Agent → Controller Security Changes in 2.326

Jenkins 2.326 removes the ability to disable or customize the agent-to-controller security system. This change is specified in JEP-235.

Plugin Compatibility

Several plugins are known to be affected by this change. For the following plugins, updates are available as of December 29, 2021:

Other plugins have not yet been adapted. Their compatibility fixes are tracked in the Jira epic JENKINS-67173.

API Compatibility

As part of the change in 2.326, almost all code related to the agent-to-controller security system’s configuration has been removed.

A notable exception is jenkins.security.s2m.AdminWhitelistRule as that is used by Configuration as Code Plugin and is also expected to be in frequent use in Groovy init scripts. It is now a stub retaining the basic API — #getMasterKillSwitch and #setMasterKillSwitch(boolean), but both methods only generate log messages informing users about their obsolescence. Invocations of these methods can be safely removed when running Jenkins 2.326 or newer. Users of Configuration as Code may remove the remotingSecurity section from

jenkins:
  remotingSecurity:
    enabled: true