►
From YouTube: Platform SIG 2019 07 30
Description
Jenkins platform special interest group meeting July 30, 2020 with topics including:
* AdoptOpenJDK for Docker on Alpine, Debian Buster, and CentOS
* Deprecating the Docker agent images for Debian Stretch
* Extension development techniques
* GitHub App Authentication on ci.jenkins.io
* Plugin installation manager as a preview in Docker images
meeting notes are at https://docs.google.com/document/d/1bDfUdtjpwoX0HO2PRnfqns_TROBOK8tmP6SgVhubr2Y/edit#heading=h.urkdf8d59im8
A
A
A
So
please
to
note
that
the
meeting
url
has
switched
to
the
cdf
zoom
account
and
I've
done
all
the
actions
for
it.
I
have
not
completed
the
jet
for
docker
operating
system,
support
and
platform
selection
rules.
Yet
yes
I'll
get
to
it.
The
docker
build
work,
rework
pr
that,
I
believe
is
actually
distinct
from
the
alpine
transition
right
from
for
the
adopt
open,
jpdk
transition.
Yes,
it
was
rather
for
platform.
Support
adopt
open.
Gdk
is
also
on
the
table
right,
okay,
so
this
one
this
one
still
is
open.
A
B
I
need
to
look
back
at
that
one
again,
because
I
think
he
has
done
all
the
changes
that
I
asked
for
so
I
will
look
at
that
a
good
day
and
update
my
review.
B
Right
I
would
like
to
get
that
one
in
before
the
adopt
open,
jdk
switch
just
because
jim's
a
lot
of
work
in,
and
it's
looking
good
for
my
side.
So
I'd
like
to
do
that.
If
we.
A
Can
okay
great
and
now
the
the
build
rework
that
jim
did?
That
is
just
reworking
current
images
that
doesn't
provide
us
with
with
s390x
image
or
powerpc
image.
A
That's
correct
because
we
need
to
switch
to
a
doctor
for
jdk
for
us
got
it
okay,
great.
A
A
Excellent
thanks.
Okay,
then
review
the
alpine
image
update
pr,
and
I
think
this
one
may
be
this
is
the
use
adopt
open,
jdk
one
yeah,
okay,
great
all
right.
So
this
is
the
one
that's
mentioned
in
that
next
item
on
the
agenda
here
and
again,
the
action
there
is
more
review
yeah
and
given
the
sequence
more
review
of
this
one
review
and
final
sign
off
of
922.
B
Right
and
then
I
would
have
to
possibly
do
a
little
bit
of
rework
on
my
pr
adopt
files,
change
and
stuff
like
that.
So.
A
C
It
was
mentioning
I
migrated
jenkins
fellow
radar
images
to
adopt
open
jdk,
so
the
recent
beta
15
release
runs
on
the
adopt
open
jdk.
There
were
a
few
differences
in
packaging,
for
example,
git
etc,
but
in
general
it
works
pretty
well.
D
B
C
Yeah
also,
there
is
an
interesting
image
called
adopt
open,
gdk,
11
gre
vh
alpine,
which
is
actually
just
50
megabytes
yeah.
Oh.
C
Yeah
I
tested
it
with
rings,
fell
runner
that
works
quite
well.
Well,
I'm
trying
to
compress
my
own
part
because
edgings
fell.
Runner
is
about
200
megabytes
right
now,
because
of
because
of
the
fact
that
it's
prototype
but
yeah.
My
overall
experience
with
adoption
is
perfectly
fine,
all
the
tests
etc
pass
without
any
issues
and
well,
it's
not
a
surprise,
because
sergeant
also
runs
an
adopt
open
gdp
and
we
haven't
noticed
any
problems.
B
So
as
we
go
to
switch
to
adopt
jdk,
they
do
not
have
a
stretch
image,
so
this
is
right
now
this
is
for
agent
docker
images.
B
B
And
I
would
say
deprecate
because
even
if
we
stood
if
we
keep
building
with
open
jdk,
then
we've
seen
that
those
images
are
not
updated,
and
so
there
are
possible
security
issues
going
forward
in
the
future.
So
that's
my
reasoning
behind.
A
B
A
A
A
So
that
that
explains
why
I
think
mine
is
still
running
232,
because
it's
based
on
the
the
jenkins
core.
Okay,
thanks
any
discussion
needed
around
the
question,
and
it
seems
like
it's
a
clear,
clear
thing
that
we
should
do
acknowledging
that
we
want
updated
images
and
buster
has
been
out
for
a
long
time.
B
C
The
group
to
so
yeah
what
we
could
do,
we
could
actually
do
a
final
release
of
these
images
and
inject
the
duplication
warning
right
inside
the
entry
point.
So
anyone
who
launches
this
image
gets
an
error
message
in
this
year
that
the
image
is
deprecated
and
after
that
here
we
can
link
them
somewhere
and
after
that
we
can
stop
shipping.
The
images.
A
A
C
A
C
C
A
A
C
C
It's
rather
jenkins
default
image.
Oh
yes,
right
jenkins
default
image.
A
D
Yes,
so
seven
trying
to
develop
a
new
extension
implement
a
new
extension
from
an
extension
point
within
the
git
plugin
and
the
extension
I'm
dev
developing
is
in
the
github
brand
source
plugin.
So
my
question
is
that,
while
I'm
implementing
the
extension
point
in
the
github
branch
source
plugin,
I
need
a
class
from
the
git
plugin,
which
is
not.
D
It
doesn't
exist
in
the
existing
release
of
the
plugin
and
to
do
it
locally.
I
I
I
have
a
simple
hack
of
actually
it's
not
a
good
hack,
but
I
just
replace
the
jar
in
the
m2
depository.
But
what
is
the
right
way
to?
What
is
the
right
approach
to
do
it?
How
would
I,
since
it's
a
git
plug-in,
is
not
an
external
dependency
within
the
form
of
github
branch
source?
I
assume
it's
been
taken
from
the
parent
form
or
something
like
that.
D
A
A
As
the
as
the
version
on
which
you
depend.
D
A
So
so,
if
we
look
at,
I'm
gonna
bring
up,
let's
bring
up
here,
we'll
just
do
it
in
this
other
window
bring
up
jenkins
here
and
let's
look
at
the
get
plug-in
oops.
Let's
look
it's
it's
the
get
plug-in.
You
need
not
to
get
client
plug-in
right.
D
A
A
Okay,
so
richard
I
may
I
let's
see
if
we
can
do
it
here,
borrow
one
from
here
and
okay,
so
it
looks
like
I
have
a
fix
to
make.
I
apologize
for
this.
I'm
gonna
have
to
show
you
with
get
client
plug-in.
That's
a
good
cause
for
embarrassment.
Sorry
for
the
embarrassment
of
the
the
demonstration
I
wanted
to
show
is
a
complete
failure,
because
it's
not
available
there's
a
jesse
glick
was
very
kind.
A
He
pointed
out,
look
mark
you're,
being
a
little
too
too
tricky
in
the
build
plug-in
call
that
you're
making
in
your
broken
incremental
publishing.
So
we
fixed
that
in
the
git
client
plug-in
where
you
should
be
able
to
see
here.
We
go
now
this,
so
I'm
going
to
make
this
much
bigger
so
that
it's
actually
readable
oops,
okay.
Okay!
So
when
you
look
at
the
at
the
successful
artifacts
built
from
the
get
plug-in
you'll
see
this
get
client
plug-in.
A
So
so
it
should
be
enough
to
reference
that
thing,
but
we've
got
to
fix
it
in
the
git
plug-in,
so
you
can
do
the
same
either
that
or
we
have
to
release
and
I'd
rather
not
release
with
a
preliminary
version
just
so
that
you
can
do
development.
So
this
notion
of
an
incremental,
let's
see
if
I
can
find
on
jenkins
dot,
io.
A
Because
there
is
a
there
are,
there
are
good
good
instructions
or
good
insights
from
here.
We
go
from
jesse
glick
on
how
to
do
parallel
component
development.
D
A
A
It's
probably
better.
If
you
do
it
model
it
after
the
one,
that's
in
the
git
client
plug-in.
It
will
be
sad.
It's
sad
for
me
because
I,
like
all
the
sophistication
I
put
into
that
jenkins
file,
it
does
random
version
numbers,
it
does
all
sorts
of
elegant
little
things,
but
it
breaks
an
important
feature.
A
Oh,
oh,
that's
right!
Okay,
so
oleg
to
be
more
precise
or
to
be
to
be
more
detailed
there.
He
could
just
do
a
make
or
a
maven
clean,
install
on
from
the
git
plugin
directory,
and
then
he
could
reference.
That
is
that
correct
or
tell.
C
C
Now,
well,
it's
a
snapshot,
but
it's
a
timestamp
snapshot,
so
what
it
means
that
it
gets
deployed
to
the
jenkins
satisfactory
and
it
will
remain
there
for
a
particular
amount
of
time.
If
I
recall
correctly,
two
weeks
and
during
these
two
weeks,
it
can
be
referenced
through
from
enable
request
in
other
components
so
that
you
can
test
it.
A
So
my
fear
is
that
he
probably
does
not
have
permission
to
deploy
to
the
to
the
get
plug-ins
section
of
the
do
not
have.
C
To
have
permissions,
oh
okay,
you
can
deploy
snapshots
if
you're
locked
in
towards
the
factory
ones,
so
you
still
need
to
configure
your
environment
in
order
to
push
releases,
but
you
don't
have
to
have
release
permissions
to
deploy
snapchat.
D
Okay,
even
like,
even
if
I
don't
deploy
it
and
I
build
it
locally
in
my
machine,
will
the
github
brand
source
plugin,
wouldn't
it
be
able
to
find
the
jar
snapshot
jar
from
my
m2
repository
for
my
local
development.
C
C
C
A
Okay,
so
it
then
place
your
jenkins
password
in
the
art
in
the
maven
settings:
yeah,
okay,.
A
C
C
C
But
yeah
it's
a
kind
of
not
so
official
way
being
compared
to
incrementals,
because
yeah
the
most
of
contributors
moved
on
to
incrementals
but
yeah.
I
still
remember
on
the
previous
floor.
D
A
C
Not
for
me
so
maybe
related
topic,
we're
switching
searching
for
you
to
use
github
application
identification.
For
example,
packaging
repositories
have
been
already
switched,
so
it
means
that
docker
images
and
those
native
packages
on
neuron
ci
they
authenticate
as
a
github
application,
and
the
next
step
is
to
actually
have
a
warning
plug-in.
It's
already
installed
on
sierra
inside
and
yeah
one
of
jsoc
students
casually.
He
is
working
on
integration
of
these
github
checks
api.
C
This
integration
has
been
released,
but
it
hasn't
been
yet
deployed
on
scion,
but
once
it's
today
we
can,
for
example,
publish
docker
scan
reports
et
cetera,
because
there
are
standard
formats
which
I
will
be
supported
by
working
singing.
If
I
recall
correctly-
and
definitely
you
can
start
doing
things
like
just
static
analysis,
so
whatever
for
the
images.
A
C
C
And
yeah
another
thing,
so
if
somebody
is
interested
in
advanced
plugin
management,
I've
got
a
staged
full
request
from
kim
jacom,
which
includes
plug-in
installation
managers,
tool
and
efficient
blocker
images.
A
C
So
it's
once
it's
released,
it
will
be
available
for
evaluation
and
hopefully
it
will
help
to
facilitate
more
feedback.
So
what
we
discussed
that,
basically
installation
management
will
be
shipped
as
preview
so
that
anyone
who's
interested
can
try
it
out.