Participants
Damien Duportal (@dduportal ), Hervé Le Meur (@hlemeur ), Stephane Merle (@smerle), Mark Waite (@MarkEWaite), Tim Jacomb (@timja)
Official minutes on GitHub.
Announcements 
- Weekly 2.341
- Release build restarted, running 90 minutes currently looking good for
- Security Plugin Advisory
- Upcoming LTS 2.332.2
- RC available for testing
- Timeline: 6th of April
Notes 
-
weekly.ci.jenkins.io or design-library.jenkins.io?
- Once June LTS is released, want it on ci.jenkins.io
- Need it earlier for easy access
- Kubernetes and similar configuration to infra.ci.jenkins.io
- @timja opened a helpdesk issue so that we can start on it
-
WiP/Todo (infra-team-sync-2022-04-05 Milestone · GitHub)
-
Migrate ratings.jenkins.io from AWS to Azure
- Done: PgSQL database in azure terraform (thanks @smerle @timja)
- Todo: install the helm chart in prod then import existing data (@smerle)
-
DockerHub API Rate Limit on VMs for ci.jenkins.io
- PR #333 on pipeline-library by @smerle to spread the credentials (pull/push and per instance, no modulo in this PR)
- Still todo: contact Docker @dduportal
-
Email alias for press releases
- No answer from KK. Gotta contact mailgun (@dduportal?)
-
Templatize the job definition list to generate DSL with per-folder/job credentials
- Blocks Migrate infra-report from trusted.ci to infra.ci
- WiP: helm template with all kind of credentials that we are using on infra.ci
- ToDo: create a chart that insert the configmap with the correct label (almost there!)
- fallback if not working: a big huge template to write in helmfile. But using helm is clearly better to open the road for a contrib (and template is already done in helm…)
-
- Done: CLI installed, pipeline-library (almost
thanks to @lemeurherve
- Azure and AWS are the only providers concerned for the moment (supported providers)
- Use of 2 methods:
- 1st recommended one: parsing the terraform plan
- Only used for Azure as it doesn’t contains the most sensible secrets
- 2d experimental one: parsing HCL terraform manifests
- No access to any sensible value
- Used on AWS for now
- Parity with the plan parsing is not assured, when it will all providers will use this method
- 1st recommended one: parsing the terraform plan
- Todo: evaluate first results
- Call for contribution on their jenkins examples (empty)
- Done: CLI installed, pipeline-library (almost
-
- Original issue: set core.longpaths=true in all the windows containers used for builds
- Done: long paths in Windows tests problem solved in short term by adding the corresponding git config in the
buildPluginshared pipeline - The inclusion of this config has been started in the official
docker-agentimage in the jenkinsci organisation (fix: enable long paths for git in Windows images), but would need to be propagated to another 2 jenkinsci repositories before being usable, so… - Todo: build our own Windows Docker images (instead of using
jenkins/agent*:windows*)
-
Monitor builds on our private Jenkins instances
- Mark has (Jenkins) RSS check for ci.jenkins.io: he’ll check with Daniel if it is not exposing sensitive data.
- If ok, then we’ll try to reuse his work for this
-
Archera requirements: to be evaluated by the Security team
- We didn’t asked yet to review the IAM requirements Archera gave us
- They don’t seem to have any bandwidth available before April 14th
-
Digital Ocean sponsoring
- The remaining credit on our account is around $1400
- We consume ~$1000/month
- Are we ready to ask them for an additional donation?
- Need the blog post and logo on the web site before we ask
- Mark and Herve pair on a blog post
-