►
From YouTube: 2023 08 01 Jenkins Infra Meeting
Description
No description was provided for this meeting.
If this is YOUR meeting, an easy way to fix this is to add a description to your video, wherever mtngs.io found it (probably YouTube).
A
A
B
A
The
the
thing
is:
I
talked
that
the
page
there
is
a
fast,
a
fastly
earned
cache
during
the
packaging
step
in
the
release
process.
That
should
update
the
version
here
on
the
download
page.
B
I
I,
if
there's
no
change
log
entry,
so
if
you
well
at
least
my
experience
has
been
unless
there's
a
page
regeneration
event
like
a
commit
that
arrives
on
this
site.
A
A
That
explains
okay,
so
it's
out
and
we
are
waiting
for
the
change
log
as
usual,
plug
as
usual
right.
Is
there
anything
else
on
that
release?
A
Oh
okay
announcement.
We
had
a
security
release.
Last
week
it
was
announced
Tuesday.
So
we
already
discussed
that
last
during
the
meeting
we
had
a
combination
of
core
release,
core
security
releases
for
both
LTS
and
weekly
last
week.
A
A
A
B
Still,
yes,
yes,
but
that
means
Kevin
will
have
to
deal
with
merging
the
merging
the
the
changelog
and
adapting
it
because
I
won't
be
available.
A
Just
in
case
Kevin
I
will
be
around
because
I
will
be
I'm
not
expected
to
walk
for
my
day-to-day
service
job,
but
I
will
have
a
task
to
run
on
the
internet.
I
will
have
my
machine,
so
I
will
be
around
if
you
have
an
issue
or
need
any
help.
That
day,
you
can
absolutely
ask
for
help
if
anything
is
wrong
or
if
you
have
question
for
that
day,
no
no
worries
on
this
one
I
will
be
in
front
of
the
computer.
That's
why.
A
Good
thanks
at
least
I
will
need
to
be
there
for
creating
the
tag
on
the
docker
release.
Unless
someone
is
able
to
automate
that
until
then,
but
no
emergency,
that's
all
for
announcement
for
me.
Do
you
have
something
else
on
announcement?
First,
up:
okay:
let's
have
a
look
at
the
upcoming
calendar,
so
the
version
2.418.
A
Jenkins
next
week
we
will
be
the
8th
of
August
I,
already
forgot
the
next
LTS
as
usual.
Let.
A
A
Cool
thanks
Mark
for
the
detail,
no
plan,
security
release
and
no
next
major
event
as
far
as
I
can
tell
anything
else
on
the
calendar
for
you
folks,.
A
I
haven't
had
time
to
sort
or
classify
the
items,
but
let
me
know
that
first,
we
had
a
bunch
of
issues
where
contributor
failed
to
log
into
artifactory
or
to
manually
release
their
plugin
and
they
received
an
401
HTTP
error,
meaning
no
authentication
is
either
not
provided
or
wrong,
and
the
symptoms
are
the
same
for
everyone,
including
our
Mark
weight
here,
when
you
log
into
accounts,
IO
or
ldap
or
jira
or
any
Services,
it
works.
So
it's
not
you
you're,
not
crazy.
A
You
didn't
misconfer
your
Maven
settings,
it's
because
there
is
an
issue
that
we
we
still
don't
know
the
root
cause,
most
probably
a
change
in
the
artifactory
configuration
that
we
are
not
aware
of,
but
artifactory
tries
to
compare
the
password
or
the
password.
You
are
passing
as
credential
to
a
local
password,
which
is
either
empty
or
generated
random
value.
A
We
don't
know
why
this
happens
so
we
are
working.
There
has
been
a
new
issue.
We
had
a
lot
of
these
issues
right
now.
We
have
a
business
factor
in
order
to
solve
that
problem.
You
need
an
artifactory
administrator,
So,
Daniel,
Beck
and
high
are
administrator
for
sure
so
I'm
the
Boost
Factor
here
mainly
given
the
low
availability
of
Daniel
the
trick
is
there
is
a
sitting
on
the
user
that
has
to
be
set
to
disable
internal
password,
which
first
artifactory
to
request
password
check
on
the
ldap.
A
That
was
the
you
that
was
the
default
behavior.
So
I've
opened
an
issue
to
track
that
we
have
to
contact
g-frog
to
ask
them.
Why
did
it
suddenly
happen?
Did
they
have
a
recommendation
right
now,
I'm
fitting
to
changing
when
a
user
opened
an
issue?
So
if
you
have
that
issue,
please
open
on
the
ldesk
I've
started
to
to
search
how
to
batch
update
the
users,
but
the
problem
is
any
new
user
created
have
the
setting
disabled,
so
the
batch
won't
fix
on
long
term.
A
Any
new
contributor
joining
artifactory
will
have
the
same
problem
sooner
or
later.
So
we
need
to
ask
if
Rock
for
a
solution.
Maybe
that's
a
feature
request,
so
we
can
Define
the
default
Behavior.
Maybe
they
have
to
roll
back
something
I?
Don't
know
but
right
now
it's
annoying
and
we
will
have
to
treat
the
user
one
by
one.
So
sorry
for
the
inconvenience,
if
you
have
an
emergency
issue,
please
open
an
help
desk
issue.
A
No
okay,
so
thanks
for
the
person
with
three
aged
the
issues,
Next
Issue
plugin
not
found
on
plugin
site.
So
we
are
the
contributor
who
created
a
plugin
and
there
were
really
eager
to
see
that
published
on
plugins
Jenkins
IO,
which
happened
after
two
or
three
hours.
The
reason
is:
when
you
publish
a
new
plugin,
you
have
to
wait
for
the
build
to
kick.
The
Builder
runs
every
three
or
four
hours
as
far
as
I
can
tell
so.
A
Their
plugin
has
been
is
now
visible
thanks
to
the
manual
built
trigger
by
Alex,
thanks
Alex,
no
mauritian
the
topic
it
wasn't.
It
wasn't
immediately
done
by
the
previous
build
because
there
has
been
502
error
during
the
plugin
generation.
We
have
to
diagnose
that
part.
An
issue
has
been
opened
by
Alex
on
that
topic.
So
thanks
for
that,
so
the
user
problem
has
been
solved.
That's
why
the
issue
is
closed
and
we
will
have
to
work
on
the
htbr.
A
A
C
Yes,
we
did
create
a
new
note,
pool
with
a
tainted
nut,
selector
enabled
to
make
sure
that
no
non-ironment
parts
were
scheduled
on
that
not
poor.
It
went
smoothly
and
we
checked
that
everything
is
working
fine
with
javadoc
that
we
moved
from
the
old
arm,
6400
pulled
to
the
new
one
with
the
taint
and
it
worked
nicely.
C
We
also
had
to
deal
with
data
dog
and
Falco
to
make
sure
that
that
pool
got
those
two
demon
set
and-
and
we
just
had
to
to
use
the
to
taint
the
Toleration
to
a
deterioration
for
the
parts
to
be
able
to
spawn
on
that.
It's
working,
fine
and
I.
Just
added
and
and
move
me
create
the
reports.jenkins.io
from
Intel
to
that
net
pool
am
64.,
as
it
was
also
an
engineering's
part.
So
it
was
okay
that.
A
There
is
another
issue
for
migrating
workloads.
These
are
two
separate
topics,
so
thanks
for
the
walk
two
additions,
so,
as
Stefan
said,
we
had
to
update
the
demon,
sets
that
we
deploy
that
a
dog
and
Falco.
So
we
have
agents
of
these
Services
running
on
the
new
machines,
even
despite
the
taller.
The
time
supply
to
the
new
North
Pole
nice
thing
is
that
old,
Azure
internal
components-
you
see
the
cube
proxy
here,
but
there
is
a
bunch
of
azure
Services
used
to
mount
persistent
volumes.
A
A
A
Yes,
okay,
so
that
person
was
facing
issue
for
accessing
one
of
the
download
mirror
they
were
redirected
to
so
thanks
Mark
for
completing
the
issue.
There
wasn't
anything
on
our
own,
the,
but
at
least
we
had
to
check
that
the
mirror
wasn't
done,
which
is
not
the
case,
and
our
director
wasn't
done
either,
which
is
not
the
case
we
haven't
heard
back
from
the
user,
but
there
is
nothing
else
we
can
do.
A
They
have
to
contact
the
arjon
university,
which
was
the
mirror
because
either
the
network
is
denying
requests
to
that
server
or
the
university
denied
request
from
that
Network.
A
Next,
we
add
ath
build
failing
due
to
denied
outbound
requests
during
tests,
so
that
one
was
an
old
issue.
I
forgot
to
close
two
weeks
ago,
so
I
closed
it.
We
are
allowing
external
requests
to
the
internet
from
the
Jenkins
CI
agents,
only
for
outbound
HTTP
https
and
no
hkb
protocol,
which
is
used
to
retrieve
public
GPD
key,
which
is
done
by
a
lot
of
the
docker
files
inside
the
ADH
and
the
request
from
Team.
A
We
finished
the
reporting
and
the
last
miles
of
the
kubernetes
1.25
updates,
so
the
issue
1.26
for
kubernetes
update
has
been
created.
I
need
to
do
a
last
path,
but
most
of
the
changes
we
did
on
the
two
past
communities
upgrade
have
been
reported
to
the
task
list
for
the
upcoming
1.26..
A
The
deadline
for
1.26
will
be
October,
so
we
have
a
bit
of
time.
Ideally
if
we
could
Target
end
of
August
or
September.
That
will
be
better.
A
Any
questions
so
far
clarification
objection,
okay,
I'm
continuing.
We
had
free
account
issues
so
person
unable
to
have
their
account.
Some
of
these
requests
were
due
to
either.
A
We
have
two
main
issues
on
accounting
kinsayo
today,
if
I,
if
I
ex,
if
I
exclude
the
people
who
try
their
Jenkins
account
inside
our
platform.
First,
we
have
the
person
who
have
an
old
account.
They
didn't
used,
which
was
a
part
of
the
security
problem
with
the
ldap
in
2021
and
the
second
as
a
as
part
of
the
security
response
had
their
email,
disabled
and
set
to
the
username.
A
So
when
they
try
to
reset
the
password
they
cannot,
it
requires
a
manual
intervention
for
this
users
reminder
don't
blindly
change
the
email
immediately
check
that
the
user
isn't
the
Plugin
maintainer
or
did
not
already
worked
with
jira
most
of
the
time
they
already
commented
on
jira.
So
you
can
confirm
that
the
email
is
the
proper
one.
Yes,
Mark.
B
So,
just
for
for
precision
when
we
had
that
account
outage,
we
did
not
alter
anyone's
email
address.
What
what
the
problem
was.
They
they
had
said
it
themselves
to
that
flawed
address,
and
when
we
attempted
to
do
the
notification
they
could
not
be
notified
because
we
had
no
email
address
for
them,
so
we
actually
did
not
reset
anyone's
email
address.
As
far
as
I
know,
when
we,
when
we
were
dealing
with
that
incident
in
2021.
A
Okay,
so
that
might
have
been
to
2020
incident,
then
one
of
the
ldap
security
incidents
before
I
was
able
to
act
on
that
area.
Olivier
did
a
batch
on
the
ldap
to
remove
this
email.
B
Oh
okay,
so
I
didn't
remember
that,
but
all.
A
Right
so
I
have
the
date
wrong,
you're
correct,
that's
not
the
2021.
All
of
these
accounts
haven't
been
used
since
2019
or
18
in
that
case.
So
that's
why?
Okay,
but
thanks
a
good
point
mark
and
so
for
everyone.
The
takeaway
is,
when
you
see
such
an
account
without
a
valid
email,
double
check
the
accounts
on
jira,
because
this
user,
most
of
the
time
connected
to
jira
a
few
years
ago
and
jira
keep
a
proxy
user
with
the
proper
email
or
you
can
also
use
artifactory
or
old.
B
Well,
and
thanks
for
your
point
on
jira
as
a
cached
copy,
I
had
forgotten
about
that.
That's
a
really
good
place
to
check
if,
if
they
don't
have
an
accurate
email
address,
or
they
don't
have
a
useful
email
address
on
accounts.jenkins.io,
but
they
do
on
jira,
like
you
said
we
can
go
to
that
one
and
use
it
and
trust
that
that
was
their
address
at
one
point
in
the
past
good
thanks.
A
And
the
other
kind
of
issues
are
a
user
that
are
trying
to
create
an
account
from
a
public.
Iep
are
aggressive
public
IP,
which
is
in
our
deny
list,
so
they
are
classified
as
spam
and
we
can
see
these
errors
inside
our
datadog
monitor.
So,
in
these
cases,
I
tend
to
create
the
accounts.
Manually,
I,
don't
know
if
a
user
really
are
really
doing
what
they
expect,
but
yeah
that
doesn't
kill.
A
No
okay
cool
I
closed
us
non-planned
request
from
a
user
who
reported
an
invalid
certificate
for
that's
the
generic
domain
name.
We
use
as
the
main
entry
point
for
the
public
ipv4
on
our
public
cluster.
A
A
So
I've
asked
the
user
never
answered.
One
of
the
most
probable
reasons
is
that
this
user
might
be
running
inside
an
organization
with,
let's
say
some
kind
of
applicants
of
security
appliances
that
tend
to
not
respect
the
HTTP
host
protocol
headers.
Most
of
the
time
they,
for
instance,
there
are
case
sensitive
while
they
shouldn't,
as
per
as
the
RFC
which,
when
they
have
the
CNN
redirection,
breaks
the
HTTP
redirections
most
of
the
time
or
worse,
it's
their
DNS.
That
doesn't
follow
RFC.
A
A
So
since
we
didn't
had
a
use
case
because
there
might
be
a
use
case
that
will
require
that
in
the
future,
I'm
not
an
absolute
person,
but
right
now
without
any
problem
statements,
I
decided
to
close
it
as
a
no
action
required
from
us.
If
there
is
an
objection
or
if
I
forgot,
something
don't
hesitate,
we
can
reopen
with
the
problem
statement
and
we
might
work
on
this.
A
D
D
D
A
Okay
be
used
for
redirecting
to
cloudflare,
as
did
or
two
buckets
so
reminder
that
mean
each
time
Jenkins
server
will
re
will
request
the
update,
Center
Json,
like
today
on
updates
Jenkins
IO,
slash
whatever,
depending
on
the
URL
you
are
eating.
You
might
have
a
first
redirection
to
the
Json
file
itself
and
with
that
new
architecture,
once
the
requests
goes
directly
to
request
the
Json
file
as
service
data,
you
will
be
redirected
to
a
cloudflare
public
bucket
that
will
be
on
another
domain
name
but
still
https
valid.
A
The
second
reason
of
that
additional
redirection
is
that
then
we
will
be
able
to
set
up
additional
mirrors,
cloudflare
or
something
else
in
areas
where
the
network
require.
Proximity
such
as
in
behind
the
great
firewall
of
China
cloudflare,
for
instance,
allows
us
to
create
additional
buckets
that
could
be
on
the
China
Network.
That
one
will
be
a
great
help
for
our
remote
users.
C
Yes,
that's
that's
all
the
the
services
that
may
take
advantage
of
running
on
an
irm
64
in
order
to
to
save
some
cash
and
I
did
this
morning,
sorry
migrate,
reposits.jenkins.io
and
it
went
well.
Yes,
let's
see
that
the
future.
D
A
So
we
have
just
a
note:
we
have
two
kinds
of
services:
the
one
that
like
javadocan
reports
that
already
consume
a
third-party
Docker
image,
such
as
the
official
nginx
image
for
these
two.
This
image
under
the
curb
already
provide
rm64
declination.
So
for
this
one
it's
easy.
We
can
just
change
the
Toleration
date
selector
and
that
worked
out
of
the
box
for
images
such
as
Wiki.
A
A
So
that's
the
idea,
so
thanks
Stefan,
so
you
will
need
to
find
the
other
services
that
we
don't
that
are
using
image.
Is
we
know
data.cluster
agent,
for
instance?
Yes,.
A
But
yeah
I
don't
have
anything
else
to
add
on
that
topic.
Is
there
any
clarification
question
on
this
one?
A
A
A
A
Which
is
not
from
the
fork
of
him,
then,
is
not
considered
as
a
maintainer,
so
any
change
to
the
Jenkins
file
is
not
taken
in
account
in
the
pull
request.
Build
that's
a
security
concern
that
a
security
mechanism
on
built-in
engine
CI.
But
here
we
are
on
the
edge
case.
We
might
have
to
updates
the
job
configuration
to
cover
this
case,
but
it's
not
an
easy
one
to
solve,
so
at
least
they
were
able
to
have
to
use
the
method
provided
by
team.
A
That
might
be
a
bug
on
the
GitHub
organization
scanning
plugin,
but
that
also
could-
and
most
probably
is
a
misconfiguration
on
CI
tank
inside
changing
dust
configuration
is
not
uneventful
because
it
will
trigger
a
Reload
and
the
scanning
of
all
plugin
we
check
to
hours
and
must
probably
eat
the
API
rate
limit,
with
the
consequence
of
blocking
all
of
the
builds.
So
if
you
do
this,
please
don't
do
it
during
a
burn,
build
or
ath
build.
A
So
the
user
described
their
problem,
so
we
will
need
to
find
a
solution
or
tell
them
to
not
use
it
and
then
update
to
the
documentation
for
developers.
If
we
cannot
have
an
easy
solution
and
Kevin,
we
will
let
you
know
the
outcome
of
that
issue
in
the
future.
So
I'm
mentioning
this
to
you,
because
you
have
it
under
your
radar,
no
expectation
from
you
or
anyone
on
the
documentation
team
right
now,
but
next
week
we
should
see
more
clearly
the
next
steps
for
this
one.
A
A
Okay
is
the
build
kept
because
when
we
see
that
kind
of.
A
So
can
you
hide
the
note
on
the
issue
to
tell
Alex
if
you
see
another
error
like
this
one,
if
you
can
keep
the
build,
so
we
it
won't
be
deleted
by
the
build
cleaner,
I'm,
not
totally
sure
where
to
look
in
terms
of
access
logs
to
find
these
errors,
because
plugin
Jenkins
here
is
inside.
A
Firstly,
so
I'm
not
sure
if
they
have
access
log
for
that
and
I'm,
not
sure
if
it's
using
fastly,
because
it's
a
Json
file
I'm,
not
sure
if
it's
static
file
cached
by
fastlio,
if
it
does,
it
does
directly
it's
the
plugins
that
origin.jenkins.io
backend
service
inside
our
cluster.
If
it's
inside
our
cluster,
we
will
be
able
to
to
check
the
access
log
at
the
Ingress
level.
If
it's
inversely,
I
don't
know
so
we
have
to
work
on
this.
D
D
And
there
is
a
JS
file
called
I
was
just
script
called
by
Jan
when
building
which
requests
the
big
insights
or
more
instance,.
D
A
Okay,
yeah
it
no
it's
more,
the
server
side.
Otherwise,
if
we,
if
there
has
been
an
HTTP
502,
issued
it's
a
server-side
error,
so
we
should
have
an
access
log
somewhere
with
a
narrow
message
to
point.
Why
did
it
fail
to
answer
the
request
and
if
the
error
would
have
been
a
four
or
something
that
would
have
been
client-side
and
in
that
case
yarn
would
have
been
the
cause,
but
that's
not
the
case
and
the
error
appears
intermittently.
So
is
it
fastly
issue?
Is
it
announced
I,
don't
know,
but.
D
A
If
you
want
to
to
use
what
the
end
users
see-
and
you
don't
want
to
create
specificities
like
this
one,
especially
when
using
a
CD
and
in
front
of
your
website
yeah,
so
because,
if
we
have
Json
file,
serves
served
on
origin
and
it's
a
generated
file,
and
in
that
case,
that
means
we
can
have
it
somewhere
else
and
consume
it
directly.
Instead
of
having
to
use
it
through
the
websites.
If
you
have
to
do
that
kind
of
bypass.
A
Yeah,
do
you
think
we
could
create
a
data
dog
monitor
to
alert
us
when
that
build
fails
since
infrastia
as
data
doc,
plugin
install
and
setup
and
streaming
its
data
to
data,
because
at
least
we
will
be
alerted
and
that
will
that
will
at
least
allow
us
to
go
and
manually
kick
the
build,
so
an
user
won't
be
waiting
too
much
for
their
plugins.
What
do
you
think.
D
A
Okay
makes
sense,
but,
to
be
quite
honest,
I
would
prefer
a
more
generic
monitor
that
say:
Hey
the
build
failed,
because
the
main
branch
of
that
one
should
always
be
successful
if
it
fails.
That
should
be
a
call
for
Action
from
the
SRE
team,
but
yes,
eventually
having
a
second
monitor
with
the
lock
pattern,
would
help
for
that
specific
ldesk
issue.
A
Okay,
so
next
topic,
ath
builds,
are
become
a
responsive.
So
this
we
change
one
week
ago,
the
kind
of
instances
used
by
the
ath
builds
inside
saying
TI
joint
Sayo.
We
switch
from
spot
to
non-spot
instances
which,
which
are
way
more
expensive,
but
the
benefit
here
is
that
that
should
fix
most
of
the
unstabilities,
especially
when
the
Dreadful
message-
I,
don't
remember,
but
yet
could
not
connect
to
a
name
of
the
agent.
That
message
most
of
the
time
is
because
the
agent
was
reclaimed
by
the
spot
instance.
A
What
we
saw
is
that
there
are,
there
is
a
retry,
it's
retried,
two
time
for
each
steps,
but
most
of
the
time,
the
probability
of
spot
eviction
of
the
second
virt
Aid
spawn
agents
is
really
high.
So
I've
asked
if
we
see
better
stability,
but
I
haven't
checked
myself.
A
We
should
check
the
history
of
the
build
and
also
the
cost
increase
per
week
to
see
the
impact,
because,
most
probably
we
will
have
to
keep
the
ath
agents
using
non-spot,
but
in
that
case
we
will
have
to
either
change
the
instance
type
to
have
the
proper
instance.
Do
we
need
B
instance
with
that
size?
Do
we
need
something
with
a
different
cost?
We
need
to
do
the
real
analysis,
so
I
propose
that
we
start
with
Matrix
and
based
on
the
metric.
A
A
Okay,
I
will
take
the
take
it.
Then
we
have
to
measure
success,
build
success
rate,
success
rate
without
spot
and
cost
impact,
because
right
now,
as
far
as
I
remember,
the
the
cost
was
10
times
cheaper
using
spots.
So
right,
I
will
be
inclined
to
say,
let's
retry
for
five
time
until
it
work,
but
not
sure.
If
it
will
change
the
global
build
stability,
it
will
increase
most
probably
the
build
time
when
you
are
in
a
spot
spot
eviction
time
window,
but
at
least
the
bill
will
continue
until
it
works.
A
Next
Issue
ssrt
Factory
bandwidth
reduction
option,
so
there
will
be
tomorrow.
We
have
to
announce
officially,
but
the
the
time
window
has
been
fixed
by
Mark
and
high,
because
we'll
we
bus
available
so
tomorrow,
when
when
they
thickened
of
August,
but
at
2
30
pm
UTC,
there
will
be
a
brown
out
of
more
or
less
1o
on
artifactory,
where
we
will
disable
and
remove
any
virtual
Repository
pointing
to
the
maven
repo
one
artifacts.
A
G-Frog
last
week
during
our
meeting
validated
that
principle,
because
that
that
should
allow
us
to
gain
at
least
10
to
12
terabyte
of
data
not
consumed
by
that
instance,
so
that
will
help
a
lot
and
G4
conclude
that
if
it
does
work
and
if
we
can
persist
that
setting,
they
will
be
okay
for
us
without
bandwidth
consumption.
After
that
change,
that
mean
no
need
to
go
further
unless
they
require
that.
A
That
doesn't
mean
we
don't
have
to
track
the
other
mirror
repository,
because
most
of
these
mirror
repository
have
the
artifacts
stored
sooner
later
on
the
central
repository
such
as
jig
it,
for
instance,
but
at
least
this
one
is
far
far
away
from
the
other,
so
the
brown
out
that
will
be
the
first
edition,
and
then
we
will
make
conclusion
most
probably
that
problem
out.
If
it
takes
his
promises,
we
will
plan
an
another
burnout
in
two
weeks
that
will
last
at
least
one
full
day.
And
finally,
if
everything
goes
as
expected,
we
will
plan
persisting.
A
That's
that's
sitting
in
the
future.
A
Okay,
please
note
that
the
immediate
consequence
is
that
there
will
be
soon
later
today
or
tomorrow
morning
last
last
deadline
a
change
in
the
settings
XML
of
our
ciao
ACP
systems.
A
A
That
means
any
artifact
downloaded
from
the
maven
Central
and
not
from
our
artifactory
inside
the
engine.
Kimsayu
won't
be
cached
at
all
and
they
will
be
redownload
every
time
that
might
increase
a
bit
some
of
the
builds.
We
will
assess
the
consequences
of
that
later,
the
priorities
to
decrease
the
outbound
bandwidth
on
artifactory,
and
then
we
will
think
about
a
way
to
Cache
this
artifact,
either
using
ACP
or
another
method.
A
Okay,
okay,
that's
the
cat
will
block
something.
Sorry,
I
I
had
me
worried:
Next
Issue
don't
grade
to
http
when
there
is
no
trailing
slash.
So
our
security
officer
following
security
report
communicated
to
us
that
when
you
try
to
reach
Jenkins
Sayo
with
a
suffix
something
there
is
a
two
HTTP
redirection,
the
first
one
that
goes
to
http,
which
then
redirect
itself
to
https.
Again,
we
don't
want
https
to
http
download
connection.
A
A
Okay,
any
volunteer
is
welcome
to
check
this.
A
A
So
the
goal
of
that
issue
is
to
help
the
human
operator
that
we
are
on
that
security
people
are
to
avoid
this
problem,
so
at
least
on
the
common
prompt.
We
want
to
have
the
full
qualifying
name
that
will
be
controller.trusted.caigenkins,
IO
or
private
controller
cigo,
and
ideally,
if
we
could
have
had
custom
colors,
at
least
for
the
root
user,
that
will
help.
So
that
might
be
a
bit
of
Linux
and
a
bit
of
puppet
to
purchase
the
Linux
setup.
That's
a
quick
one,
but
that
will
help
a
lot.
The
security
teams.
A
This
allow
issue
Creation
in
event,
project
type.
That's
me
being
late!
It's
a
jira
admin
step.
As
far
as
I
can
tell
I
haven't
looked
on
this
one
in
detail,
so
no
expectation
here
I
need
to
take
it
or
any
other
Azure
admin,
yeah
AWS
decrease
cost
for
summer
2023.
A
That's
an
epic
top
level
issue
that
we
keep
on.
While
we
are
working,
that's
our
top
priority.
Alf.
Most
of
this
work
is
done
by
RV,
with
the
update
Center.
The
rest
is
taken
by
me
around
the
PKG
machine
migrating
to
Azure,
we'll
discuss
about
that
on
Ubuntu
22.
A
A
A
Ubuntu
22
a
great
campaign
for
that
one
I've
started
checking
PKG
Jenkins,
which
is
still
on
the
same
virtual
machine
that
we
want
to
get
rid
of
as
Update
Center.
A
Most
probably,
we
will
start
with
only
an
Apache
service
based
on
the
mirror
bit
charts
that
Irving
mentioned
earlier,
which
serves
static
files,
and
that's
all
that
service
package.
Origin
Jenkins
as
the
package
indexes,
which
is
then
proxied
by
the
fastly
CDN.
So
that
service
has
a
low
usage
but
is
really
really
important,
and
so
the
goal
is
to
Move
It
from
AWS
to
Azure
cluster.
So
then
we
should
be
able
to
not
depend
on
the
remote
virtual
machine
for
generating
packages
during
the
core
releases,
so
work
in
progress
on
this
one.
A
The
most
complicated
part
for
me
is
to
find
every
core
release,
steps
that
interact
with
that
machine,
and
there
are
a
lot
not
mentioning
that.
Also,
the
plugin
updates
is
also
interacting
with
that
machines.
Sometime
for
Update
Center
sometime
for
package
sometime
for
both
so
I
right
now,
I'm
trying
to
assess
the
different
elements
and
I
will
report
with
diagram
here.
A
Finally,
last
one
no
work
was
done
on
remove
IP
restriction
on
Bounce
or
migrate
to
VPN
I've
created,
as
we
will
see
with
the
issue
to
tray
H
the
issue
about
search,
CI
cleanup
and
hold
Network
cleanup.
We
are
inside
that
area
for
now,
I
won't
be
able
to
work
and
I.
Don't
think
none
of
us
will
be
able
so
I
propose
that
this
issue
is
delayed
of
at
least
two
weeks.
A
No
objection,
okay,
I've
I've
bought
everyone.
So
now,
let's
have
a
look
at
the
issue
to
try
h.
Do
we
have
new
important
issues?
Do
you
have
topics
that
you
want
to
mention
new
issue,
new
things.
C
A
Will
only
look
at
the
last
one
artifactory.