►
From YouTube: 2022 09 23 Platform SIG
Description
Jenkins Platform special interest group 23 Sep 2022
A
Welcome
this
is
the
Jenkins
platform
segmenting
September
23
2022,
that
is
Right
today
welcome
everyone.
Thank
you
for
being
here
Mark.
Today
we
have
quite
a
long
list
of
items
to
have
a
look
at
in
the
agenda,
so
we
have
open
action
item
four
Mark,
of
course,
a
little
subject
about
whisk
risk,
5
and
Jenkins
agents,
container
image,
duplication
for
the
blue,
wish
him
container
management
for
Jenkins
agents.
We
have
to
talk
about
that.
A
Of
course,
we
also
talk
about
Java,
11
or
newer
for
Jenkins
core,
of
course,
Java
17
support
in
Jenkins
and
also
Java's
19,
which
has
been
released
this
week
next
week.
We're
gonna
have
devops
world
and
Mark
and
I
will
be
there.
So
we
of
course
have
to
talk
about
that,
and
the
last
subject
will
be
the
supply
and
change
security.
I
want
to
know
more
about
that,
because
that's
something
I
don't
know
yet.
Mark
will
address
the
subject
of
course.
First
of
all
open
Action
items,
Mark
agent
of
CI
Jenkins
io
on
ppc64le.
B
So
still
still,
the
I
saw
that
the
ci.jenkins.io
agent
actually
is
still
running
there,
so
that
part
is
still
functional,
but
I
still
have
not
shared
the
credentials
and
I've
I've
got
on
my
own
setup.
I've
got
a
problem
with
it
that
I
need
to
investigate
that
I'm,
not
sure
what's
going
on,
so
that
will
that
will
need
further
investigation
after
devops
world.
So.
A
A
Next
one
is
a
short
subject,
but
the
other
day
Michael
hurt
organized
a
giveaway
to
get
a
mq
pro
so
that
a
small,
very
small
SBC,
with
a
risk
5
just
one
core
one
gigabyte
of
ram,
but
it's
a
nice
board
anyhow
and
believe
it
or
not
I
put
an
entry
and
say
that
oh
I
would
like
to
try
a
Jenkins
agent
on
that
and
I
won,
so
I
should
receive
by
next
week.
A
Maybe
at
devops
wall
I
will
maybe
get
it
there
or
when
I
come
back
so
that
I
could,
with
lots
of
quotes.
You
know,
try
along
the
way
to
get
Jenkins
work
on
that
and,
of
course,
to
get
Jenkins
agent
working
on
that.
We
have
to
be
sure
that
Java
works.
There
are
some
GDK
available
for
risk.
5.
I
will
take
some
time
to
evaluate
if
that
works
or
not,
and
I'd
also
love
to
run
a
Jenkins
agent
with
Docker,
so
Docker
is
also
available.
A
A
Next
topic
mark
this
one
will
be
for
you
a
container
image
deprecation
for
the
blue
ocean
container.
I
know
you
did
a
wonderful
work
with
Kevin,
letting
everyone
know
on
the
Jenkins
IO
website
just
about
everywhere.
You
know
you,
maybe
you
should
get
rid
of
blue
ocean
because
it's
not
it
I
mean
bugs
will
be
fixed,
but
that's
all
you
don't.
You
shouldn't,
expect
new
features
or
anything
like
that
and,
of
course,
blues
and
containers
will
have
the
same
fate
one
day
or
the
other.
So.
B
Well
and
the
containers,
it's
even
a
worse
story,
right
we've,
whereas
blue
ocean
is
being
actively
maintained,
at
least
for
bug,
fixes
the
the
blue
ocean
containers
we're
lucky
that
the
automation
is
working
that
gets
them
new
versions,
because
none
of
us
are
doing
active
work
to
to
care
for
those
the
the
operating
system
image
underneath
it
is
not
being
updated.
There
are
all
sorts
of
sort
of
Legacy
problems
hiding
there
and
we
stopped
over
a
year
ago,
referencing
those
so
this.
This
is
very
valuable.
A
Yes,
we
definitely
have
to
so.
Yes,
we
will
have
to
write
some
documentation
on
lots
of
different
places
and
find
a
way
to
communicate
to
users
and
admin,
but
this
will
be
a
work
in
progress.
It
hasn't
started
yet.
But
yes,
that's
something
we'll
address
in
the
coming
platform.
Seek
meetings
now
container
repository
management
for
Jenkins
agent?
Yes,
I
can
testify.
This
is
not
the
simplest
process
ever
I.
A
B
B
That
would
be
better
and
if
we
discuss
them
around
a
whiteboard
in
15
or
20
minutes,
things
will
go
well,
so
we
may,
for
instance,
host
that
discussion
in
the
Jenkins
booth
at
devops
world
or
those
kind
of
places
just
find
a
time
when
we
can
get
together
and
say,
hey.
Let's,
let's
talk
about
this
to
see
where
we
think
it
should
go.
A
Yes,
that
definitely
the
place
in
the
moment
where
we
should
discuss
that,
because
it's
difficult
to
find
right
time
to
discuss
that
with
the
right
person
and
the
contributor
submit
and
Devil's
World
2020
will
be
the
time
and
the
moment
and
the
place
anyhow.
Cool
next
subject
is
required.
Java
11
have
seen
some
news
this
week,
not
really
news,
but
you
know
amazing
that
some
people
were
still
working
on
getting
rid
of
the
GDK
8
links
somehow,
because
some
things
are
still
referencing
gdk8.
So
there
are
still
minor
tasks
ongoing.
B
A
Good
work-
and
it's
also
not
plugins
beginning
to
require
Java
11..
Yes,
there
are
so
many
plugins.
We
can't
require
Java
11
for
all
of
them,
so,
of
course,
this
will
take
some
time
depending
on
the
time
maintainers
have
and
the
emergency
or
not.
Is
it
monetary
to
do
it
as
soon
as
possible?
Or
can
we
still
wait,
but
anyway,
it's
not
a
good
idea
to
keep
working
with
you
yeah
eight.
Now
that
GDK
11
is
at
our
door.
A
Thank
you
now
time
to
talk
about
GDK
17
support
in
Jenkins.
It's
been
quite
a
few
weeks
or
months
even
now
that
we
are
working
more
and
more,
with
GK
17,
even
from
the
infra
CI,
and
for
the
time
being,
nothing
alarming.
Everything
seems
to
be
okay,
ish.
B
Yes,
yeah
as
far
as
well
so
we've
had
specific
reports
about
specific
problems,
one
related
to
active
directory
and
those
problems
are
being
investigated
and
worked.
So
it's
not
nearly
as
stable
as
Java
11
is
across
the
whole
Suite
of
plugins,
but
still
making
good
progress.
A
That's
good
news.
No
19
has
read
that
should
be
good
news,
but
if
you
like
to
work
more,
that's
good
news.
I.
Think
you
told
me
yesterday
that
The
Groovy
upgrade
required
to
remove
illegal
access.
Warnings
will
make
Jenkins
contributors
quite
a
lot
of
work.
B
A
We
still
have
time.
I
was
totally
a
drama
queen.
We
got
in
that
illegal
access
right,
but
okay,
we'll
see
that
maybe
okay
I
prefer
that,
let's
investigate
before
being
so
dramatic.
Thank
you
anyhow.
That's
the
subject.
We
have
to
work
on
in
the
coming
months
or
years
we'll
see
next
week
is
devops
world
2022
Orlando
how
how
come
so
early
so
Tuesday
we'll
have
the
contributor
Jenkins
contributors
Summit
the
whole
day
with
lots
of
contributors.
A
I'm
really
excited
when
I
saw
the
list
of
people
who
were
coming
to
address
and
also
the
agenda,
because
the
subjects
are
really
really
interesting
and,
as
I
said
before
in
this
meeting,
that's
a
perfect
place
and
time
interviewer
to
discuss
with
the
right
people
of
the
right
subject
for
Jenkins.
That
would
be
amazing,
I,
guess,
I'm
sure.
A
One
other
subject
related
to
platform
will
be
with
AWS
people
talking
about
ec2
instances
of
Mac
OS.
They
have
published
a
blog
post
in
jenkins.io
last
week,
I
guess
regarding
the
subject
that
looks
pretty.
A
Difficult
for
QB
for
me,
it
has
always
been
difficult
to
work
with
Mac
OS
in
the
cloud
and
it
looks
like
they
simplify
the
process,
but
it's
still
kind
of
complicated.
It's
not
as
simple
as
getting
something
running
Linux
you
know,
but
we
need
that
as
iOS
developers
or
Mac
OS
developers.
Of
course
we
need
to
have
something
exactly
working
and
I
hope
that
it
won't
be
magic
anymore
after
the
talk
and
contributor
Summit
we'll
see,
and
they
will
also
be
from
time
to
time
in
the
AWS
Booth.
A
B
So
would
you
tell
us
a
few
words
about
that,
so
the
ins,
the
the
prompting
for
this
one,
is
that
about
a
year
or
two
ago
the
US
government
issued
a
some
instructions.
That
said
hey.
We
expect
things
to
improve
with
regard
to
software
software
Supply
chains,
so
that
people
know
with
confidence
the
source
of
the
of
the
software
component,
they're
they're
consuming
and
one
of
these.
B
Well,
you
you
make
a
you
make
a
good
point,
because
there
are
many
different
systems
that
manage
dependencies
right.
There's,
there's
the
maven
dependency
system,
there's
npm!
There's
the
python
pip
dependency
system,
there's
the
ruby
gems
dependency
system
right.
Each
of
them
has
interesting
and
useful
things
in
a
CI
context
that
may
need
consideration
as
part
of
this
kind
of
effort.
B
Then
there
is
an
additional
initiative
from
the
Linux
Foundation
that
is
attempting
to
make
it
much
easier
for
software
for
people
who
are
delivering
software
to
sign
their
components
with
a
a
verifiable
signature,
so
that
others
can
assure
not
just
what
the
software
bill
of
materials
might
say
as
to
what
are
the
components
of
this
thing,
but
also
here's
evidence
that
the
entity
that
said
they
were
creating.
It
is
actually
the
entity
that
did
create
it.
A
A
B
A
B
Anymore,
no
well,
but
your
point.
Your
point
is
very
well
taken
because
we've
had
to
sign
for
many
years.
Windows
installers
and
the
Jenkins
Windows
installer
has
been
signed
for
years,
but
it's
managed
as
a
very
very
carefully
administered
one-off
process,
because
the
signing
signing
certificate
is
secret
right
and
we
we
can't
expose
it
everywhere.
This.
B
This
signing
of
components
technique,
is
attempting
to
make
it
much
much
more
accessible
to
mere
mortals
like
me,
without
requiring
that
I
have
to
go
pay
extra
money
to
buy
a
signing
certificate
and
I
have
to
go
through
a
long
credentialing
process
to
prove
that
I
am
who
I
said.
I
am
to
the
certificate.
Authority,
though
there
are
all
sorts
of
complexities
in
these
signing
experiences
that
this
this
Linux
Foundation
component
is
trying
to
remove
or
reduce
the
the
friction
between
software
developers
and
the
signing
process.
A
B
And
that's
it's
it
for
me,
the
it's
analogous
to
the
kind
of
initiative
that
the
people
who
are
behind,
let's
encrypt
did
when
they
made
SSL
security
for
websites
much
much
more
approachable
there.
It's
still
non-trivial,
but
it's
very
much
more
approachable
and
it's
not
costing
thousands
of
dollars
to
SSL
secure
a
website
anymore,
and
this
is
the
same
kind
of
initiative.
Initiative
I,
think,
let's
bring
it
to
the
individual
developer,
the
ability
that
they
can
with
confidence
sign
a
component
so
that
others
know.
Oh.
This
was
signed
by
by
my
authorization.
B
A
I
see
that
was
interesting
anyhow,
any
other
topics
you
are
thinking
of
Mark,
none
from
me.
Oh,
it
looks
like
we're
done
pretty
efficient
meeting
once
more.
So
if
you
don't
have
any
other
remark
or
question,
let's
make
it
decide
it's
done.
So
the
recording
should
be
available
from
24
to
48
hours
and
see
you
in
the
next
platform,
C
ready
to.