Governance Meeting, January 13, 2025

Community
,
1

2025-01-13T17:30:00Z

Attendees :busts_in_silhouette:

Upcoming Calendar :calendar:

  • Next weekly release: 2.493, Tuesday January 14, 2025
  • Next LTS: 2.492.1 - February 5, 2025
    • Release candidate January 22, 2025
    • Jeremie Playout release lead, mentored by Mark Waite
  • Next major events:
    • Jenkins contributor summit 31 Jan 2025
      • Alyssa Tong has the venue for up to 24 participants and is organizing logistics
      • Bruno Verachten organizing the agenda
      • Many sessions planned
    • FOSDEM 2025 - February 1-2, 2025
      • Jenkins is confirmed for a stand
      • We plan to sell Jenkins T-shirts and 3d printed Jenkins figurines, proceeds donated to the Jenkins project

Agenda

News

  • DevOps Dozen winners will be announced at Predict 2025 on January 14, 2025
    • Jenkins has been nominated (thanks Alyssa!)

Action Items

  • Basil create the attribution entries for the downloads page
  • Mark Waite complete reimbursement process for Alex Brandes travel to GSoC Mentor Summit
  • Mark Waite confirm with Damien that the jenkins.io domain continues
  • Include Jim Klimov in the funded attendees

Community activity

  • Jenkins Content Security Policy project part 1 - complete
    • Announcement, progress report one, two, and three
    • Adapting plugins to be compatible with a future, broader implementation of a more restrictive content security policy
    • Submitting pull requests, releasing plugins, preparing for future enablement in core
    • Project is complete - tracking sheet
    • Thanks to Basil Crow, Yaroslav Afenkin, and Shlomo Dahan
    • Released CSP fixes for Jenkins core and more than 40 plugins
    • Run Jenkins ATH with CSP enabled
    • Static Analysis of CSP violations across the Jenkins repositories (Daniel Beck’s CSP scanner)
  • Jenkins Content Security Policy project part 2
    • Project proposal submitted to Michael Winser of Alpha Omega
      • Yaroslav Afenkin as project lead and lead implementer
      • Shlomo Dahan as an implementer
      • Bruno Verachten as project manager
      • Jenkins security team as consultants in case of questions
  • Spring Security 6.x Upgrade - mailing list thread
  • Contributor Spotlight
    • 12 months of contributor spotlights completed, more to come
    • Switching to a monthly cadence, next spotlight is Kohsuke Kawaguchi

Governance Topics

  • Registering multiple domain names for Jenkins
    • Board decided by email that we won’t attempt to register additional Jenkins domain names
      • No jenkins.cn or jenkins.de or jenkins.uk or jenkins.us or …
      • A middle ground might exist in Europe to ask that the domain be rejected as creating confusion
        • If misuse happens in the EU, the registrar will take it down if infringing trademark
    • We continue to use the jenkins.io domain, concerned that it is going away
      • Discussion needed with Damien Duportal
      • Oleg indicates that the shutdown of the .io domain is paused indefinitely
  • $1200 reimbursement approved by email for Alexander Brandes
    • Attended Google Summer of Code 2024 Mentor Summit in Sunnyvale, California, USA
    • Google reimbursed the Jenkins project $1200 to cover part of the costs
    • Mark Waite and Alex Brandes are working with Linux Foundation to reimburse Alex through the Crowdfunding site
  • Sponsor tiers approved - Platinum, Gold, Silver, Bronze, and Mirror
    • Tiers and their thresholds
      • Platinum - over $250k value and/or cash contributed to project
      • Gold - $15k to $250k value and/or cash contributed to the project
      • Silver - $5k to $15k value and/or cash contributed to the project
      • Bronze - less than $5k value and/or cash contributed to the project
      • Mirror - Jenkins mirror provider for software delivery
    • 2024 recap blog post pull request and preview
  • Contributor Summit travel funding
    • $9000 available for Jenkins project at Software in the Public Interest
      • Contributor Summit attendees notified and planning to attend
    • Finalized funding priority in the list of attendees
    • Some funds still available
      • Fund Jim Klimov travel and hotel?
  • Java tip and tail release model discussion 17 Dec 2024
    • Mark Waite presented for the Jenkins project
      • Jenkins Tip and Tail slides
      • Weekly and LTS releases for Jenkins users
        • Only most recent weekly and most recent LTS receive security fixes
      • 2+2+2 Java support plan for Jenkins core support of Java releases
        • Support a new Java release in years 1 and 2 after its release
        • Require Java release in years 3 and 4 after its release
        • Drop Java release in years 5 and 6 after its release
      • Shared examples of Jenkins core dependencies and their different release models
  • Cloud expenses and plans
    • Azure (CDF paid)
      • July: $4.6k
      • August: $4.5k
      • September: $3.9k
      • October: $4.2k
      • November: $4.3k
      • December: $4.4k
    • Azure Sponsorship (Microsoft Credits) - $41k remaining, donation ends May 2025
      • July: $10k
      • August: $10.5k
      • September: $10.3k
      • October: $12.9k
      • November: $13k
      • December: $9.5k
    • DigitalOcean - Remaining $15k (~5k consumed) until 02 January 2025
      • July: $176
      • August $200
      • September: $158
      • October: $196
      • November: $146
      • December: $192
    • AWS:
      • CloudBees:
        • July: $6.5k
        • August: $6.3k
        • September: $6.3k
        • October: $6.4k
        • November: $3.9k
        • December: $540
      • Sponsored account
        • October: $178
        • November: $482
        • December: $600
        • Global Status:
          • Credits left: $58k until 31 January 2025
          • Credits left: $60k until 31 July 2025
        • Moving ci.jenkins.io to AWS sponsored account
          • Likely $10k per month Feb 2025 - Jul 2025
  • Increasing diversity in Jenkins leadership - Alex Earl
    • Deferred to a later meeting