►
From YouTube: 2022 04 19 Jenkins Infra Meeting
Description
No description was provided for this meeting.
If this is YOUR meeting, an easy way to fix this is to add a description to your video, wherever mtngs.io found it (probably YouTube).
A
B
Today
we
have
mark
stefan
and
myself,
damian,
tim
and
rv
are
off
today,
let's
start
with
the
usual
announcement,
so
the
saw
notification
that
the
package
and
the
docker
image
for
the
weekly
release
are
available.
I
assume
that,
as
usual,
we
have
the
weekly
release
check
to
be
finished
until
end
of
the
day.
A
A
B
On
other
announcements,
I
don't
I
have
the
digital
ocean
credential
exposure,
so
we
published
an
issue,
so
it's
public
knowledge.
Now,
however,
I
prefer
mentioning
it
as
an
announcement,
because
last
week
we
said
more
information
to
come,
so
you
have
details
on
the
issue
that
I'm
adding
right
now,
so
nothing
serious
happened.
No
sensitive
information
were
accessed,
but
due
to
a
digital,
sim
technical
token
that
has
been
stolen
or
leaked.
We
are
not
sure
about
that
part.
B
B
We
confirmed
with
digitalocean
and
github
security
teams
that
no
insensitive
information
were
tampered
or
accessed,
which
is
a
good
thing.
All
the
analysis
of
details
are
on
the
issue
and
if
it's
missing,
don't
hesitate
to
contact
us
or
contact
security
at
jenkins,
dot
io.
We
have
think
that
we
had
a
lot
of
help
from
daniel
and
vadek.
B
Thanks
also
mark
for
helping
me
and
reviewing
this
element,
the
we
have
some
tasks
that
has
been
done
or
being
currently
being
done
to
improve
the
security,
because
we
have
some
good
feeling
where
the
leak
could
have
come
from,
but
we
cannot
be
sure,
that's
the
conclusion.
So
let's
try
to
improve
the
security
layer
by
layer
and
see
in
the
future
how
it
happened:
a
special
yogurt
thanks
to
thanks
to
herve
yeah,
it's
a
half
today,
because
he
took
on
him
to
call
me
on
a
sunday.
He
took
on
his
personal
time.
B
So
really
thank
you
irve
for
that,
because
yeah,
I
understand
that
calling
someone
on
a
sunday
can
be
a
hard
decision
to
make,
but
he
reacted
really
quickly
and
we
were
able
to
immediately
stop
the
suspicious
activity.
So
thanks
for
that,
don't
hesitate
to
contact
me
on
the
future
on
that
area.
That's
good
for
everyone.
B
Yeah
that
has
a
very
fast
reaction:
great
job.
Yes,
that's
really
positive
team
yeah.
So
happy
happy
with
that
outcome.
Just
to
not,
we
had
some
a
lot
of
tiny
tasks
done.
B
B
We
helped
well
to
beat
skevin
on
the
plug-in
site
issue,
so
thanks
for
your
work,
gavin
on
that
particular
application,
which
is
around
the
plugin.jenkins.I
website,
it's
done
that
area.
So
the
goal
was
to
improve
the
automatic
update
release
of
the
m
charts.
So
each
time
there
is
a
new
docker
image
now
it
should
be
picked
by
update
cli,
making
gavin
on
any
contributor
autonomous
to
review
of
it
if
they
can
approve
the
update,
cli
pull
requests.
B
So
there
has
some
initial
hiccups
on
the
initial
deployment
we
had
to
correct
some
kubernetes
subjects
check
probe
like
all
kubernetes
application
as
usual.
What
did
we
have?
We
had
some
issues
around
jenkins
permission,
but
most
of
the
time
it
was
fixed
team
helped
a
lot
I
haven't
tracked
all
their.
There
were
a
lot
of
requests
from
plugin
maintainer
that
were
fixed
about
archiving
some
repositories
on
jenkins
ci.
B
B
These
were
the
main
sorry,
these
were
the
main
topic.
We
have
some
work
in
progress
subjects
main
one
is
the
digital
lesson,
credential
exposure.
The
main
consequence
is
that
we
have
completely
disabled
by
default,
the
github
checks
from
infra
ci,
our
private
instance.
So
it's
another
step.
Further,
more
security.
We
only
publish
the
status
exception
of
the
kubernetes
management
job,
which
has
explicit
github
check
instruction
on
it
pipeline,
because
we
know
the
content
which
is
exported
to
github
in
that
case
is
highly
highly
specific.
B
B
B
We
have
reached
the
point
of
half
of
the
credential
can
be
rotated
almost
automatically.
You
go
to
a
repository
type,
some
commands
that
will
be
documented,
and
then
you
only
have
to
copy
past
on
the
encrypted
subs
file,
and
then
it
just
work.
So
thanks
on
behalf
of
the
team
to
live
vernon
because
he
put
he
made
it
available
with
the
walk
on
subs,
so
naturally
efficient.
B
B
The
thing
is
now
kubernetes.
1.20
is
not
supported
anymore
by
digitalocean,
so
we
cannot
create
a
1.20
cluster.
So
we
need
the
tooling
to
be
able
to
support
1.21
so
ongoing
tasks
that
should
be
fixed
in
one
or
today
so
expecting
the
next
milestone
the
digital
cluster.
Back
on
that
area
mark
did
you
start?
Were
you
able,
with
rv
to
start
the
blog
post
for
digital
ocean.
B
So
far,
that's
the
point.
We
shall
run
out
of
credit
in
one
month
on
digitalocean
based
on
the
previous
month's
consumption.
B
That's
that's
what
we
anticipated,
so
don't
don't
scream
if
end
of
the
month
when
we
will
reach
the
end,
I'm
since
it's
my
credit
card,
I
might
go
myself
and
delete
the
cluster
end
of
month.
B
A
B
There
were
some
minor
exchanges
with
the
linux
foundation,
jira
reaching
end
of
life
on
october
this
year,
so
we
have
requested
to
linux
foundation.
If
they
can
update
to
the
next
lts
that
should
be
end
of
life
next
year.
B
They
are,
they
should
come
back
to
us
with
a
proposed
date
for
the
upgrade,
because
we
nothing
to
do
on
our
side
except
putting
a
message
on
statues.jenkins.iu.
B
A
Now
there
was
another
linux
foundation
topic.
That
is
a
new
topic.
Do
you?
Okay?
If
I
bring
a
new
topic
here?
Yes,
so
it
may
need
infrastructure
team
help.
The
linux
foundation
has
asked
for
permission
to
send
a
survey
to
jank,
to
active
jenkins
maintainers
about
specific
areas
of
interest
to
the
linux
foundation
and
as
our
sort
of
sponsoring
organization
they're,
the
parent
of
cdf-
we're
open
to
consider
it.
A
But
I've
raised
the
question
to
the
jenkins
governance
board
because
I'm
not
sure
what
the
policy
is
in
terms
of
with
whom
who,
who
is
allowed
to
know
the
email
address
of
jenkins,
active
maintainers,
and
so
it's
a
it's
a
question
for
the
board.
The
next
board
meeting
is,
I
believe,
actually
later
this
week,
or
maybe
it's
early
yes,
it's
tomorrow.
A
So
it's
a
topic
on
the
board
meeting
agenda,
but
be
aware
that
if
the
board
approves
it,
I
may
ask
for
infra
help
to
identify
active
maintainers
and
their
email
addresses
and
active
maintainer
is
a
an
arbitrary
dis,
arbitrary
call.
I
haven't,
don't
yet
know
what
criteria
I'd
even
use
to
decide,
active
or
not.
B
Okay,
to
be
decided
so
don't
hesitate
to
raise
thanks
for
sharing,
raise
the
hell
desk
issue
one.
If
we
have
to
do
this,
I'm
not
sure
about.
B
The
local,
what's
the
name
of
that
european
laws
about
the
email
address
and
stored
somewhere,
I'm
not
sure.
A
Right
and-
and
that's
that's
a
piece
that
I've,
thankfully
oleg
as
a
member
of
the
board,
can
can
help
a
little
bit
on
that
he's
had
some
experience
in
that
area.
So
I
I'll
look
forward
to
that
and
we
we
need
a
decision
from
the
board
and
then
some
conversation
about
okay.
What
are
we
allowed
to
share?
What
are
we
not
allowed
to
share
and
etc?.
B
B
They
closed
the
issue
redirecting
me
to
the
cdf
because
they
said
there
should
be
a
pmo.
I
don't
understand
that
to
be
the
project,
product
manager,
officer
or
I'm
not
sure
about
the
acronym,
but
we
should
have
a
pmo
a
person
from
cdf
that
should
be
the
person
contacting
the
lf.
For
that
request,
not
us
directly.
B
So
I've
opened
an
issue
on
the
cdf
foundation
repository,
but
I
haven't
had
a
answer,
but
it
was
five
days
ago
with
an
easter
long
weekend.
So
I
propose
that
we
wait
at
least
one
week
before
poking
someone
at
the
cdf.
I'm
not
sure
who
our
cdf
contact
will
be.
I'm
sure,
maybe
if
it's
oleg
directly,
if
we
have
a
pmo
associated.
A
A
He
helped
us
with
the
transition
from
from
jenkins
self-hosted
jira
to
linux
foundation
hosted
jira,
and
if
you
want,
I
can
I
actually
I
can
send
you
his
email
address.
You
could
start
the
question
with
him
because
I
think
he
probably
is
part
of
their
project
management
office,
their
pmo.
Okay.
Now.
A
B
Okay,
so
I
propose,
I
will
ping
you
in
let's
say,
propose
eight
days
timeout.
We
are
at
five
days.
So
in
three
days,
if
we
didn't
hear
from
the
cdf,
then
we
try
contacting
that
person
directly
sounds
good
for
your
mark.
Yes,
so
right
now
the
issue
about
email
press
will
be
on
hold
and
we'll
see
the
next
step.
B
B
He
told
me
to
contact
them
and
don't
hesitate
to
ask,
and
but
I
shared
that
with
them,
we
described
our
use
cases
the
issues
we
had
right
now,
we'll
continue
stephan
and
I
for
this
iteration.
This
milestone
to
continue
working
with
our
accounts,
considering
it
should
be
a
non-open
source
on
that
area.
B
We're
gonna
fix
the
current
issue
now
and
then
we'll
see
based
on
docker
answer
one
when
we
will
have
one
on
that
area
of
exchange
with
olivier
and
he
shared
with
me
all
the
credentials
and
information
he
had
so
run
book
has
been
written
about
the
policy.
How
do
we
manage
docker
organization?
Which
one
are
we
using?
B
There
is
a
pull
request
and
that
will
be
part
of
stefan
and
I
work
to
finish
the
that
pull
request
on
the
run
book.
That
means
adding
what
stefan
and
I
already
built.
So
we
need
to
complete
the
missing
information,
but
it
gives
the
main
direction,
especially
the
decision
that
was
made
around
three
seats
per
organization,
which
means
two
owners
that
are
human,
the
infrastructure
officer
and
its
backup
and
the
technical
account
and
the
technical
account
is
used
by
us
for
pulling
or
pushing.
B
B
B
So
rest
of
the
topic
won't
belong.
We
have
some
issues
that
I'm
going
to
transition
to
the
new
milestone,
mainly
replacing
blue
shield,
as
default
url
for
ci
junk
insio.
So
it's
not
removing
blue
ocean.
The
discussion
depends
on
the
issue.
The
goal
is
on
all
the
links
that
you
see
on
each
github
check.
B
B
B
B
So
we're
gonna
have
this
one
one
information.
So
we
are
going
to
speak
about
that
next
week
in
details,
but
we
have
the
topic
of
migrating
updates
to
another
jenkins
data
to
another
cloud
which
is
blocked
by
when
first
one
to
sunsets
the
old
mirror
system,
which
means
that
the
mirrors,
the
jenkins
dot,
io,
junkie,
nci
domain
name,
which
are
accessed
in
plain
http
today,
will
be
moved
to
the
actual
gates.jenkins..
A
B
B
So
a
blog
post
on
public
communication
will
be
done.
We
are
going
to
start
updating
the
usages
we
have
on
generating
ci
and
jenkins
for
organization.
There
have
been
lists.
Anyone
having
issue
with
that.
Please
mention
on
that
issue
start
now.
We're
gonna
expand
the
audience.
So,
in
the
upcoming
days
and
weeks.