View entire changelog

Release 3.4.0

Before Upgrading

See the What’s new in server 3.x doc for upgrade notes for this release.

What’s New in Release 3.4.0

New Features

  • Android images for the machine executor are now available. For more information, see the Using Android Images with the Machine Executor guide.
  • The CircleCI Build Agent can now be pulled from a custom Docker registry if required. For more information contact customer support.
  • You can now use Amazon Certificate Manager (ACM) to manage your TLS certificates. For more information see the installation docs.
  • Kubernetes v1.16 - v1.23 are now supported.
  • Workload Identities for installations on GCP are now supported. Workload Identities can be used as an alternative to static credentials. For more informations see the installation docs


  • Fixed a bug that was causing the jobs page and step output access to run very slow in the CircleCI web app.
  • Fixed a bug that was causing the workflows conductor pod to crash and issues with StatsD metrics.

Known Issues

  • Before installing v3.4.0 delete the deployment named circleci-server-kube-state-metrics.
  • Prometheus is broken in KOTS versions 1.65.0 - 1.67.0. If you rely on this feature, do not upgrade your KOTS version until this issue has been resolved.
  • Retry with SSH for jobs using the machine executor advertises a private IP address. For this reason, retry with SSH for jobs using the machine executor works as standard for private installations, but for public installs you would need to ensure that you can access the private IP advertised. For example, by using a VPN into your VPC.
  • CircleCI 1.0 builds are not supported. If an attempt is made to run a 1.0 build, no feedback will be available in the application to indicate the cause of the issue. If a build is run on your installation and does not show up in the CircleCI application, users should be directed to use the CircleCI CLI to validate the project configuration and get details of the possible cause of the issue.
  • The KOTS admin console cannot be upgraded if your installation is set up to be behind a proxy. The proxy settings will be deleted and cause the KOTS admin console to break.
  • Config files will now be stored in the chosen object store (e.g., AWS S3, Google Cloud Storage or Minio). Users can run into errors accessing certain pipelines, if these config files are deleted due to retention policies (e.g., AWS S3 Lifecycle).

To learn more about Server 3.x installation, migration, or operations please see our documentation.

Previous changes

Release 2.19.15    


OIDC tokens in jobs