Attending:
Agenda:
-
Infra migration to JDK17
- Switch Jenkins Weekly Core Release to drop JDK11 · Issue #4135 · jenkins-infra/helpdesk · GitHub
- Bump JDK17 version to 17.0.11_9 by jenkins-infra-updatecli[bot] · Pull Request #118 · jenkins-infra/docker-packaging · GitHub
- Detailed review of the tools still using JDK11 to be done
- Discuss and agree on a plan for the removal of JDK11 from the CI infrastructure
- We won’t extend JDK11 life, despite upstream providers do (Temurin)
-
Container image updates for the Jenkins controller
- New LTS (2.452.3)
- Mark and Darin made a great live about the changes regarding the core itself.
- Adapt jdk manifests to also target build-windows-lts-with-jdk11.yaml
- Bump Debian Bookworm Linux Version to 20240701
- Bump ubi8/ubi to 8.10-1020 in /rhel/ubi8/hotspot
- Bump ubi9/ubi 9.4-1123.1719560047 in /rhel/ubi9/hotspot
- Bump Alpine Linux Version to 3.20.1
- Weeklies (2.464, 2.466, 2.467 and 2.468)
- Bump Alpine Linux Version to 3.20.1
- Bump ubi8/ubi to 8.10-1020 in /rhel/ubi8/hotspot
- Bump ubi9/ubi to 9.4-1123.1719560047 in /rhel/ubi9/hotspot
- Bump Debian Bookworm Linux Version to 20240701
- Add finished date to copy_reference_file.log
- New LTS (2.452.3)
-
Container image updates for Jenkins agents
- Four new releases for the SSH agent (5.41.0, 5.42.0, 5.43.0, and 5.44.0)
- Bump Debian Bookworm Linux version to bookworm-20240701
- Bump Alpine Linux Version to 3.20.1
- Use docker bake to generate docker compose file
- Implement docker calls as make targets
- Remove docker compose target from manifests
- Four new releases for docker-agent (3256.v88a_f6e922152-1, 3256.v88a_f6e922152-2, 3256.v88a_f6e922152-3, and 3256.v88a_f6e922152-4)
- Fix Debian-based Docker image org.opencontainers.image.source label
- Bump Debian Bookworm Linux version to bookworm-20240701
- Bump Alpine Linux Version to 3.20.1
- Include temurin version pattern in updatecli/values.github-action.yaml
- Bump the Jenkins remoting version to 3256.v88a_f6e922152
- Bump updatecli/updatecli-action from 2.60.0 to 2.61.0
- Four new releases for the SSH agent (5.41.0, 5.42.0, 5.43.0, and 5.44.0)
-
Work in progress on images:
- Controller:
- None
- Docker-agent:
- Docker-ssh-agent:
- None.
- Controller:
-
The Spring project made an end of life announcement - JENKINS-68698
- Key milestones in the Spring Security 6.x upgrade
- File upload 2.x in Jenkins weekly 2.459 (no issues reported)
- Require Java 17 in Jenkins weekly June 18, 2024 (see dev list)
- Jetty 12 + EE 8 in Jenkins weekly during July
- Jetty 12 + EE 9 + Spring Security 6.x in Jenkins weekly - TBD
- Platform SIG members can help
- Test drive the Jetty 12 + EE 9 prototype from the jakarta branch
- Built by the ci.jenkins.io job
- Rebuilds frequently as Basil finds new issues
- java -jar testing-jar is more than enough to test
- Running for the last month in Mark’s test environment
- Places that tend to have problems are forms presented to the user that do not retain the values entered by the users
- Watch for stack traces in the Jenkins console logs in case those might point to something interesting
- Built by the ci.jenkins.io job
- We created a sample that builds a docker container with the prototype inside
- Test drive the Jetty 12 + EE 9 prototype from the jakarta branch
- Key milestones in the Spring Security 6.x upgrade
-
Built on top of jakarta [Core » jenkins] [Jenkins]
-
Broken for the time being => make a PR to see if it fails with Jenkins Weekly
-
Java 21 support - 2+2+2 Java Support Plan
- Jenkins enhancement proposal by Mark Waite submitted and being reviewed
- Needs more details before it is merged
- Mark needs to do more research
- Need a list of tasks to do before that change happens
- Spring security 6.x requires Jetty 11 with Jakarta EE 9 (jakarta.servlet), not Jetty 10 with Jakarta EE 8 (javax.servlet)
- August 31, 2024 date seems likely to stick
- The last public build of Spring Framework 5.3.x is August 21, 2024
- Spring framework 6.1 and later require Java 17
- Special thanks to Basil Crow and Adrien Lecharpentier for their involvement.
- They’re working on the first steps to get this done (FileUpload, then JDK 17, and then 1 to 2 weeks later Jetty 10 with EE8 to Jetty 12 with EE9).
- Alternatives:
- Accept that if there is a security vulnerability reported in Spring Security 5.8.x between August 2024 and the end of October 2024, we may need to fork Spring Security and fix it ourselves
- Mark to start discussions in the mailing list to find alternatives
- We’ll choose the next LTS baseline Jun 26, 2024. The baseline release for the next LTS will be something prior to the requirement of JDK17.
- Jenkins enhancement proposal by Mark Waite submitted and being reviewed
-
Oracle critical patch update tomorrow
- Assumed no emergency will be needed
- Download their binaries directly now so that we don’t wait for containers