►
From YouTube: 2022 11 08 Jenkins Infra Meeting
Description
No description was provided for this meeting.
If this is YOUR meeting, an easy way to fix this is to add a description to your video, wherever mtngs.io found it (probably YouTube).
A
A
A
Let's
get
started
so
as
a
reminder.
Last
meeting
was
two
weeks
ago.
As
far
as
I
can
remember:
yeah
25
of
October-
let's
get
started
with
announcement,
so
the
new
weekly
is
almost
terminated
as
usual.
The
docker
container
should
be
available
since
10
minutes
I've
triggered
manually.
The
Builds
on
trusted
CI,
so
pays
release
is
okay,
container
image
now
available
and
rest
of.
A
A
I,
don't
know
the
scope
of
the
security
release,
so
I
can't
tell
if
it's
on
the
car
or
only
plugins.
If
it's
only
plugins,
then
we
should
have
the
weekly
as
usual,
otherwise
or
yeah.
If
it's
called,
we
will
have
a
new
weekly,
so
yeah,
a
weekly
will
be
scheduled.
Tuesday
for
sure
is
planned
end
of
November
as
far
as
I
can
tell.
A
Next
major
event:
February
for
them,
the
cicd
room
has
been
accepted.
So
if
you
have
any
idea
to
submit
a
talk,
please
do
it.
So
the
CI
CD
room
will
host
a
lot
of
a
bunch
of
talks
around
cicd
as
the
main
thematics.
There
is
also
go
along
the
room
so
expect
some
Jenkins
contributor
present
there.
So
if
you
want
to
submit
a
subject,
don't
hesitate,
you
can
submit
a
two-person,
but
don't
wait
too
long.
If
you
have
an
idea
that
is
usually
free
for
February
2023.
A
Nothing
here
more
for
you,
let's
get
started,
so
that
was
a
huge
two
weeks.
Iteration
first
pattern.
If
my
if
GitHub
want
to
load
on
my
machine,
we
had
a
lot
of
closed
and
open
issue
about
people
starting
to
ask
for
a
password
reset,
I'm,
not
sure
which
kind
of
events
triggered
that
hello
GitHub.
Is
it
only
me
that
has
issue
with
GitHub?
Was
it
my
ISP.
B
A
Okay,
let
me
open
in
advance
all
the
issues
then,
so
we
already
have
on
the
backlog,
an
eldest
template
for
account
recovery
issue.
The
idea
would
be
to
add
a
special
template
when
people
open
issues
to
help
them,
because
that's
always
the
same
pattern.
People
ask
for
a
credential
reset.
A
A
So
thanks,
everyone
involved
on
sending
some
never
answer.
So
it's
closed
as
no
action.
Some
answer
with
issues
that
allowed
us
to
fix
element,
so
that
was
just
for
this
tiny
minor
issues:
missing
data
dock
metrics
for
the
prod
public,
Gates
AKs
cluster.
So
now
we
have
metrics
so
that
issues
was
closed
because
we
saw
some
metrics
appeared
last
month,
but
in
fact
we
were
missing
a
lot
of
metrics.
There
were
error
message
due
to
misconfigure.
No,
so
it
was
no,
it
wasn't
misconfiguration.
A
A
There
is,
which
means
it's
encrypted,
but
there
is
no
verification
of
the
certification
chain,
because
the
certificate
presented
by
the
kublet
doesn't
have
a
sun
as
a
field.
Sun
I,
don't
know
why
it's
free
career,
they
haven't
dipped
on,
but
that's,
let's
say
a
recommendation
by
boss,
Microsoft
and
datadog.
That's
a
disable
TLS
for
data
dog,
so
changing
that
and
our
metrics
started
to
populate
again.
A
It's
still
encrypting
the
data
inside
the
TLs
using
triplets
and
other
couplet
certificates.
So
that
means,
if
you
have
a
random
pod,
it
cannot
pass
for
the
couplet,
because
there
is
a
sign
signing
system
with
it.
So
no
worries
on
that
area
so
that
one
allowed
us
to
enable
the
nginx
integration
that
RV
was
working
on.
So
thanks
folks,
because
that
one
was
quite
tricky.
A
Remove
ppc64
mentioned
on
cig
and
Kim
sayon
thanks
Bruno
thanks
Stefan
for
doing
all
that
work.
So
now
it's
it's
easier
and
we
don't
have
outdated
things.
A
Artifact
download
failed
on
agent
choosing
repo
cache
thanks
a
lot
RV
for
taking
care
of
the
ACP
artifact
caching
proxy
service,
especially
with
the
early
users.
So
thanks
for
fixing
the
issues,
access
to
npm
namespace
finally
has
been
recovered,
so
giving
us
everything
required
for
putting
web
components
and
whatever
npm
Library
under
a
legit
name.
Bank
survey
for
that
work
and
giving
as
well.
A
Alex
brandes
did
not
have
Administration
right
on
jira,
so
I
took
care
of
archiving
the
modules
it's
quite
as
if
you
are
jira
admin.
You
have
to
go
on
the
administration,
you
select
the
Jenkins
projects
and
there
is
a
list
of
components
and
there
is
a
button
archived
for
each.
That's
really
easy.
A
Windows
ACI
11
agent
broken
because
git
wasn't
in
the
path,
so
it
was
fixed
less
than
one
day
after
the
issue
was
ready.
However,
we
had
to
add
a
integration
test
to
the
image
Builder
to
ensure
that
that
Prem
doesn't
happen.
So
we
might
still
see
issues.
We
have
to
grow
the
integration
test,
RNs
for
these
images,
but
now
it
has
been
fixed.
A
C
I'm
using
RSS
to
Twitter
repository,
it's
a
Google
application,
it's
running
on
hot
public
AIDS
cluster
and
it's
fixing
the
CSS
feed
three
five
minutes
and
publish
a
new
tweet
if
we
knew
with
them
nice.
C
I'll
probably
do
work
around
the
Twitter
together
get
action
which
allows
publishing
tweets
as
code
I'll
discuss
this
with
nothing.
This
makes
it
interesting.
A
Absolutely
cool
that
that
also
has
been
a
long
running
discussion
as
for
at
this
since
four
or
five
years,
so
that
will
be
cool
Next,
Issue,
cig
and
King
Sayo
does
not
have
enough
so
permission
on
the
missing
repositories,
so
some
repositories
weren't
allowed
on
the
exhaustive
list
for
the
GitHub
app
if
I'm
correct
so
CI
Jenkins
are
you
using
the
GitHub,
app
automatically
generated
and
changing
token
wasn't
low
to
fetch?
It's
not
the
only
repository
that
mean
I
mean
that
happen.
Sometimes
it's
weird
on
making
us
waste
time.
I.
D
A
Posting
Timon
boarding,
so
thanks
a
lot
everybody
for
checking
that
one,
a
big
issue
upgrade
to
kubernetes
1.23.
So
congratulations
folks!
You
were
able
to
do
it
before
end
of
October,
so
we
weren't
locked
out
on
digital
ocean
and
it
will
be
dropped.
1.22
is
planned
to
be
dropped
in
Amazon,
end
of
November.
So
nice
timing.
A
It
was
quite
an
easy
one,
especially
in
AWS,
so
great
great
work
on
that
one
and
we
can
already
start
planning
the
next
one,
but
I
particularly
appreciate
the
fact
that
both
of
you
took
a
lot
of
notes
and
feedback.
So
we
can
benefit
from
our
mistakes
or
learning
each
time
really
really
useful.
That
absolutely
changed
the
pace
of
the
upgrades.
We
never
had
a
such
a
build.
We
are.
We
are
almost
up
to
date
to
the
latest
available
kubernetes
on
our
clouds.
A
A
So
no
infrastructure
task
Update
Center
returning
404,
so
that
one
thanks
Danielle,
he
answered
the
person
was
using
an
unofficial
feature
of
the
update
Center,
which
were
during
sometimes
it
were
generating
Dynamic
vision
for
the
update
Center
index
Danielle
gave
the
gave
them
the
new
official
way
with
the
documentation
link,
so
nothing
to
do
on
our
side
and
we
were
able
to
close,
and
one
last
password
issue
did
I
miss
something
that
we
finished.
That
is
not
on
that
list.
A
Nope:
okay:
let's
go
to
the
work
in
progress,
then
up
okay,
so
CI
Jenkins
are
your
stories
is
not
handling
pull
requests,
so
multiple
action
there.
First,
the
root
cause
seems
to
be
missing.
Permission
on
the
GitHub
app
I
was
able
to
discover
that
because
I
created
a
new,
a
new,
a
new
job
and
it
was
failing
and
by
looking
at
the
logs.
That
was
the
main
issue.
A
However,
I've
moved
I've
removed
the
stories
from
the
infra
GitHub
organization,
folder
on
Sage
and
kinsayu,
and
now
there
is
a
static
multi-branch
configuration
on
the
for
the
website.
That's
a
website
not
really
tied
to
the
infrastructure.
It's
a
multi-branch,
so
it
can
be
tuned
to
have
different
settings
than
the
rest
of
the
other
websites
which
wasn't
possible
with
the
infra
settings,
the
less
infra
things
we
have
on
that
automatic.
Further,
the
the
hazier
it
will
be
to
provide
feature
to
the
end
users.
A
A
new
job
location
on
cigo
and
now
the
work
in
progress
is
on
unifying
the
two
pipelines.
Right
now
we
have
a
Jenkins
file
built
by
CI,
Jenkins
IU,
and
the
Jenkins
file,
whatever
built
by
infrasti
thing,
is
that
we
saw
that
pattern
on
the
plugin
health
and
some
other
repositories
as
well.
Having
two
different
Pipelines
makes
not
visible
anything
that
happened
on
the
private
infrasti,
so
infati
should
be
while
it
should
only
be
used
for
continuous
deployment.
A
So
the
the
tentative
I'm
doing
is
to
have
one
single
pipeline.
The
CI
Port
will
be
done
on
cigenkins
IU,
and
only
the
deployment
part
it
is
the
docker
push
should
be
done
on
Docker
info
in
real
life.
Both
controller
will
do
all
the
steps
in
parallel.
At
the
same
time,
except
they
will
be
using
the
same
templates.
The
same
tools,
the
same
steps,
so
any
issue
on
cig
and
say
you
will
be
visible
on
infra
and
infrasti
should
not
be
triggered
with
the
pull
request.
A
If
we
are
successful
on
that
one,
we
can
generalize
the
pattern
to
other
the
main
pain
point
today
and
that's
why
I
spent
some
time
on
the
backer
image
is
that
we
are.
We
have
a
custom
container
in
Frasier
and
we
have
our
current
backer.
Imagine
CI.
So
we
had
to
transplant
all
the
missing
tools,
so
both
pipeline
can
do
the
same
thing.
A
A
Missing
tools,
any
question
on
this
one:
okay,
login
issue
to
be
done:
I
mean
we
are
waiting
for
I,
think
more
concert.
I,
don't
think
we
should
spend
time
on
that,
one,
the
person
should
answer
or
we
will
close.
It
forget
password
same
issue:
Windows
agent
on
CI
Jenkins,
IO,
disconnect
prematurely
so
soon's
like
there's,
been
an
issue,
but
it
was
on
the
acceptance
test,
Mark
logged
in
on
the
issue
that
it
was
testing
for
the
windows
label,
but
that
label
is
not
expected
to
be
used
might
have
been,
but
now
we
have
Windows
2019.
A
B
A
We
haven't
checked
the
reason
why
it
was
failing
the
acceptance
test
trying
to
spawn
a
Windows
was
failing.
I,
don't
know
that
could
be
an
error
in
the
acceptance
test,
but
good
points.
That's
why
I'm
proposing
to
remove
the
Windows
label
because
for
sure
there
might
be
a
cloud
template
implementing
it.
If
we
remove
it,
then
either
we
might
have
some
hidden
jobs
or
people
doing
word
stuff
since
years
with
the
windows
label,
and
then
in
that
case
they
will
be
waiting
on
Bill
Q
blocked.
A
So
then
we
can
pull
request
on
repository
and
change
it,
but
yeah
the
acceptance
test
wasn't
testing
the
reality.
That's
the
thing,
because
Mark
wasn't
able
to
to
see
the
same
behavior
on
your
life
use
cases.
Okay,
so
incident
should
be
closed
because
there
wasn't
really
an
incident,
but
only
once
either
the
acceptance
test
is
fixed
or
the
label.
Windows
is
removable
no
incident
but
label
windows
to
be
removed.
A
Node.Js
missing
on
agents,
so
I
did
a
change
for
the
stories
using
starting
to
use
our
custom
container
web
Builder
the
same
that
was
used
on
infrastia.
A
We
will
have
the
same
issue
with
the
Packer
image
container
that
I
plan
to
use
as
soon
as
possible
as
well
thing
is
that
node.js
must
be
loaded
in
the
environment
using
SDF
on
Linux
I.
Don't
know
why!
But
after
that
challenge,
using
a
starting
to
use
SDF
some
of
the
whatever
npm
command
line
tool,
agv
I
think
they
try
to
resolve
node.js
from
the
shebang
user
bin
off
and
it
fails
I,
don't
know
why.
So
that
need
more
diagnosis,
because
that
could
be
a
reason
for
not
installing
node.js
using
a
SDF.
C
I
have
so
many
issues
and
a
lot
of
people
are
doing.
Somebody
think
between
no
education
and
this
past.
A
Which
is
apps,
which
defeats
the
purpose
of?
Do
we
agree,
so
that
means
stop
installing.js,
who
has
the
SDF
and
using
an
official
node.js
release?
The
reason
of
using
a
SDF
on
the
backer
image
is
because
it's
it
does
a
lot
of
things
for
us
and
it
allows
to
have
multiple
versions
installed
at
the
same
time,
which
now
we
need
for
Ruby,
that's
the
only
real
requirement
for
the
rest,
whether
we
use
an
SDF
command,
which
means
we
install
SDF.
A
We
install
SDF
plugin
and
install
the
line
and
set
it
as
Global
and
set
the
environment
variable,
or
we
do
this
five
same
step,
download
the
correct
version
of
whatever
installer
on
it
add
the
password
enrollment
variable
and
you're
done.
So
there
is
no
complexity.
Difference
between
both
sorry
Stephen.
A
A
Pipeline
step,
dog
generator
and
back-end
extension
indexer,
so
work
is
done,
but
need
to
enable
CI
for
public
visibility.
So
same
thing
as
the
unifying
the
pipelines
that
we
have
for
story.
We
want
external
contributor
when
they
change
the
code
to
have
a
public
available
CI
and
only
the
full
generation,
or
at
least
the
Fuller
upload,
to
reporting
inside
you
of
the
generated
report
should
be
in
the
first
year
same
as
stories.
A
Stefan
you
mentioned
a
few
days
ago
that
you
were
interested
in
learning
a
bit
more
on
Jenkins
builds
and
pipeline
stuff
in
a
more
advanced
way,
because
you,
you
know
your
way
now,
but
that
one
is
a
quite
age
case.
Are
you
interested
to
help
me
on
that
one
to
learn
a
bit
more
on
a
real
life
example
of.
A
C
Looking
at
the
dog
logs,
we
noticed
the
zero,
where
only
on
the
as
your
provider
known
on
the
digitalization
provider,
while
so
that
is
in
between
them
is
about
one
third
to
two
front
two
further
for
for
azure,
so
we
are
suspecting
it's
the
IP
overlap
problem
we've
got
on
azure,
which
may
be
the
cause,
so
I
I'm,
creating
the
new
private
okay
with
this
cluster,
with
the
from
right
now
to
see.
If
you
can,
if
you
can
Services
kind
of
problem.
A
Makes
sense
thanks
for
the
status
okay,
I
thought
it
was
another
issue,
good
prioritize,
the
private
carry
test,
please
public
Gates.
A
Okay,
so
that
will
be
an
upcoming
issue
then
later
so,
if
that's
okay
or
they
can
can
I,
let
you
add
a
command
with
that
status
on
the
issue,
so
we
can
move
that
issue
to
the
Jenkins
info
next,
because
we
have
to
solve
the
network
issue
now
in
order
to
solve
the
caching
proxy
Behavior.
A
A
Can
you
add
a
comment
on
the
issue
three
two
to
one
explaining
that
we
need
to
walk
to
the
private
Gates
and
to
the.
A
It's
already
done,
if
that's
the
case,
that's
perfect
and
nothing
to
do,
but
right
now
we
won't
be
able
to
walk
here
because
it's
blocked
by
we
need
to
fix
the
IP
overlap
for
sure
now
we
have
measured
it
and
seen
with
data
thanks
for
the
heads
up
next
minor
issue
at
the
nail
desk
template
for
accun
Recovery
issue,
because,
given
the
sudden
peak
of
that
kind
of
request,
we
needed
trying
to
help
us
at
least
that
will
be
easier
to
close
it.
If
we
don't
have
enough
information.
A
Thanks,
if
you
don't
want,
we
can
do
it
as
well.
No
worries,
just
let
us
know
backload
of
already
built
items
in
Q
and
CI
Jenkins.
So
since
the
deployment
of
the
incremental
plugin
on
the
tissue,
we
did
not
see
more
issues
on
sea
agent
can
save,
even
though
we
restarted
it
twice
since
the
installation,
but
no
more
ghost
builds
so
I've
sent
the
message.
So
the
thing
is
that
we
are
using
a
version
of
the
plugin,
which
is
a
pull
request,
which
is
not
in
line
with
the
latest
version
of
the
plugin.
A
So
we
will
let
the
plugin
maintainer
find
the
solution
proposal
is
that
we
keep
that
until
next
weekly
team
meeting
one
one
week
more
because
for
sure
we'll
have
restarts,
and
then
we
see
I
propose
even
16
of
November,
given
the
15
will
be
security
release.
A
A
C
A
D
A
C
What
the
Canada
is
also
I've
did
some
improvement
to
the
airplane
Library.
First,
we
can
Define
within
a
global
which
provider
are
available,
so
we
can,
for
example,
disable
the
AWS
one
if
it's
out
it
is
Stone
and
I've
also
added
an
health
check
with
a
simple
curve
to
before
using
the
provider
to
see.
If
it's
up,
if
not
it's
it
fall
back
to
uploaded.
Jenkins
show
you
the
top.
C
A
A
B
Yes,
I
started
to
try
a
draft
of
backup,
restore
and,
of
course,
there's
tons
of
Errors,
so
I
need
to
make
sure
that
the
backup
is
full
and
not
just
partially
I
think
that
the
user
I'm
using
for
the
backup
doesn't
have
enough
rights
to
get
in
the
data
into
the
backup,
but
that's
brand
new,
so
I'm
working
on
it
right
now.
A
Okay,
so
that
mean
you
already
created
the
database
right,
yes,
okay,
the.
B
Destination
new
database
is
created
in
the
already
existing
database,
installs
that
we
we
buy
in
azure.
A
A
B
A
No
problem
realign
report
Jenkins
Mission,
so
we
had
a
meeting
with
Chief
frog
last
week.
Mark
and
hi
I
will
share
the
notes,
so
they
still
have
to
come
back
to
us
for
the
repository
migration
from
the
current
infrastructure,
the
g
frog
is
run
for
us
to
the
new
SAS
service
that
provide
a
bit
more
metrics.
A
They
are
late
on
that
process
due
to
human
reasons,
but
there
will
be
an
outage,
so
the
outage
should
span
a
few
hours,
so
I
told
them
if
they
need
a
world
day
of
outage
no
problem
as
soon
as
we
know
it
early
enough
to
let
our
user
know.
So
we
don't
try
a
security
release
that
day,
of
course,
but
it's
safer
if
they
take
their
time,
because
that
could
be
quite
the
the
the
issue,
so
they
told
us,
they
told
us
that
they
will
keep
one's
migrated
successfully.
A
They
will
keep
the
old
machine
with
its
storage
available
for
one
month,
which
means
at
any
moment.
If
it
goes
wrong,
we
can
always
fall
back.
The
the
domain
name
back
to
the
odd
instance,
at
least
during
the
few
hours
or
days
of
right
after
the
migration,
and
also
if
we
run
any
operation
or
if
we
lose
any
data
on
the
new
instance.
We
can
always
restore
from
the
old
instance.
A
Second,
Mark
and
how
you
are
going
to
work
on
that
topic.
First,
we
need
to
write
down
things
and
to
test
some
scenarios.
Some
scenarios
for
the
bandwidth
decrease.
A
The
idea
is
Co
we
can,
or
we
can
enable
Authentication,
Arc
and
Damian
to
write
an
act
to
find
a
proper
path
bond
with
that's
the
top
priority
issue,
like
the
top
priority
issue.
That's
why
Mark
and
I
are
walking.
The
second
top
priority
is
the
IP
overlap,
which
is
still
important
and
still
is
linked
to
shift
Rock
bandwidth.
A
Because
by
enabling
Authentication,
that
means
we
will
add
more
service
pressure
and
quality
of
service,
so
ldap
won't
accept
the
same
maintenance
Windows
as
it
used
to
have
so
we'll
have
to
find
a
solution
that
work
external
DNS
to
the
kubernetes
cluster
with
an
Ingress.
A
Okay,
do
you
have
other
new
issues
that
we
should
talk
about?
You
have
no
issues
that
arrive
that
are
not
the
backlogs
today.
C
So
when
I
started,
they
cluster.
A
Okay,
so
the
plan
just
a
reminder-
or
maybe
a
note
for
Mark,
because
we
discussed
that
this
morning
so
right
now
we
have
plot
publicates,
which
has
the
IP
overlap:
the
production
cluster
that
also
hosts
ACP,
and
we
have
temp
private
Caritas,
which
is
a
temporary
private
cluster
where
infraction
is
running
and
only
in
Frasier.
A
A
Then
we
migrate
all
the
services
from
the
current
prod
publicates
that
should
be
on
the
private
Network.
The
main
one
being
released.ca
reason
is
that
we
don't
want
to
release
CI
to
run
on
a
public
network,
of
course,
so
that
one
could
have
impacts,
but
I,
don't
think
we
will
have
a
lot,
because
the
VPN
right
now
is
the
big
virtual
machine
that
has
access
to
bus
Network.
For
today
we
also
have
a
few
Services
running
inside
prod
public
Gates.
That
should
be
moved
to
private
area.
A
Every
Bots,
for
instance,
because
they
don't
need
in
incoming
requests,
they
only
need
to
need
to
have
egress.
So
this
one
should
absolutely
be
on
the
private
one.
Unless
we
want
to
define
a
category
of
Jenkins
info
user
that
have
access
through
a
dedicated
path
to
the
public
cluster,
but
at
least
release.
A
A
A
One
of
the
main
security
Improvement
in
that
area
that
are
we
pointed
earlier
today,
is
as
pointed
by
Tim
a
few
months
ago.
We
should
stop
using
service
principle,
which
is
a
kind
of
technical
user
system.
With
a
token
that
allows
kubernetes
to
connect
to
the
Azure
API
to
Auto
scale,
to
mount
volumes
to
access
other
Azure
services.
A
That's
a
kind
of
technical
account
right
for
the
API.
A
team
told
us
there
is
a
different
system,
I
think
it's
an
identity
like
the
IM
system
on
Amazon
that
avoid
storing
a
token
and
rotating
a
token.
It
use
instance
based
identity
to
identify
and
that
one
is
now
using
open
ID.
So
that's
the
same
security
level
as
Amazon
as
far
as
I
can
tell
so.
Our
base
currently
experimenting
all
of
this
on
the
private
cluster
first.
A
B
A
Leads
that
area
and
we'll
see
if
we
have
a
last
minute
issues
on
this
one.
A
Other
new
issues,
new
topic,
I,
think
that's
already
a
lot
so
Mark
and
I
focus
on
the
frog,
repo
Airway
focus
on
the
new
repository
and
the
usual
maintenance
of
ACP
and
Stefan
and
I
work.
So
once
Stefan
is
finished,
with
the
key
clock
migration,
we
will
work
on
Jenkins
pipeline
how
to
open.
We
have
unified
pipeline
one
Jenkins
file
for
project
that
will
do
the
CI
and
pull
request
Builds
on
crjenkins
IU,
with
visible
outputs
and
actionable,
and
only
do
the
deployment
part
on
infrastia.