►
From YouTube: 2022 08 23 Jenkins Infra Meeting
Description
No description was provided for this meeting.
If this is YOUR meeting, an easy way to fix this is to add a description to your video, wherever mtngs.io found it (probably YouTube).
A
A
A
So
we
have
a
guest
today,
Bob
I
propose
that
we
get
started
with
you
before
we
proceed
with
the
rest.
So
let
me
take
note
but
miles
right
can
I.
Let
you
introduce
yourself
and
explain
a
bit
why
you
have
joined
us
today,
yeah.
B
Absolutely
thanks
for
having
me
guys.
My
name
is
Bob
Mars
I'm,
the
founder
of
salad,
salad.com
is,
is
our
domain
and
we're
building
a
distributed.
Cloud
infrastructure
product,
starting
with
a
managed
container
service-
and
you
know
it's
a
very
early
stage-
startup
we're
kind
of
exploring
what
are
the
different
workloads
use
cases,
jobs
that
we
might
be
able
to
support
with
our
infrastructure.
B
What
makes
it
unique
is
instead
of
being
powered
by
you
know,
purpose-built
data
center
we've
got
tens
of
thousands
of
nodes
provided
by
Gamers
and
their
PCS
with
gpus,
providing
the
compute
so
we're
very
early
stage,
just
bringing
an
MVP
to
Market
and
I'm
kind
of
reaching
out
to
explore
kind
of
Partnerships
and
provide
compute
in
return
for
feedback
for
the
the
new
product
that
we're
building
and
here
at
Jenkins.
B
You
know,
I
know
you
guys
some
of
the
work
that
you
guys
do
with
batch
jobs
and
cicd
kind
of
fit
the
characteristics
of
what
might
be
compatible
with
with
our
infrastructure
and
obviously,
there's
plenty
of
nuance
with
the
infrastructure.
But
I've
probably
overstate
my
welcome
with
the
introduction
here,
but
yeah
looking
forward
to
hopefully
learning
a
bit
more,
whether
whether
we
can
provide
some
compute
in
return
for
some
feedback.
A
Okay,
thanks
for
the
presentation,
so
just
turn
up
the
table
before
we
continue
on
that
subject.
A
Then
we
have
ER
velomer,
raise
you
underway
so
available
is
working
with
me
as
a
SRE,
so
same
job,
same
role,
same
area,
Stefan
Merrell
as
well.
The
three
of.
C
A
A
A
So
yes,
so
thanks
for
the
introduction
Bob
about
salat.com,
so
if
I
understand
correctly,
you
will
be.
Your
proposal
is
having
the
change
asking.
If
the
Jenkins
project
will
will
try
select.com
projects
and
to
have
some
feedbacks
on
how
it
work
and
the
product
and
everything
is
that,
is
that
correct.
B
Yeah
at
this
stage,
we
we're
still
learning
what
use
cases
and
workloads
are
sort
of
viable
for
our
Network.
So
I
think
you
characterized
it
well
yeah.
We
we
we're
still
it's
not
ready
today,
but
in
the
next
say
month
or
two
looking
for
people
who
are
kind
of
willing
to
kick
the
tires
and-
and
you
know,
use
some
of
the
compute
and
provide
us
feedback
and-
and
we
have
more
compute
than
we
know
what
to
do
with
right
now.
B
So
so
I
thought
you
guys
would
be
a
good
kind
of
community
to
explore
whether
you've
got
workloads
that
that
might
be
of
interest
to
distribute
so
yeah
I
think
you,
you
know
I'm
happy
to
share
a
lot
more
as
well,
but
I
think
you've,
you've
characterized
it
well.
B
B
So
compute
bandwidth
and
storage
we've
been
around
for
four
years
now
and
we've
been
primarily
monetizing
the
network
with
proof
of
work,
so
crypto
mining,
so
you
guys
have
all
heard
of
that,
but
we
incentivize
everyone
on
the
network
through
a
pricing
model
or
an
incentive
model
where
they
get
games
gift
cards
subscriptions,
so
it
abstracts
away
the
workload.
So
that
means
that
we
can
distribute
any
workload
across
the
network
and
after
four
years
tapping
into
crypto.
B
We
now
have
these
tens
of
thousands
of
Gamers
and
their
PCS
with
their
gpus,
so
we're
using
WSL,
wsl2
Windows
sub
6
subsystem
for
Linux
to
kind
of
standardize,
the
compute
environment
across
the
network
and
we're
building
a
managed
container
service
to
support
containerized
workloads,
and
so
obviously
it's
not
a
purpose-built
data
center,
as
as
you
described,
you
know,
with
with
racks
of
of
servers
optimized
for
certain
workloads.
B
There's
a
bit
of
nuance
here:
where
we've
got
consumer
brand
Broadband
to
actually
distribute
jobs,
and
also
you
know,
I'm
sure,
as
you
guys
as
a
bunch
of
Engineers,
would
appreciate.
If
you
have
physical
access
to
the
device,
then
you
can.
You
know
we
can't
provide
kind
of
the
level
of
security
that
say
naws
can
so
that's
why
we're
leaning
into
more
open
source
type
jobs,
those
that
don't
have
really
high
data
sensitivity
with
their
data
sets.
B
So
in
a
nutshell
where,
where
early
stage
bringing
this,
this
kind
of
MVP
managed
container
service
to
Market
and
I'm
I'm
kind
of
exploring
who
are
some
of
the
initial
use
cases
that
that
perhaps
we
can
trade
free
compute
in
return
for
feedback
for.
D
Sorry,
Mark
good,
so
Bob,
I
I
had
a
question
or
two,
so
the
the
it
sounds
like
this
is
something
that
your
compute
model
is
something
like
the
compute
model
that
was
used
previously
by
the
seti
project,
where
donors
are
willing
to
offer
compute
to
a
central
resource
they
receive
it,
they
receive
a
task,
they
do.
The
compute
and
the
results
of
the
task
are
sent
back
to
the
central
resource
is
that
is
that
a
safe,
a
safe
description
or
a
safe
analogy?.
B
Yeah,
it
is
Mark
and
just
to
build
on
that
seti
at
home
or
folding
at
home.
You
know
very
different
incentive
model.
It's
you
kind
of
paid
by
the
warm
and
fuzzies.
You
know
it's.
D
B
Touristic
actors
charitable
actors
sharing
their
compute,
so
there's
no,
no
reason
for
nefarious
actors
to
defraud
seti
at
home.
Here
we've
tapped
into
proof
of
work
which
is
trustless,
so
it
allows
us
to
onboard
nodes.
They've
got
to
do
10,
000
minutes.
Oh
sorry,
10
000
seconds
contributing
sorry,
it's
10
000
minutes
contributing
to
the
network
before
they
and
we
characterize
those
nodes
as
trustworthy
or
not
trustworthy.
B
You
know
that's
one
data
point
in
kind
of
this
algorithm
to
deem
the
reputation
of
a
node
and
then
we're
unlocking
those
nodes
who
have
been
on
the
network
built
that
reputation
for
different
workloads,
which
is
which
is
kind
of
the
product
we're
building
today.
So
yes
same
model,
but
we're
still
about
six
weeks
out
from
from
actually
having
an
MVP
for
people
to
kick
their
tires
with.
So
but
you
explained
it
explained,
that's
that's
the
Perfect
Analogy,
actually
just
a
different
incentive
model
thanks.
D
Okay,
thanks
very
much
so
so,
ultimately,
you've
got
what
we
would
consider
untrusted
compute,
but
that's
willing
to
donate
and-
and
that's
that
I
think
will
be
a
different
mental
model
for
us
trying
to
find
a
place
where
we
we.
What
are
the
tasks
that
we
can
do
where
we
would
run
them
on
what
we
would
classify
as
untrusted
compute
I
know,
you've
done
a
trust,
developed
a
trust
model,
but
for
us
it
would
look
like
untrusted
compute
and
we've.
We've
actually
got
isolation
levels
already
in
some
of
our
systems.
D
That
intentionally
do
something
like
that
untrusted,
but
this
is
sort
of
another
level
of
untrusted
than
what
we've
already
got
so
I
think
we'd
need
some
time
to
consider
it
to
ponder
it
and
see.
Okay.
What
places
might
we
might
we
apply
this
effectively
and
which
places
would
the
risks
outrage
outweigh
the
benefits
of
the
additional
compute
that
you're
offering
now
I
guess
one
another
question
for
me
is
typical
duration
of
the
contribution
from
one
of
these
workers
is
it.
D
We
have
jobs
that
take
30
minutes
to
execute
on
a
on
a
multi-cpu
box
on
one
of
the
cloud
providers.
Is
that
way
outside
of
the
range
of
what
you're
used
to
do?
You
typically
give
them
a
task?
That's
a
a
one
minute
task
or
a
a
five
second
task.
How
does
your?
How
does
your
your
allocation
work
in
terms
of
compute
time
that
they
donate.
B
There's
a
very
wide
spectrum.
The
the
one
thing
we
can't
provide
is
on
demand.
You
know
sort
of
six
nines
of
uptime,
as
you
can
imagine,
but
it's
it's
really
interesting.
Actually,
looking
at
the
characteristics
of
the
different
nodes
on
the
network,
there
is
a
good
cohort,
so
10
to
20,
but
we'll
actually
run
our
software
24,
7.
B
and,
and
we
kind
of
characterize
those
individuals
as
Gamers
that
have
perhaps
got
an
extra
PC,
an
older
gen
PC
that
they're
just
leaving
running
the
whole
time
in
order
to
generate
a
you
know
a
Discord
subscription
or
whatnot
from
the
value
of
that
that
device.
So
we
certainly
have
devices
that
have
a
respectable
uptime
and
we
can.
We
can
certainly
accommodate
30-minute
jobs
and,
and
the
way
we're
designing.
B
The
system
is
where,
if,
if
a
job
does
get
interrupted
or
terminated,
we
can
fail
over
to
to
another
node
on
the
network
and
actually
see
that
container
kind
of
execute
through
so
but
30
minutes
is
definitely
within
the
realm
and
and
one
of
the
fun
things
we're
working
on
is
kind
of
gamification,
where
you
know,
if,
if
someone
is
going
in
there
to
kill
our
software
in
the
midst
of
a
job,
we
can
actually
encourage
them
to
hey
give
us,
you
know,
give
us
five
minutes
to
either
take
a
snapshot
or
or
finish
out
the
job
so
another
another
bit
of
nuance
of
our
infrastructure.
D
A
I
might
have
some
question
because
I
wasn't
able
to
find
any
information
about
what
kind
of
isolation
is
provided
on
the
workload
on
these
machines
and
what
kind
of
encryption
is
used
to
ensure
that
the
owner
of
the
underlying
machine
isn't
able
to
pick
anything
inside
the
workload
because
container
is
not
encrypted
or
not
so
it
isolated
and
the
third
question
I
have
for
you
is:
do
you
have
a
metrics
about
the
electrical
consumption
of
that
thing?.
B
Yeah,
so
so
let
me
I
missed
the
first
question,
I'm
sorry,
so
let
me
step
back
and
then
you
can
re-ask
that
one
when
it
comes
to
the
suppliers,
so
so
the
people
running
our
software.
You
know
we
we
mentioned
so
in
our
Discord
Community.
There's
50
000
people,
mostly
Gamers,
we're
very
transparent
about
hey.
There
is
a
catch
to
running
salad.
It
costs
electricity.
B
You
know
if,
if
you're
getting
rewarded
for
your
compute
Cycles
and
there's
no
catch,
then
obviously
something's
wrong,
so
so
we're
it's
almost
a
marketing
line
for
us
to
say:
hey
there
is
a
catch.
You've
got
to
maintain
your
cooling
system
of
your
PC.
B
B
So
so
we
let
that
decision
about
the
economical
rationality
of
of
running
software.
The
onus
is
on
the
supplier
to
make
that
decision,
whether
they
want
to
actually
Supply
their
compute
resources
or
not.
B
Second
question
around
the
level
of
encryption:
we're
not
employing
anything
like
fully
home
or
more
morphic,
encryption
or
or
anything
at
this
stage,
Beyond
just
the
compute
environment.
What
we
do
have
outside
of
the
the
virtual
machine
that
we
spin
up
is
a
bit
like
the
gaming
industry.
There's
there's
certain
watches
that
we
have
as
part
of
this
reputation
system,
to
see
whether
that
host
is
actually
running
any
nefarious
software
or
interrupting
any
traffic
from
that
container.
B
B
We
can
use
where
we're
working
towards
working
with
sift.com,
who
kind
of
provides
a
a
rating
of
of
the
trustworthiness
of
an
individual
and
we're
also
working
towards
having
a
a
solid
card
where
you
turn
that
latent
value
of
your
PC
into
a
essentially
a
credit
card
or
debit
card
that
you
spend
online
and
as
part
of
that
process,
there'll
be
a
kyc.
So
it's
kind
of
the
equivalent
of
a
know.
B
Your
know,
your
provider
for
us,
so
multiple
kind
of
levels
to
that
are
going
to
minimize
fraud
there,
but
ultimately,
we
do
not
recommend
the
platform
home
for
anything
that
has
sensitive
data
sets,
so
we're
really
focused
on
kind
of
Open
Source,
the
open
source,
community
and
and
workloads
and
data
sets
and
code
that
is
going
to
be
made
public
anyway.
We
feel,
like
that's
kind
of
our
initial
target
market,
for
for
our
resources
and
and
I'm
sorry,
I
missed
your
first
question.
A
A
B
Our
head
of
engineering
here
would
would
be
the
first
to
say,
because
we
don't
have
physical
access
to
the
machine.
We
cannot
provide
an
SLA
guaranteeing
the
security
of
of
the
workload
on
those
machines.
So
that's
kind
of
our
party
line
here
is:
do
not
distribute
sensitive
data
sets,
do
not
distribute
Secrets,
do
not
distribute
anything.
B
That's
that's
kind
of
highly
sensitive
with
with
the
data,
so
you
know
I
I,
don't
see
a
future
for
us
supporting,
say,
HIPAA
compliant,
sensitive
Medical,
Data
workloads,
that's
just
not
in
our
future,
we're
kind
of
targeting
a
very
different
type
of
of
of
customer
who
doesn't
have
those
those
security
concerns.
Okay,.
A
A
However,
if
you
want
to
be
able
to
git
clone
the
repositories
to
avoid
reaching
the
API
rate
limit
of
github.com,
you
need
a
key,
and
their
old
CI
system
usually
have
needs
some
kind
of
Kit
with
identify
who
is
getting
the
data
and
that
one
is
sensitive,
because
if
anyone
get
that
they
can,
they
can
reuse
it
to
whatever
use
case.
They
could
have
good
or
bad,
but
that's
so
great
on
shoulder,
that's
a
secret
which
is
sensitive
by
Nature,
even
though
the
data
is
public
and
reachable
by
everyone.
A
It's
just
there
is
in
the
AAA
framework.
We
are
at
the
firm
it's
accounting
issue:
it's
not
authentication,
neither
authorization
it's
accounting
because
of
the
API
rate
limit
to
not
destroy
the
GitHub,
because
with
such
a
network,
that's
why
they
put
API
with
limit
same
for
Docker
containers
if
they
don't
put
API
rate
limit
on
their
system.
Such
a
network
could
absolutely
destroy
their
service
and
the
requirement
for
a
token,
and
we
are
in
that
area
for
part
of
our
feedback,
which
is
not
sensitive
but
not
interested.
B
Yeah
I'll
I'll
have
to
take
I've
jotted
that
down
I,
know
Daniel
and
Kyle
that
had
a
product
head
of
engineering
here
this
is
something
we've
looked
at,
is
is
kind
of
the
management
of
Secrets
and
keys
and
I
know
they
had
an
answer
to
it,
but
but
I'd
be
lying.
If,
if
I
told
you
what
that
was
right
now
so
I'll
have
to
Circle
back
I'll
come
to
a
future,
perhaps
I'll
bring
them
along
because
I
know
this
is
a
question.
A
B
Yeah
so
we're
the
vast
majority
of
machines
on
our
Network
running,
Windows
and
and
now
shipping
native
to
Windows.
We've
got
WSL
or
wsl2,
which
gives
us
the
ability
to
to
actually
tap
into
the
GPU
or
3D
acceleration
as
well.
So
we're
using
that
windows
subsystem
for
Linux
to
spin
up
a
Linux
environment,
and
that's
that's
the
compute
environment,
which
we
run
these
these
containers
in
so
that's
standardized
across
the
network.
Despite
having
very
heterogeneous
Hardware
that
that
Powers,
our
Network.
D
Sorry
to
interrupt:
do
you
have
any
real
Linux
machines
also
because
gaming
on
Linux
is
a
thing
in
22?
So
does
your
product
work
directly.
B
On
Linux
yeah,
we
because
our
software
is
open
source.
We
actually
had
a
Community
member
who,
who
cut
a
build
for
Linux
I
top
of
mind,
don't
have
the
numbers
of
how
many
nodes
on
the
network
are
actually
running.
B
Linux
versus
Windows,
but
I
do
know
that
it's
same
with
with
Mac
we
had
one
of
the
community
members
actually
create
a
version
of
solid
for
Mac
as
well,
but
the
one
the
only
one
we
officially
support
is
is
Windows
right
now,
because
it's
the
vast
majority
of
of
the
network
of.
C
B
Yeah
this
this
is
something
we're
working
through
at
the
moment,
so
so
we're
lucky
we're
kind
of
standing
on
the
shoulders
of
giants
in
a
sense
where
we're
essentially
copying
the
pricing
model
of
the
managed
container
services
of
the
hyperscale
cloud
and
and
right
now,
kind
of
the
resource
selection
you
can
make
is
how
many
vcpus
and
how
much
RAM
are
you
looking
for
to
support
or
will
that
container
consume?
B
One
of
the
things
we're
struggling
with
and
thinking
through
right
now
is
when
it
comes
to
GPU
resources.
How
do
we
establish
brackets
for
that
in
the
cloud?
It's
easy,
because
there's
like
three
or
four
you
know,
there's
the
k80
a100
V100,
there's
kind
of
a
set
number
of
gpus
for
us
there's.
You
know
a
list
of
five
dozen
different
gpus
that
that
kind
of
make
up
the
majority
of
of
the
network,
and
how
do
we
actually
allow
individuals
to
select
What
GPU
type?
Do
they
want
and
what
dependencies
like
do?
B
You
need
Cuda
for
for
your
workload
and
and
how
do
we
kind
of
provide
that
that
pass
through
support
from
from
the
container
from
that
Linux?
Sorry
from
that
Linux
VM,
so
all
these
things
we're
working
through
at
the
moment
and
and
these
are
kind
of
questions
that
were
we're
building
towards
having
answers
for,
but
hopefully
that
that
answers
your
question.
A
Okay,
so
that
gives
a
clear
idea
of
what
it
does
and
what
it
does
not.
So
thanks
for
that.
That's
that
at
least
for
me,
it
clarifies
so
as
as
Mark
said,
we
have
to
evaluate
what
kind
of
workload
could
possibly
run
on
such
a
model,
given
what
we
have
most
of
the
open
source
content
evaluating
the
risk
with
the
security
team
as
well.
A
B
Yeah,
absolutely
and
I'll
just
finish
by
saying,
really
appreciate
the
questions
and
your
time
and
consideration
guys
and
and
yeah
look
forward
to
continuing
that
that
communication
on
the
forum
for
sure.
Thank
you.
A
A
A
A
I,
let
you
decide
who
is
gonna,
take
care
of
the
church
and
drive
the
meetings,
chaos
for
everyone.
No,
that's
my
gift
for,
for.
D
A
Okay,
other
videos
nope
next
announcement,
we
had
the
night
visery
only
on
plugin.
Today,
security
advisory.
C
D
A
Okay,
I
saw
that
the
first
part
on
the
plugin
Ubuntu
spring
was
okay.
So,
okay,
maybe
it's
in
progress,
my
okay.
So
let's
wait
for
the
finish.
Usually
it
can
take
a
few
hours
before
they
finish
time
for
us
to
wake
up
and
get
ready
to
start.
A
A
Is
that
okay,
any
other
question
on
security
topic?
Oh
okay,
we
have
a
weekly
call.
Release
like
every
week
sounds
like
no
issue.
During
the
build
or
the
packaging
Docker
image
has
been
published.
We
should
have
a
pull
request
to
update
our
Docker
images
in
the
upcoming
minutes.
D
2.365
and
the
checklist
is
in
progress
not
yet
complete,
but
everything
looks
good
on
the
checklist.
So
it's
there
have
been
no
failures
on
the
checklist.
The
job
completed
successfully
the
changelog's
been
merged,
but
is
not
yet
visible
to
users
and
the
the
docker
image
is
confirmed
available.
So
all
sorts
of
positive.
A
Okay,
just
to
note
about
the
security,
everything
looks
good
as
well.
Didn't
show
any
issue.
So
yes,
we
can
proceed.
A
Okay,
let's
proceed
so
next
weekly
next
Tuesday
as
usual,
next
LTS
I
heard,
is
it
somewhere
in
September
mark.
D
D
A
A
So
security
release
is
today:
do
we
have
another
major
event
on
the
upcoming
weeks?
Nope?
Okay?
Is
it
okay
to
proceed
to
the
usual
operational
overall
cool?
Yes,
so
for
issue
closed
last
week
earlier
this
morning
we
had
an
issue
with
the
update
Center
that
was
caused
by
me
when
we
refactored
the
puppet
configuration,
we
ended
up
with
providing
the
same
SSH
key
hosts
to
both
agents.
A
So
the
good
point
is
that
the
controllers
are
not
connecting
to
the
agent
to
run
builds
if
the
SSH
key
hosts
are
not
matching,
which
is
a
recent
Behavior
change
on
the
SSH
plugin
and
git
plugin,
so
that
demonstrates
that
it
work
when
it
mismatch.
So
it
was
only
one
configuration
line
away
to
fix
it.
So
thanks
Alex
for
raising
that
issue,
in
particular
before
the
advisory
that
could
help
to
release
plugins.
A
We
had
also
an
issue
fixed
that
took
some
time
the
GTA
8.
Docker
images
for
the
previous
LTS
weren't
built
because
we
weren't
strict
enough
on
the
process
in
charge
of
building
these
images.
The
lts2.
the
document
lts1,
should
have
been
built
not
by
the
master
Branch,
but
from
its
own
stable
branch
on
the
Jenkins
CI
slash
toker
Repository,
so
we
did
a
patch
which
should
be
only
for
the
duration
of
that
stable
line.
A
The
use
case
is
that
the
user,
using
the
first
version
of
the
LTS,
with
gdk8
or
gdka
17
preview
tags,
which
should
now
be
able
to
use
the
latest
patch
versions.
So
thanks.
Everyone
involved
on
that,
because
that's
when
an
easy
one,
there's
been
some
proposal
by
basil
Crow
about
the
way
we
could
manage
in
the
future.
This
repository-
that's
really
interesting,
I
think
that's
worth
discussing
and
trying
it.
The
goal
will
be
to
to
fit
the
same
model
as
the
packaging
or
release
system
with
the
master
Branch.
A
That
would
avoid
such
issues
and
would
ensure
that
all
the
community
review
each
tends
to
be
backported,
because
what
is
lying
under
this
one
is
that
the
latest
open,
gdka
minor
patch
updates
that
we
did
blocked
some
new
support.
Backboard
of
the
C
group
version
to
support
So
memory
limits
are
working
on
recent
system,
but
it
also
created
memory
issues
with
some
of
the
Jenkins
plugins.
A
There's
been
a
misguided
issue,
redirected
to
the
to
the
correct
forum
and
finally
walk
around
accounting
kinsayu
web
application,
where
we
had,
let's
say
hold
instructions
that
are
not
valid
anymore
around
the
spam
and
some
users
were
unlegitimately
spam
blocked
by
the
system.
So
thanks,
Danielle
and
Vedic
to
update
for
updating
the
image
and
thanks
survey
for
helping
me
on
automating
that
application,
we
did
not
update
that
application
since
month
is
so.
The
goal
was
to
add
all
the
auto
machine
system
on
this
one.
A
A
A
A
So,
let's
continue
to
the
work
in
progress
I'm,
taking
then
on
the
notes
order.
So
we
had
a
new
issue
about
incorrect,
missing
Maven
setting
file
with
James
Nord.
A
So
the
first
part
of
the
issue
that
was
clear
for
me
is
that
we
took
there
was
an
issue
between
Windows
and
Linux
templates
for
Maven
builds.
That's
not
the
case,
then
it
it
looks
like
there
is
a
phase
of
philosophical
discussion
about,
should
we
add
Maven
repositories,
purple
mix
ml
for
each
Plugin,
or
should
we
Define
that
once
and
for
all
on
the
system?
A
And
finally,
it
seems
that
GMC
is
also
asking
hers
to
to
use
a
casual
mirror
for
Maven
dependency.
So
we
control
where
the
dependencies
are
coming
from
right
now,
as
a
reminder
on
CI
Joan
kinsayu,
when
you
build
a
maven
projects,
the
dependencies
are
downloaded
for
a
bunch
of
different
servers.
We
tend
to
stores
at
least
the
Jenkins
dependencies
inside
the
Republic
factory
system,
but
some
other
dependency
can
be
downloaded
from
other
areas.
A
The
goal
on
CI
Jenkins
CEO
is
to
let
Developers
to
to
not
being
blocked
by
security
systems,
because
IO
does
not
publish
or
deploy
anything.
It's
not
sensitive
workloads.
So
there
is
no
problem.
If
there
is
a
supply
chain,
Vector
attack
there,
because
it
wouldn't
have
any
consequence
since
all
agent
or
ephemerals,
that
cannot
be
persisted
and
the
idea
is
it's.
It's
limited
by
the
let's
say
the
intrinsic
usage
of
the
controller.
A
So
the
idea
is
that
issue
might
be
merged
to
the
one
that
everybody
is
currently
working
on
about
the
proxy,
because
the
if
we
set
up
the
proxy
for
all
agents,
then
we
will
be
able
to
finally
control
which
second,
let's
say:
back-end
repositories
are
used,
so
that
will
be
easy
to
neogenics
configuration,
but
I've
asked
gems
to
just
clarify
what
you
want
the
infrastructure
just
to
describe
them.
A
So
we
can
evaluate
the
amount
of
work
and
the
consequences
the
main
risk
I
see
air
is
that
could
increase
the
bandwidth
that
we
consume
from
the
Frog
artifactory
Repository,
which
is
an
issue
already
today
that
we
have
to
decrease
it.
So
that's
that's
the
risk,
but
James
disagree.
So
maybe
I
misunderstood
something,
and
there
are
some
magical
Maven
things
that
I
don't
know.
So
that's
why
I
asked
him
to
clarify,
because
I
think
he
has
a
good
set
of
ideas
that
could
help
us
on
that
array.
A
Nope,
okay,
next
one
user
told
us
they
entered
too
many
times
a
captcha
code.
I'm
flagging
this
one
as
word
issue
and
be
careful
on
this
one,
because
the
GitHub
user
has
been
created
today.
There
is
already
an
account
with
some
data
that
hasn't
been
used
in
sometimes
I
wasn't
able
to
understand
exactly
what
happened.
A
A
So
I
propose
that
that
one,
like
the
previous
one,
we
keep
them
somewhere
not
on
the
next
Milestone
and
wait
for
feedback
from
the
security
team.
Is
that
okay
for
everyone.
A
Next
one
is
publish
acceptance
testarness,
so
that's
adding
be
a
container
image,
build
test
and
Deploy
on
infrasti
for
the
Jenkins
active
transistoreness,
so
almost
there,
but
it
requires
us
to
create
a
new
case
that
we
never
had
before.
Is
that
that
image
is
under
the
Jenkins
namespace
on
Docker
herb
and
not
the
Jenkins
here
infra.
So
we
need
to
adapt
all
the
components
to
be
able
to
support
additional,
in
particular
the
credentials
and
the
GitHub
checks.
So
Tim
is
working
with
me
on
that
one.
A
A
A
Okay,
Stefan
can
let
you
do
a
status
check
about
collecting
data
dog
metrics
for
the
ephemeral
VM
agent,
so
we
can
provide
a
dashboard
to
developers
to
see
what
went
wrong
during
their
build
if
the
agent
crashes
or
is
oom
killed.
A
C
That's
a
work
in
progress
for
now
I
tried
manually
on
a
VM
on
Azure
I'm
in
the
process
of
cutting
that
in
in
our
controllers,
by
code
ascode
and
still
a
work
in
progress
for
that.
D
A
Next
issue
is
providing
Java
17
Windows
agents.
So
it's
a
split
work.
So
every
worked
on
the
Linux
agent
ports.
Why
Linux?
Right
now?
It's
because
we
want
to
have
the
same
template,
whether
we
run
a
container
or
virtual
machine,
so
Airway
paved
the
way
with
the
Linux,
because
we
have
Linux
today
container
builds
so
array.
What's
the
status
about
Linux.
D
A
One
Linux
to
be
tested
and
deployed
if
walking,
cool
and
on
my
side,
I'm
working
on
being
able
to
build
Windows
container
with
Packer
I've,
started
the
process
and
I'm
dealing
with
nitpicking
with
Powershell
differences
between
the
default
Windows,
Server
VM
template
on
Azure
or
Amazon
versus
the
official
container
image
for
Windows
Server.
There
are
some
tools
missing
same
like
Ubuntu,
that's
on
Docker
image.
That
means
the
sudo
command,
for
instance,
so
that
one
is
the
second
one.
C
Yes,
so
there
was,
in
the
past
proxy
behind
the
recorded
the
drinking
statio
to
avoid
the
consuming
too
much
bandwidth
from
g-frog,
and
we
are,
we
are
introducing
it
with.
C
Many
proxy
one
in
each
provider,
AWS
a0
and
I'm
I've
put
one
in
azure
to
test
it
and
I'm.
C
Modifying
is
a
pipeline
was
shared
by
playing
the
Rory.
It
will
be
able
to
to
configure
Maven
to
use
this
proxy
depending
on
the
agent
location,
to
know
where
the
to
know
this
I'm
I'll
add
an
environment
type
in
the
agent
template.
So
we
can
determine
the
provider.
C
It's
in
a
good
way,
I've
made
a
test
on
Jenkins,
plugin
and
say
the
jenkins.io
is
correctly
retrieving
that
are
from
my
proxy
The
Next
Step
will
be
to
add
a
user
password
protection
in
addition
to
the
white
listing
the
ipy
testing
and
then
deploy
a
proxy
in
each
provider
and
published
pipeline
Library.
A
Any
question:
okay,
next
work
in
progress
is
the
Jenkins
underscore
release
Twitter
account,
which
is
an
automated
system
which
reads
the
RSS
feed
of
the
release
of
each
plugin
and
create
tweets
to
say,
hey.
There
is
a
new
release
of
that
plugin.
That's
the
idea
of
the
accounts,
so
I
was
able
to
recover
it
thanks
for
the
help
of
kosuke.
A
So
all
the
infra
team
should
have
access
to
the
credentials
or
to
reset
the
password
using
our
private
email
address
and
the
password
has
been
shared
on
one
password
for
now,
so
because
you
won't
be
able
to
use
it
so
now.
The
next
step
is
to
understand
what
was
the
automation
system
I
should
give
in
mention
it
was
on
dlware,
so
the
next
step
so
account
recovered
I'm,
not
alone
to
be
able
to
access
it.
C
A
If
anyone
is
willing
to
help
me
because
I'm
not
really
at
ease
with
this,
whatever
platforms,
I
could
absolutely
have
some
help.
I'm
I
have
no
idea
how
it
authenticate
how
it
connects
to
Twitter.
Is
it
the
same
account
or
is
there
a
dlv
accounts
that
we
also
need
to
recover
and
also
to
check
what
is
going
wrong.
A
C
C
C
Maybe
maybe
on
and
then
but
no
it's
linked
to
my
GitHub
account.
A
C
There
is
a
Jenkins
user,
which
has
who
has
no
plugin
no
activity
and
I've
opened
reclaim
on
their
support
to
see.
If
we
can
retrieve
the
second,
so
we
then
will
be
able
to
convert
it
in
a
proper
organization.
So
we
can
publish
plugins
in
Jenkins
npm
organization,.
A
A
A
D
C
D
A
A
D
A
A
Nope,
okay
last
one
I've
just
started
working
on
puppets,
so
that
one
is
blocking
the
migration
of
the
virtual
machine
updates
and
kinsayo
from
AWS
to
Oracle
cloud
and
that
issue
blocks
because
mirror
brain
user,
which
is
a
Remnant,
a
former
system
that
was
running
on
that
virtual
machine.
That
user
owns
the
scripts
that
are
syncing
all
the
plugin
updates
to
all
mirror
system
and
all
the
archiving
systems.
A
So
there
is
a
two
steps:
one
putting
back
on
automation,
everything
that
has
been
managed
manually
on
that
machine
for
three
years
before
we
all
joined-
and
second
point
is
deleting
that
user
mirror
brain.
So
that
means
maybe
having
to
create
a
new
user
to
be
used
across
all
the
Earth
thing
and
SSH
command
of
all
the
release,
scripts
of
core
and
all
plugins.
A
So
there
are
some
work
to
be
done
on
that
area
that
could
be
risky
for
the
releases,
so
I've
delayed
the
elements
after
the
security
advisory
and
I
will
try
my
best
to
work
on
that.
But
I
think
we
have
to
expect
some
delays
if
I'm
on
PTO.
The
reason
is:
I
don't
want
to
throw
my
colleagues
under
the
blues
for
this
one
unless
you
are
willing
to
try
it.
You
can
will
be
my
pleasure,
but
I
don't
want
you
to
die
on
the
front
right.
A
So
might
be
slow
down
with
Damian
PTO
and
also
it
took
some
time
because
a
bunch
of
puppet
refactorization
has
been
done.
That
was
required
for
this
one.
So
I
call
that
a
fundational
silent
work
but
yeah.
We
are
in
good
good
direction.
A
Okay,
folks,
almost
there
that's
been
almost
one
hour,
just
a
quick
check
of
the
task
that
you
think
we
should
add
to
the
next
Milestone
I
did
the
next
to
the
one
we
have
there.
Given
your
current
workloads.
A
There
has
been
last
week
as
a
reminder
request
to
add
SSL
certificate
certificate
for
the
private
instance,
which
means
switching
set
boards
for
these
services
to
DNS
validation
instead
of
HTTP,
because
private
address
cannot
be
reached
by
let's
encrypt
Bots,
that's
absolutely
possible.
That's
required
to
create
a
specific
credentials
restricted
to
the
DNS
record
zone
so
that
token,
on
Azure
cannot
be
used
and
abused
to
generate
certificate
for
another
domain.
A
A
There
is
one,
though,
that
are
that
is
important.
Cia
jenkinsayo,
despite
what
we
said
earlier,
is
currently
generating
data
that
is
then
consumed
for
making
and
deploying
the
jenkins.u
websites.
It
should
not
because
that
means
there
are
credentials
that
should
not
be
there.
They
are
isolated
following
the
state
of
the
art
of
credential
perform
the
isolation.
However,
we
will
want
these
elements
to
make
migrated
to
infrasia,
which
is
a
private
instance
where
we
can
store
credentials
safely.
A
So
I
propose
that
we
move
that
issue
on
the
upcoming
on
the
upcoming
Milestone
and
I'm
happy
to
work
with
someone
on
that
one
and
pass
the
knowledge.
So
we
can
get
started
because
that's
not
that
complicated
but
maybe
need
the
first
step.
Is
there
anyone
interested
to
work
on
that
with
me
and
then
take
over
once
I'm
on
PTO?
Do
you
think
I
will
be
able
to
absolutely.
C
A
Okay:
okay,
we
need
to
add
it
to
the
next
milestone.
A
A
Okay,
so
that's
the
end,
so
I'm
gonna
open
and
create
a
new
issue,
update
and
publish
everything.
Folks,
you
will
have
to
manage
the
next
week
meetings
I'm,
stopping
the
screen
share,
I'm,
stopping
the
recording,
bye
baby,
one.