Governance Meeting - August 22, 2022

Community
,
1

2022-08-22T17:00:00Z

Participants: Basil Crow, Bruno Verachten, Mark Waite, Gavin Mogan, Kevin Martens, Oleg Nenashev, Daniel Beck

Agenda:

  • News
    • LTS 2.361.1 release September 7, 2022
      • Requires Java 11 or Java 17, no more Java 8 support
      • Kris Stern is the release lead, release checklist is open
      • CDF blog post requested by Fatih, Mark coordinate with Kevin Martens and others
  • Action items
    • Mark Waite to find and finish Linux Foundation transfers from GSoC 2021
      • Kara de la Marck and Alyssa Tong have made progress on the transfers
    • Mark Waite to use community.jenkins.io for the Jenkins Docs SIG mailing list
      • Announce the change and make the existing list read-only
      • Gavin investigated importing a mailing list, export is easy, import requires that we ask for help from the Discourse, complicated set of steps
        • Not worth the effort
    • Mark Waite to create blog post summary of the Contributor Summit at cdCon
    • Mark Waite request full access to the CDF Zoom account for Jenkins
      • Gavin suggested including a private google group in the CDF mailing list
      • 2fa token updates to that list
      • Alternately add each person to the CDF mailing list
        • Michelle Martineau (CDF) is the one to decide
  • Upcoming elections
    • December-ish again?
    • Gavin and Ewelina up for re-election
    • Who is going to run them?
      • Usually rely on the infrastructure officer to run the election
        • Damien Duportal (voting, etc. from Discourse as before)
      • Announcements, vetting candidates, etc. is a governing board responsibility
        • Entire board vets candidates
        • Any board member could send the announcements
        • Can reuse email templates and content from previous years
    • Timeline
      • September announce and gather candidates and their statements
      • October finalize candidates
      • November voting
      • New board members and officers effective early December
    • Mark to bring the topic to Jenkins infra officer for discussion and plan
    • Prefer to use the same process as last year
      • Register to vote at community.jenkins.io
        • Organize list of candidates
      • Voting through the Condorcet system at Cornell University
        • If hosting is needed outside the University, Gavin has access to resources
  • CDF topics
    • Summary update on CDF TOC updates in the CDF Slack channel
      • Few items of possible interest
      • Oleg will be TOC chair for another year
        • Last term as TOC chair, will need another chair in Aug 2023
        • Oleg represents Jenkins in governing board
          • Continues to push
        • Next meeting is on Thursday
          • Mark checking with other board reps
      • Project Pyrsia accepted as a distributed package delivery network project
        • No obvious impact on Jenkins
        • Separate plugin likely for the Pyrsia project
          • May also need pluggable artifact storage update
      • CDF reference architecture update is in progress
        • Link to slide deck is available: CDF Reference Architecture - Google Slides
        • Attempt to provide a reference architecture for application delivery
          • Including CI and CD
        • Trying to find balance between projects in CDF environment
        • Want to see Jenkins listed there
          • If interested in white papers and high level architecture, join this
      • Direktiv likely to apply for CDF membership
        • Cloud native Pipeline based on Cloud Native Events
        • More Pipeline engines at CDF
        • Jenkins pluggable pipeline not actively being developed
      • Treasurer has been appointed (David Lai)
        • May be able to help with GSoC funding transfer
  • Blue ocean admonition current status
    • Complete in Pipeline: Blue Ocean Editor, Blue Ocean intro, Blue Ocean Pipeline Editor, …
    • Consider including the admonition in the plugin documentation
      • Basil add the admonition to the plugin documentation (Done)
      • Add the admonition to the Dockerhub entry for blueocean container as well
        • Needs a link to the official docs and embed the admonition
        • Still to be done
        • Issue in that specific image where people are installing plugins and assuming it will be used on the next restart
          • Further motivation to get people off the Blue Ocean container
          • May need further changes in the official Jenkins container as well
            • Needs a ticket to describe the condition (docker repo)
        • Deprecate the blueocean container (was only for documentation)
      • Topic for Platform SIG
  • Jenkins.io web site revert
    • Look and feel improvements from a new contributor
    • Need to split into smaller improvements for review and incremental delivery
      • Original pull request is still available
    • Was there a recent change on the RSS feed?
      • Six notifications recently on new blog posts
      • Daniel Beck fixed a bug in the RSS feed that had an incorrect URL
        • If the reader uses the canonical URL, might change (was pointing to an obsolete URL)
  • Review criteria for some parts of the project
    • Reviewers would approve a contribution or approve the exact opposite
      • Do we look at the merit of the change critically enough to reject the exact opposite
        • Font was recently changed to default system font, noted that change not wanted in the pull request, but was then merged anyway
        • If a pull request arrived to round corners “too much”
        • Basil asks for justification for the change (core), not just “is this helpful?”
          • No “needs-justification” label on the jenkins.io site
      • Color scheme changed from grey-ish to orange
        • Would we accept the change back to the other color scheme in a year?
      • Case of isolation where the contributor focuses on their specific needs
        • Don’t understand the larger picture
        • Consider a better path for new contributors - help others first to learn how they use
        • Engage with the community as a whole rather than a small subset
      • CSS issues in the jenkins.io page that was not known to many contributors
        • No comments on the rationale for specific CSS entries
      • We have jenkins.io test deployments that make it very convenient to compare the live site and the test site in a side by side view
        • May miss changes that impact a small subset of pages
        • Similar pattern to the UI changes in core pull requests
        • Consider self-review in GitHub to give more explanation on subtle changes
      • Could do a “side-by-side” comparison screenshot to show the “before” and “after” to show the changes in the page(s)
  • Forums and community topics
    • Comments on RCE post
      • Spring Boot comments on Discourse closed (asking for info on newer issues)
        • Canned response
          • Do not contact the Jenkins security team asking us for compliance documents, certifications, or to fill out a questionnaire. We will not respond to such queries. If we consider it necessary to provide a statement in response to incidents such as log4shell or SpringShell, you will find a response in our blog.
        • Two requests that arrived on the wrong topic
      • Dependency vulnerabilities sometimes reported in Jenkins Jira or security list
        • Commonly respond that we are not affected
    • Higher than normal jenkinsapi (python) questions
      • Not clear what has changed, surprising that there are many together
      • The Jenkins API python package is published through the Python packaging system, source code is not in the Jenkins GitHub organization
    • Needs Answers:
1 Like