The currently running version is 2.150.1. That's a couple LTS releases
behind now (2.164.x and 2.176.x).
--
Matt Sicker
Matt Sicker wrote:
>
> The currently running version is 2.150.1. That's a couple LTS releases
> behind now (2.164.x and 2.176.x).
>
> --
> Matt Sicker
--
Matt Sicker
. But if/when you hit a roadblock, *then* we can fix it. Even
> better, figuring it out and telling Infra "please do steps 1, 2, and 3."
>
> Thanks,
> -g
> InfraAdmin, ASF
>
--
Matt Sicker
> >Would it be possible to enforce some sort of fair-use policy that one
> >project doesn’t block all the others?
> >
> >Chris
--
Matt Sicker
other CI/CD platforms currently in use.
> > >>>>
> > >>>> Is there any interest from the ASF to enable this for all Gitbox
> > >>>> projects when it becomes fully public?
> > >>>>
> > >>>
> > >>> Absolutely. The Infrastructure team would love to see groups try this
> > >> out,
> > >>> and share the experiences here.
> > >>>
> > >>> If there are any hurdles, then share them and we'll try to knock them
> > >> down.
> > >>>
> > >>> I am also interested in being able to push to our website
> automatically
> > >>>> using Github Actions. If the git token that can push to a particular
> > >>>> website repository is added as a secret [2] to Github Actions, this
> > >>>> would be pretty easy to use for projects to automate the building of
> > >>>> their websites.
> > >>>>
> > >>>
> > >>> Should be possible. Again, comes back to groups trying this and
> > reporting
> > >>> back how well it went.
> > >>>
> > >>> Cheers,
> > >>> Greg Stein
> > >>> Infrastructure Administrator, ASF
> > >>>
> > >>
> > >
> >
>
--
Matt Sicker
>>
> > >>>> Is there any interest from the ASF to enable this for all
> Gitbox
> > >>>> projects when it becomes fully public?
> > >>>>
> > >>>
> > >>> Absolutely. The Infrastructure team would love to see groups
> > try this
> > >> out,
> > >>> and share the experiences here.
> > >>>
> > >>> If there are any hurdles, then share them and we'll try to
> > knock them
> > >> down.
> > >>>
> > >>> I am also interested in being able to push to our website
> > automatically
> > >>>> using Github Actions. If the git token that can push to a
> > particular
> > >>>> website repository is added as a secret [2] to Github Actions,
> > this
> > >>>> would be pretty easy to use for projects to automate the
> > building of
> > >>>> their websites.
> > >>>>
> > >>>
> > >>> Should be possible. Again, comes back to groups trying this and
> > reporting
> > >>> back how well it went.
> > >>>
> > >>> Cheers,
> > >>> Greg Stein
> > >>> Infrastructure Administrator, ASF
> > >>>
> > >>
> > >
> >
>
--
Matt Sicker
ugs deprecated and removed ?
>
> Enrico Olivelli
> (ZooKeeper committer)
--
Matt Sicker
https://plugins.jenkins.io/email-ext/
> I need to provide the customised template (jelly or groovy) to the
> jenkins administrator to be placed under
> `$JENKINS_HOME/email-templates/`
>
> Is this approach a possibility? Is there any other solution that's been
> used?
>
> regards,
> Mick
>
--
Matt Sicker
To elaborate further, if you look through the global variables available,
you should be able to obtain all the info you’d use in a Jelly template
without the maintenance hassle.
On Sat, Apr 11, 2020 at 10:21 Matt Sicker wrote:
> If you use a pipeline, you can make it say whatever you w
ler wrote:
>
> Bravo for the Simpsons emoji usage in slack messages. I think we should
> steal this, Mick :)
>
> Warm regards,
> Michael
>
> On 4/11/20 10:23 AM, Matt Sicker wrote:
> > To elaborate further, if you look through the global variables available,
>
>
> Ah gotcha, missed that. Yeah that will work :-) Thanks for saying it again.
--
Matt Sicker
27;ve managed to mangle together the following
> text report format:
> https://lists.apache.org/thread.html/r80d13f7af706bf8dfbf2387fab46004c1fbd3917b7bc339c49e69aa8%40%3Cbuilds.cassandra.apache.org%3E
--
Matt Sicker
at 09:43, Matt Sicker wrote:
>
> Oh, you're using CloudBees Core. The plugin might not be installed in
> your team master. I was referring to builds.a.o
>
> On Wed, 15 Apr 2020 at 01:44, Mick Semb Wever wrote:
> >
> > > Have you tried adding a config file through
w, same
> cut off date, Cassandra, Beam, CouchDB have already migrated and are doing
> very well in their new homes.
>
> Lets get going ...
>
> --
>
> *Gavin McDonald*
> Systems Administrator
> ASF Infrastructure Team
--
Matt Sicker
Oh, I misread the initial email. Could you create a folder for Logging?
On Thu, 16 Jul 2020 at 16:31, Matt Sicker wrote:
>
> I tried logging in, but I don't seem to have any ability to create anything.
>
> On Thu, 16 Jul 2020 at 11:33, Gavin McDonald wrote:
> >
> >
Sicker wrote:
>
> Oh, I misread the initial email. Could you create a folder for Logging?
>
> On Thu, 16 Jul 2020 at 16:31, Matt Sicker wrote:
> >
> > I tried logging in, but I don't seem to have any ability to create anything.
> >
> > On Thu, 16
here are others that are missing; I've only looked at one job so
> >>> far.
> >>>
> >>
> >> Thanks, please file an INFRA jira
> >>
> >>
> >>>
> >>>
> >>>> --
> >>>>
> >>>> *Gavin McDonald*
> >>>> Systems Administrator
> >>>> ASF Infrastructure Team
> >>>>
> >>>
> >>
> >> --
> >>
> >> *Gavin McDonald*
> >> Systems Administrator
> >> ASF Infrastructure Team
> >>
> >
>
> --
>
> *Gavin McDonald*
> Systems Administrator
> ASF Infrastructure Team
--
Matt Sicker
Could be requiring a newer Jenkins version by now ;)
One other plugin I noticed I was using is Warnings NG:
https://plugins.jenkins.io/warnings-ng/
On Fri, 17 Jul 2020 at 17:53, Gavin McDonald wrote:
>
> Hi Matt
>
> On Sat, Jul 18, 2020 at 12:35 AM Matt Sicker wrote:
>>
&g
On Sat, Jul 18, 2020 at 12:56 AM Matt Sicker wrote:
>
>> Could be requiring a newer Jenkins version by now ;)
>>
>
> Yes, every 3 months is the plan, when I last upgraded in April, we were on
> the
> very latest then, now it's time to upgrade again, and I plan that
One other plugin that might be missing: the gitbox SCM source? Not sure how
to configure webhooks otherwise without creating a personal API token on
GitHub or something.
On Fri, 17 Jul 2020 at 18:10, Matt Sicker wrote:
> That's fine with me. The Slack plugin isn't too big a deal si
Yes, that one. Otherwise, I don’t think we’ll get push based build triggers
on gitbox URLs.
On Sat, Jul 18, 2020 at 04:47 Gavin McDonald wrote:
> Hi Matt
>
> On Sat, Jul 18, 2020 at 1:57 AM Matt Sicker wrote:
>
>> One other plugin that might be missing: the gitbox SCM sourc
ead is getting a bit large, lets try and stop posting
> > > there.
> > > > >
> > > > > For new plugin installation requests please either file an INFRA
> Jira
> > > > > ticket or reply to this new thread.
> > > > >
> > > > > Over the next couple of weeks, I will ensure plugins get installed
> > > timely
> > > > > so you can continue testing the new system and getting your jobs
> > > > > to work.
> > > > >
> > > >
> > > >
> > >
> > > --
> > > Olivier Lamy
> > > http://twitter.com/olamy | http://linkedin.com/in/olamy
> > >
> >
> >
> > --
> >
> > *Gavin McDonald*
> > Systems Administrator
> > ASF Infrastructure Team
> >
>
>
> --
> Olivier Lamy
> http://twitter.com/olamy | http://linkedin.com/in/olamy
>
--
Matt Sicker
at's what I was looking for. If you add parallel as
> described in https://www.jenkins.io/blog/2017/09/25/declarative-1/ I would
> assume that they no longer run sequentially.
>
> Best,
> Dennis
--
Matt Sicker
per exciting
> > news on a Saturday, I'm sure you've likely spit out your Wheaties in
> > excitement.
> >
> > The 'Windows' label will continue to work on both old and new build
> > servers. That is until we turn off builds.a.o on August 15th, so
> > remember to migrate your jobs.
> >
> > Have a great weekend!
> >
> > -Chris T.
> > #asfinfra
--
Matt Sicker
FYI, the toolchains configFileProvider thing is only needed for
multi-JDK builds (like in Log4j). The withEnv is the important part
here.
On Mon, 27 Jul 2020 at 09:47, Matt Sicker wrote:
>
> I was unable to get Maven to work using the tool DSL initially, but I
> did manage to get it wor
r have a global toolchains.xml configured
on each node, or to have global config files in Jenkins that any job
can use (I stored mine in the Logging folder).
On Mon, 27 Jul 2020 at 09:52, Gavin McDonald wrote:
>
> Hi All,
>
>
> On Mon, Jul 27, 2020 at 4:48 PM Matt Sicker wrote:
>
>
Typo in my code sample: should be ${tool 'JDK 1.8 (latest)'} as the
lib DSL is something else.
On Mon, 27 Jul 2020 at 10:09, Matt Sicker wrote:
>
> Oh, well, since the tool locations still seem to be the same (they're
> the same nodes after all), hard-coding the
gration of Apache ZooKeeper is blocked by INFRA-20613. We need a proper
> GitHub account to migrate our PreCommit jobs.
>
> Please respond on the ticket.
>
> Thanks,
> Andor
>
>
--
Matt Sicker
> > On Mon, 3 Aug 2020 at 14:13, Dennis Kieselhorst wrote:
> >
> > > Hi,
> > >
> > > currently the queue is again ~3500 builds long. I already experienced
> > this
> > > several times. Any update on a fix?
> > >
> > > Best,
> > > Dennis
> > >
> >
> >
> > --
> > Olivier Lamy
> > http://twitter.com/olamy | http://linkedin.com/in/olamy
> >
>
>
> --
>
> *Gavin McDonald*
> Systems Administrator
> ASF Infrastructure Team
--
Matt Sicker
.. machines/workers isolated/hermetic?
> What if malicious code is submitted as a GitHub pull request?
>
> Vladimir
--
Matt Sicker
5 PM UTC schrieb Gavin McDonald <
> gmcdon...@apache.org <mailto:gmcdon...@apache.org> >:
>
> Hi,
>
> As detailed in previous emails and the shiny yellow banner on
> builds.apache.org <http://builds.apache.org> , your jobs need migrating
> to ci-builds.apache.org <http://ci-builds.apache.org> ; and ,
> in your case, your two lucene nodes.
>
> All this before August 15th
>
> Please let me know when you want me to move your nodes over to the new
> server.
>
> Thanks
>
>
>
>
>
>
> --
>
> <
> https://docs.google.com/uc?export=download&id=14XAxDiKQKdzj5fyVBrnygMFzK97BCLtZ&revid=0B5hu7lzp9DLfRkdTQUxHVVo3S0dDR1RPK1dSKys2Ym15QmtJPQ>
>
>
> Gavin McDonald
>
> Systems Administrator
>
> ASF Infrastructure Team
>
>
>
>
>
>
> --
>
> <
> https://docs.google.com/uc?export=download&id=14XAxDiKQKdzj5fyVBrnygMFzK97BCLtZ&revid=0B5hu7lzp9DLfRkdTQUxHVVo3S0dDR1RPK1dSKys2Ym15QmtJPQ>
>
>
> Gavin McDonald
>
> Systems Administrator
>
> ASF Infrastructure Team
>
> --
Matt Sicker
t; We have a seed job that creates all of the other jobs
> >>> >
> >>> > I have already created the new seed but actually it is useless.
> >>> >
> >>> > Any idea?
> >>> >
> >>>
> >>> Right, so a part of this migration process involves finding out what
> >>> plugins might be
> >>> needed for Jobs, and installing them as we come across them.
> >>>
> >>> I just installed the Job DSL plugin and your Process DSL option should
> >>> now
> >>> be available for you.
> >>>
> >>> Let me know how you get on
> >>>
> >>>
> >>> > Enrico
> >>> >
> >>>
> >>>
> >>> --
> >>>
> >>> *Gavin McDonald*
> >>> Systems Administrator
> >>> ASF Infrastructure Team
> >>>
> >>
> >
> > --
> >
> > *Gavin McDonald*
> > Systems Administrator
> > ASF Infrastructure Team
> >
--
Matt Sicker
eful.
> >
> > Is there any chance there might be a more generic solution than using
> > personal tokens or high-effort investment of INFRA to the problem of
> > setting the commit status on GitHub from ci-builds in the near future?
> >
> > Cheers,
> >
> > -- Richard
>
--
Matt Sicker
rces/nutch-default.xml
>
>
>
> Is there are reason for the stricter security policy?
>
> If yes, what is the preferred way to publish documentation of nightly
> builds?
>
>
>
> Thanks,
>
> Sebastian
>
> --
Matt Sicker
https://github.com/apache/struts-site/pull/147/files
>
> >> > >
>
> >> > > I don't know why but PRs to this [1] repo do not trigger the build
> [2]
>
> >> > > - could you check if webhook was defined?
>
> >> > >
>
> >> > > [1] https://github.com/apache/struts-site/
>
> >> > > [2] https://ci-builds.apache.org/job/Struts/job/Struts-staged-site/
>
> >> > >
>
> >> > >
>
> >> > > Regards
>
> >> > > --
>
> >> > > Łukasz
>
> >> > > + 48 606 323 122 http://www.lenart.org.pl/
>
> >> > >
>
> >> >
>
> >> >
>
> >> > --
>
> >> >
>
> >> > *Gavin McDonald*
>
> >> > Systems Administrator
>
> >> > ASF Infrastructure Team
>
> >>
>
> >>
>
> >>
>
> >> --
>
> >> Best regards,
>
> >> Maxim
>
> >>
>
> >
>
> >
>
> > --
>
> >
>
> > *Gavin McDonald*
>
> > Systems Administrator
>
> > ASF Infrastructure Team
>
> >
>
>
>
>
>
> --
>
> Best regards,
>
> Maxim
>
> --
Matt Sicker
t; > https://ci-builds.apache.org/job/Commons/job/commons-numbers/2/console
> > https://ci-builds.apache.org/job/Commons/job/commons-rng/3/console
> >
> > Any idea about the cause?
> >
> > Thanks,
> > Gilles
>
--
Matt Sicker
detection worked sometimes but not
>
> always.
>
>
>
> -Bertrand
>
>
>
> > [2]
> https://ci-builds.apache.org/job/Sling/job/modules/job/sling-org-apache-sling-launchpad-testing/job/master/
>
> --
Matt Sicker
, at 2:55 PM, Joan Touzet wrote:
> > >>>> I think that any release of ASF software must have corresponding
> > sources
> > >>>> that can be use to generate those from. Even if there are some binary
> > >>>> files, those too should be generated from some kind of sources or
> > >>>> "officially released" binaries that come from some sources. I'd love
> > to
> > >> get
> > >>>> some more concrete examples of where it is not possible.
> > >>>
> > >>> Sure, this is totally possible. I'm just saying that the amount of
> > >> source is extreme in the case where you're talking about a desktop app
> > that
> > >> runs in Java or Electron (Chrome as a desktop app), as two examples.
> > >>
> > >>
> > >> ... and mostly impossible when talking about Windows containers.
> > >>
> > >>
> > >
> >
>
>
> --
>
> Jarek Potiuk
> Polidea <https://www.polidea.com/> | Principal Software Engineer
>
> M: +48 660 796 129 <+48660796129>
> [image: Polidea] <https://www.polidea.com/>
--
Matt Sicker
t;> Hi,
> >>
> >> Sorry if the topic is redundant, I haven’t been following builds@ list for
> >> a while and couldn’t find the archives online.
> >>
> >> Is there already a way to configure GitHub PR comment to trigger build in
> >> the new Jenkins instance?
> >>
> >> I think it was the ‘GitHub PR Comment Build’ plugin in the old instance.
> >> https://plugins.jenkins.io/github-pr-comment-build
> >>
> >> Thanks,
> >> Andor
> >>
> >>
--
Matt Sicker
ct 13, 2020 at 5:25 PM Matt Sicker wrote:
>
> > I'm not sure if we have the latest version of it, but the GitHub SCM
> > reporting plugin we have installed should add GitHub Checks links to
> > replay parts or all of a pipeline. Note that the GitHub SCM Reporting
> >
I can almost guarantee that credential you found is someone’s personal
access token anyways. I don’t think anything has been set up org wide
besides the GitHub app for webhooks and checkouts.
On Thu, Oct 29, 2020 at 02:10 Istvan Toth wrote:
> There was quite a bit of traffic on this list about h
There are global docker settings in Jenkins that apply to that similar to
the GitHub credentials. Or they could be provided as credentials in
general. Personally, I’d lean toward an over engineered solution like
Vault, but that’s out of scope I think.
On Mon, Nov 2, 2020 at 15:16 Joan Touzet wrot
That’s all configurable per job, etc.
Depending on how big your repo is, you might be able to use lighter weight
checkouts.
On Mon, Nov 2, 2020 at 16:01 Dave Fisher wrote:
> Hi -
>
> I’ve been sledgehammering gitbox with OpenOffice.org migrations. I’m
> taking a break as I appear to have hit a
You need to generate an API token for your user or generate a CSRF token
(crumb) for your normal password.
On Wed, Nov 4, 2020 at 18:44 sebb wrote:
> I can use curl to get the contents of a config.xml, but POSTing an
> updated file fails with
>
> No valid crumb was included in the request
>
> I
Manually reviewing third party actions would be comparable to reviewing
shared libraries in Jenkins or Maven plugins or similar. Since the code
runs in a privileged context, allowing arbitrary git repositories to take
part would allow for supply chain attacks. While pinning to a commit is a
good wo
Couple things about Jenkins credentials:
1. The credentials are stored encrypted in the controller and are
dynamically decrypted and bound to jobs over the Jenkins remoting
protocol. A malicious dependency would not be able to gain access to
other credentials in Jenkins unless you're running your
Seems as though my information on that websites node is out of date.
That's no longer a node and is handled separately:
https://cwiki.apache.org/confluence/display/INFRA/git+-+.asf.yaml+features#git.asf.yamlfeatures-WebSiteDeploymentServiceforGitRepositories
If I recall correctly, I believe some i
Website builds are handled by a specific deployment script that
doesn't necessarily need to give write access to GitHub Actions or
other builds. Unless you're talking about generating a static site and
committing it to git and then having it published? Which is also
somewhat supported for website b
GitHub supports SVN to an extent, but it's more of an SVN view of a
Git repo. Try it out:
svn info https://github.com/apache/whimsy/
Path: whimsy
URL: https://github.com/apache/whimsy
Relative URL: ^/
Repository Root: https://github.com/apache/whimsy
Repository UUID: 54ef964a-1539-08b0-68b0-ce57b
It must have been many, many years since you last looked at Jenkins.
They've supported pipelines (stored in your code repository) since at
least 2015 or so.
https://www.jenkins.io/doc/book/pipeline/
On Fri, 8 Jan 2021 at 15:17, Antoine Pitrou wrote:
>
>
> Hi,
>
> On Fri, 8 Jan 2021 12:49:03 -080
On Fri, 8 Jan 2021 at 16:04, Jarek Potiuk wrote:
>
> Github Actions, GitLab, TravisCI. even Cloud Build are s much easier
> to work with and get your stuff done.
The multiple threads about how shitty those are in practice for your
needs seem to indicate otherwise. Security and easy learning
Oops, forgot the footnote:
[1]: https://github.com/kubernetes/test-infra/tree/master/prow
On Fri, 8 Jan 2021 at 16:15, Matt Sicker wrote:
>
> On Fri, 8 Jan 2021 at 16:04, Jarek Potiuk wrote:
> >
> > Github Actions, GitLab, TravisCI. even Cloud Build are s much easier
&g
I work on the Jenkins security team. We don’t have embarrassing security
failures like this anymore, but part of that is due to the added complexity
of a secure configuration. By the time GA meets your security standards,
it’ll likely either require non-trivial changes to your CI scripts, or
it’ll
s time to think that everything (including
> GitHub repos)
> should be self-hosted by INFRA, because if you are dealing with partners
> like that
> you should have some negotiating power, otherwise, you put yourself in a
> loosing
> position.
>
> But again - I do not know
to be important allies here in requesting GitHub
do anything.
On Sun, 10 Jan 2021 at 11:08, Jarek Potiuk wrote:
>
> On Sun, Jan 10, 2021 at 5:28 PM Matt Sicker wrote:
>
> > If we can get GA to handle our use case properly, that would be awesome.
> > Being in the security engin
To be honest, this sounds exactly like the usual CI problem on every
platform. As your project scales up, CI becomes a Hard Problem. I don’t
think throwing hardware at it indefinitely works, though your research here
is finding most of the useful things.
On Tue, Feb 9, 2021 at 02:21 Jarek Potiuk
Folders can store credentials as well if you're on the main Jenkins
instance here.
On Wed, 14 Apr 2021 at 12:19, Joan Touzet wrote:
>
> On 14/04/2021 13:05, Mick Semb Wever wrote:
> >> Then it is easy to use our own Jenkins-stored creds
> >> (https://urldefense.proofpoint.com/v2/url?u=https-3A__w
I thought one of the key points raised by Jarek before was that even with
infinite compute resources, unoptimized actions will fill up all the
compute (like how widening highways induces higher traffic demand). The
per-PMC compute budgets sounds like a great way to help “shift left” on the
problem
Thanks so much for holding them to account! This is great news. :)
On Sun, Jun 20, 2021 at 10:49 Jarek Potiuk wrote:
> Hello Everyone,
>
> GitHub Security Update: You can now specify finer-grained permissions
> for Github Tokens - something that I complained about to GitHub. This
> could help in
59 matches
Mail list logo
