Governance Meeting September 19, 2022

2022-09-19T16:00:00Z

September 19, 2022

Participants: Basil Crow, Bruno Verachten, Mark Waite, Gavin Mogan, Oleg Nenashev, Ewelina Wilkosz, Daniel Beck, Kevin Martens

Agenda:

  • News
    • LTS 2.361.2 release October 5, 2022
      • Kris Stern is the release lead, release checklist is open, backporting pull request, changelog pull request submitted
    • Hacktoberfest is coming, welcome to Preptember
    • UX SIG highlights of UI concepts
    • DevOps World next week
    • CDF mini-summit at Open Source Summit in Dublin
      • Presentation by Fidelity
      • Pipeline libraries and other Jenkins at scale
      • Recording should be available
  • Action items
    • Mark Waite to use community.jenkins.io for the Jenkins Docs SIG mailing list
      • Announce the change and make the existing list read-only
      • Gavin investigated importing a mailing list, export is easy, import requires that we ask for help from the Discourse, complicated set of steps
        • Not worth the effort
    • Mark Waite request full access to the CDF Zoom account for Jenkins
      • Gavin suggested including a private google group in the CDF mailing list
      • 2fa token updates to that list
      • Alternately add each person to the CDF mailing list
        • Michelle Martineau (CDF) is the one to decide
    • EasyCLA needs to be documented by Oleg
      • Enabled on the CLA repository
      • Currently signing both
      • Central repository guidelines need more description
  • Upcoming elections
    • December for completion
    • Gavin and Ewelina up for re-election
    • Damien Duportal has agreed to run the elections
      • Will discuss with Olivier Vernin to understand the process
      • Announcements, vetting candidates, etc. is a governing board responsibility
        • Entire board vets candidates
        • Any board member could send the announcements
        • Can reuse email templates and content from previous years
      • Discuss further in infra meeting
    • Timeline
      • September announce and gather candidates and their statements
        • Only 10 days left in September
      • October finalize candidates
      • November voting
      • New board members and officers effective early December
    • Use the same process as last year
      • Register to vote at community.jenkins.io
      • Voting through the Condorcet system at Cornell University
        • If hosting is needed outside the University, Gavin has access to resources
  • CDF topics
    • CDF blog post published for Jenkins 18th birthday and 2.361.1, written by Kevin Martens
      • Require Java 11, next Java 17
      • 6000 users on Java 17 in August, hope for 10k users in September
    • JFrog working with Jenkins infra team to reduce data transfer for our repository server
      • Prepare for a move of the repo from one cloud provider to another
      • Damien Duportal leading effort to reduce data transfer
      • Multi-step process expected, will be discussed in developer mailing list
    • Yearly Project previews at the CDF TOC Meetings
      • Two presentations at TOC
      • We need Jenkins to present
      • Should Jenkins present at TOC?
        • Yes
        • Interesting topics - third party security review
        • Goal: Show the direction of the project related to CDF status
          • Security reviews
          • Supply chain security
            • Signing of charts, container images, plugin builds, etc.
        • Should this be a summary of the contributor summit?
          • Not so much
        • Review OpenSSF best practices (SBOM, signing, etc.)
      • Next meeting is next week, every two weeks
        • November would be fine for a presentation
        • Agenda assembled 1-2 meetings ahead
  • Forums and community topics
    • Contributor Summit is coming Sep 27 in Orlando, FL, USA
    • GitHub project actions from Google Summer of Code
      • Needs more discussion, just arrived a few hours ago
      • https://groups.google.com/g/jenkinsci-dev/c/KQ46z_q1l4U
      • Need to sign an additional agreement
        • Not expecting any legal concerns in this case
        • Published content on GitHub Marketplace
        • Prefer to have Damien Duportal involved as a GitHub Admin
        • Prefer to have security team involved, option to audit
          • Handling of security issue reports (may be as simple as a new component in security Jira, needs assigned owner(s))
    • Gavin has found a way to merge gitter, matrix, and IRC into a single room
    • Show the pipeline graph viewer in a “Showing Off” section
      • Mark and Darin Pope will show it in a live stream tomorrow
3 Likes