PowerShell DSC as a replacement. Our documentation covers this decision and links to further articles on how to achieve this with PowerShell DSC. See this article for instructions to accomplish this with Amazon Web Services as well.
  • Updated Deploy to IIS step - We have updated this step to remove support to deploy to Azure App Services. We recommend using our Azure support instead.

Octopus 2020.2

Highlights

Execution containers for workers (EAP), Jira Service Desk change requests, better run conditions and fast variable lookups with our improved code editor.

  • Execution containers for workers let you execute deployment work in isolation without the need to manage dependencies and containers.
  • Integrated change management with Jira Service lets teams create change requests during their deployment automatically.
  • Better run conditions adds deployment process improvements, including rolling deployment and machine level variable conditions.
  • Fast variable lookups with our improved code unlocks the ability to quickly add Octopus variables into your custom scripts without touching the mouse.

Read our blog post to learn more.

Breaking changes

Octopus 2020.1 introduced updated minimum requirements for running Octopus Server to Windows Server 2012 R2 and SQL Server 2017. This release is now enforcing the SQL Server minimum requirements.

This version also introduced a breaking change for users of Active Directory authentication using Kerberos, there is now a requirement to use host machine SPNs rather than user SPNs. This requirement means that High Availability features can only be used with NTLM based authentication when using Active Directory integration with H/A/

Octopus 2020.1

Highlights

DarkMode, Improved Octopus CLI support on macOS and Linux, and environment specific Worker Pools.

Read our blog post to learn more.

Breaking changes

This release includes the following breaking changes.

  1. Octopus Server minimum requirements - Octopus 2020.1 raises the minimum requirements for running Octopus Server to Windows Server 2012 R2 and SQL Server 2017.
  2. Library variable set permission changes - You can now scope variables stored inside library variable sets to environments and tenants, giving you fine-grain permissions and more consistent access control.

NOTE: Octopus Server has been ported to .NET Core 3.1 and so it no longer requires the .NET Framework to be installed.

Release notes

These are the features and fixes you'll get by upgrading from 2020.1.22 to 2020.3.9.

Changes in Octopus 2020.3.9

  • 6613 - Fix issue where a large number of polling Tentacles can significantly slow down Octopus Server

Changes in Octopus 2020.3.8

  • 6618 - df command in healthchecks can hang on CentOS
  • 6627 - Fix bug where Self-hosted Octopus susceptible to host-header injection attacks (CVE-2020-26161)

Changes in Octopus 2020.3.7

  • 6606 - Fix bug where bash script can reveal sensitive variable values - CVE: CVE-2020-25825

Changes in Octopus 2020.3.6

  • 6573 - Fixed validation check for Action Container Image step to work with Docker Server
  • 6579 - Relaxed requirements for hosting Octopus Server back to SQL Server 2016

Changes in Octopus 2020.3.5

  • 6545 - Fixes error that occurs when configuring AWS ECR external feeds
  • 6560 - Fix crash in lost-master-key command

Changes in Octopus 2020.3.4

  • 6490 - UI fixes to get publishing buttons showing in the primary Runbook layouts
  • 6520 - UI fix to show step information in deployment preview
  • 6534 - UI fixing expanders in step editor and library variable sets
  • 6543 - Fix server task log files being left open
  • 6563 - Fix bug where certain passwords are written to the deployment log in plain-text - CVE: CVE-2020-24566

Changes in Octopus 2020.3.3

  • 6529 - Breaking change Certificates and accounts used by deployment targets must now be scoped to all tenants the deployment target belongs to - CVE: CVE-2020-16197
  • 6321 - Accounts can now be selected without refreshing on the tenant common variables screen
  • 6500 - Default variables are displayed again on tenant variable selection screens
  • 6509 - fixes issue that prevented worker pools being selectable for deployment targets
  • 6512 - Octopus Server service will keep running when version control project's background sync throws an SQL timeout exception
  • 6507 - Fix regression in Octopus Server Manager to allow using an existing database if the master-key is known

Changes in Octopus 2020.3.2

  • 5862 - Fix filter alignment on multiple pages
  • 6485 - Fixes to include the CORS headers and any custom cookie domain to the integrated-challenge endpoint response
  • 6491 - Azure accounts scoped to tenanted and untenanted deployment mode are validated correctly for untenanted deployments
  • 6515 - Fixed the Download as JSON menu item for runbooks

Changes in Octopus 2020.3.1

  • 5691 - Fixed an issue where worker pool selection reset to default when changing execution location
  • 6080 - Removes an incorrect note when setting sensitive fields in tenant variables
  • 6182 - Fixed an issue where the Kubernetes Container Step wasn't allowing Variables for the "Volume Name"
  • 6252 - Fixed a bug where packageId variables could not be scoped to a process
  • 6277 - Pre-releases now correctly show the current release changes only
  • 6336 - Adds variable to set a non-default Azure CLI Extensions Folder
  • 6348 - Maven artifacts can optionally be specified by packaging and classifier, for example org.example:myartifact:jar, org.example:myartifact:zip or org.example:myartifact:jar:sources
  • 6355 - Helm charts can now be stored in the built-in feed
  • 6357 - The task log now changes it's refresh based on the speed of the response and the state of the deployment
  • 6359 - Improved validation on the build information endpoint
  • 6360 - Prevent Docker login warning from causing deployments to fail on Windows
  • 6361 - Upgrading a Linux Tentacle no longer updates all system packages
  • 6363 - Added AccountView permission to built-in Project viewer role
  • 6364 - Fixed Powershell script highlighting
  • 6366 - To prevent potential data corruption, Octopus Server will actively prevent downgrading to an older version before it starts
  • 6368 - Add support for DNS options and termination message in K8S deployment step
  • 6369 - Show a missing resource chip on the Deploy a Release step if the target project is not accessible
  • 6370 - Include more detail on permission exceptions
  • 6374 - Changed the background job scheduler to keep state between nodes and not rely on there being a leader node
  • 6376 - Skip inaccessible certificate stores when deploying HTTPS bindings to an IIS website
  • 6377 - Breaking Change Removed the node Rank (Follower/Leader) and IsLeader
  • 6383 - Added diagnostic logging and verification of files in the Octopus Server directory on launch
  • 6384 - External ID now available when assuming an IAM role
  • 6385 - Azure passwords with leading dash work as expected
  • 6386 - Fix to support object parameter default values in ARM templates entered as JSON
  • 6388 - Prevent SQL Timeouts crashing the Releases and Tasks Page for users with complex permissions
  • 6392 - Upgrade Helm Chart step can now be configured with worker pool
  • 6394 - Fixed generation of Swagger Api Documentation to ensure it's valid according to http://swagger.io|swagger.io
  • 6398 - When using OpenID Connect authentication, ignore unsupported JWKs
  • 6401 - Adjusted security to allow downloads in Chrome 83
  • 6404 - Fixed Library variables are not included in unpublished runbook previews
  • 6405 - Fixed a bug where expandable sections were incorrectly collapsed by default when creating new resources
  • 6420 - UI introducing a multi-step process-editing experience
  • 6423 - Fixed confusing UX when the value for a parameter is empty
  • 6426 - Environment Scoping for Runbooks
  • 6427 - Collapse Deployments / Operations menus in Projects
  • 6428 - Added default guided failure mode to runbook settings
  • 6430 - Added support for specifying the session duration when assuming an AWS role
  • 6432 - Added configurable retention policies for runbooks
  • 6433 - Fixed a bug where Upgrade a Helm Chart Step templates created before 2019.12.2 may be using the wrong helm client version
  • 6436 - Task duration now updates every second
  • 6437 - Fixed rendering of error page
  • 6443 - Added formatting for multiple line commit messages in build information and package pages
  • 6455 - Add support for ingressClassName in Kubernetes Ingress steps
  • 6457 - Fix issue when editing K8S YAML when package is used for project versioning
  • 6458 - Fixed misleading error when creating or upgrading an octopus database using an unsupported version of SQL Server
  • 6461 - Fixed an issue where existing deployment processes with tenant tags caused the UI to error
  • 6462 - Fixed bug where docker image package names weren't being validated correctly when sending build information
  • 6469 - Fixed an issue where the process editor wasn't showing run trigger options
  • 6470 - Fixed an issue where failure run conditions not being shown in process editor
  • 6471 - Fixes an issue where a caller passes an empty string to a tag ID instead of a null and the empty string fails validation
  • 6483 - Reduce storage used by audit events
  • 6484 - Improve view of audit events

Changes in Octopus 2020.2.20

  • 6607 - Fix bug where bash script can reveal sensitive variable values - CVE: CVE-2020-25825

Changes in Octopus 2020.2.19

  • 6577 - Relaxed requirements for hosting Octopus Server back to SQL Server 2016

Changes in Octopus 2020.2.18

  • 6530 - Breaking change Certificates and accounts used by deployment targets must now be scoped to all tenants the deployment target belongs to - CVE: CVE-2020-16197

Changes in Octopus 2020.2.17

  • 6492 - Azure accounts scoped to tenanted and untenanted deployment mode are validated correctly for untenanted deployments
  • 6499 - Fixes to include the CORS headers and any custom cookie domain to the integrated-challenge endpoint response

Changes in Octopus 2020.2.16

  • 6459 - Fixed misleading error when creating or upgrading an octopus database using an unsupported version of SQL Server

Changes in Octopus 2020.2.15

  • 6418 - Added an option to configure the shared cluster directory so that the package store, task logs and artifacts directories don't need to be configured individually
  • 6447 - Changed the format of the Telemetry file to be more space efficient.
  • 6448 - Added a command line option to set the path of the telemetry logs
  • 6452 - Added always run pre scripts to update database compatibility version to 140 even if there's no new migrations

Changes in Octopus 2020.2.14

  • 6410 - Added telemetry that gathers and aggregates the duration of API and database calls and sends them for analysis
  • 6431 - Fixed a bug where packageId variables could not be scoped to a process

Changes in Octopus 2020.2.13

  • 6414 - Adjusted security to allow downloads in Chrome 83
  • 6417 - Added ability to limit the size of the cache directory

Changes in Octopus 2020.2.12

  • 6406 - Fixed a bug where expandable sections were incorrectly collapsed by default when creating new resources
  • 6409 - Prevent SQL Timeouts crashing the Releases and Tasks Page for users with complex permissions

Changes in Octopus 2020.2.11

  • 6397 - X-Forwarded-For field included in web logs
  • 6402 - Containers are now cleaned up after an Action Container Image finishes running

Changes in Octopus 2020.2.10

  • 6387 - Fix to support object parameter default values in ARM templates entered as JSON
  • 6395 - The SQL Server compatibility level will be raised automatically to 140 to match SQL Server 2017

Changes in Octopus 2020.2.9

  • 6381 - Helm chart versions are now sorted for repositories that don't return data in version order

Changes in Octopus 2020.2.8

  • 6219 - Fixed cloned tenants not being editable if the tenant they were cloned from got deleted
  • 6269 - Package feed variable not found error displayed in the UI
  • 6372 - Fixed tasks stuck after cloud node re-provisioning (eg Manual Interventions)
  • 6378 - Skip inaccessible certificate stores when deploying HTTPS bindings to an IIS website
  • 6379 - Prevent Docker login warning from causing deployments to fail on Windows

Changes in Octopus 2020.2.7

  • 6367 - Fix for parent step variable run conditions

Changes in Octopus 2020.2.6

  • 6365 - Fixed Script Step doesn’t run on Targets when Workers available

Changes in Octopus 2020.2.5

  • 6352 - SonaType Nexus Helm repo as an external feed no longer errors
  • 6354 - Added the X-Robots-Tag header so that Google won't index Octopus instances
  • 6362 - Fixes HTTP protocol errors with 304 Not Modified

Changes in Octopus 2020.2.4

  • 3206 - Adding variable run conditions for child steps
  • 5898 - Fixes an issue with Deploy a Release step where deployment would fail if release contained a Manual Intervention step
  • 6259 - Added a migration script to modify any DeploymentProcess records that reference empty TenantId's to use NULL's instead
  • 6318 - Allow Kubernetes steps to import and export YAML
  • 6320 - Octopus Server requires SQL Server 2017 or newer
  • 6323 - Kubernetes steps can now be used within runbooks
  • 6329 - Code editor in fullscreen is now displaying the correct syntax highlighting
  • 6330 - Execution Containers for Workers - Steps that run on a worker can specify a container to execute the step in
  • 6334 - Removes release notes template from Runbook publishing notes
  • 6338 - Duplicate html on Octopus Deploy loading screen complicates loading
  • 6339 - Added ability to configure tolerations on deploy k8s containers step
  • 6340 - Inline variables insert for code editors
  • 6344 - Fixes an issue where active directory groups were not synchronizing correctly for some users

Changes in Octopus 2020.2.3

  • 6245 - Fix bug where workers from a second pool might not be released if the default pool is a dynamic worker pool
  • 6250 - Improved performance of tenant variables page when multiple Certificate variables are displayed
  • 6290 - Fixed package acquisition failure when target is found that needs the same package already planned for an existing target
  • 6291 - Clean up a tenants runbook runs when they are deleted
  • 6294 - Fixes an error that prevented disabling run steps on Octopus Server
  • 6301 - Fixes a performance issue in deployment creation when involving a large number of steps, parameters, and tenancies
  • 6305 - Extended the default health check interval in machine policies from 1 hour to 1 day
  • 6312 - Runbook task status can only be updated when user has RunbookRunCreate permission (CVE-2020-12482)

Changes in Octopus 2020.2.2

  • 6263 - Added a system variable with the date and time the Release currently being deployed was created
  • 6285 - Fix - Navigating to an unavailable project now handles error gracefully

Changes in Octopus 2020.2.1

  • 6275 - Fix bug where Java-based deployments failed on non-Windows targets
  • 6276 - Fix bug where you can't download plain text artifacts greater than 4KB in size

Changes in Octopus 2020.1.22

  • 6531 - Breaking change Certificates and accounts used by deployment targets must now be scoped to all tenants the deployment target belongs to - CVE: CVE-2020-16197