Open dduportal opened 2 years ago
Additional issues that could have been made easier, related to plugins:
The idea seems fine 👍 The problem I see if that it creates a new dependency for a security release. If your build is not passing for whatever reason, it will be more complicated than the current "manual update" process. Keeping that option as a fallback could be good.
we are 10 to 20 (maybe more 😱 ) admins
We will have to play a game together to reduce this kind of broad access to a crucial system ;)
Note that due to https://github.com/jenkins-infra/jenkins.io/blob/3a83a37fcb6823232b70e06f481b8f95cd666885/scripts/fetch-external-resources#L36-L40 and https://github.com/jenkins-infra/jenkins.io/blob/3a83a37fcb6823232b70e06f481b8f95cd666885/scripts/fetch-external-resources#L59-L64, ci.j.io is currently an essential part of publishing changes like the advisory to jenkins.io.
if we decouple that by uploading these resources to Azure storage somewhere and downloading it during the site build from there, then we could publish the site while ci.j.io is unavailable. That would remove completion of ci.j.io maintenance from the critical path during advisory publication.
The problem I see if that it creates a new dependency for a security release. If your build is not passing for whatever reason, it will be more complicated than the current "manual update" process. Keeping that option as a fallback could be good.
Good warning, thanks for the feedbacks! The build process could fail for these reasons:
plugins.txt
support local file as well as direct download from any UC (default public but any private as well).WDYT?
Note that due to https://github.com/jenkins-infra/jenkins.io/blob/3a83a37fcb6823232b70e06f481b8f95cd666885/scripts/fetch-external-resources#L36-L40 and https://github.com/jenkins-infra/jenkins.io/blob/3a83a37fcb6823232b70e06f481b8f95cd666885/scripts/fetch-external-resources#L59-L64, ci.j.io is currently an essential part of publishing changes like the advisory to jenkins.io.
if we decouple that by uploading these resources to Azure storage somewhere and downloading it during the site build from there, then we could publish the site while ci.j.io is unavailable. That would remove completion of ci.j.io maintenance from the critical path during advisory publication.
Oh excellent point, thanks Daniel! Totally forgot about this element. I see it as a blocker for this issue, do you agree?
Side note: as soon as the Docker image for Core, and plugins can have staged releases, this issue would allows staging in advance the Docker image for ci.jenkins.io as well, which could be a great benefit!
I see it as a blocker for this issue, do you agree?
Right, but I would expect this to be relatively straightforward to clean up, so yak shaving shouldn't take too long if we consider this task valuable (assuming we can put not particularly valuable credentials on ci.j.io to store this stuff elsewhere, or migrate these builds elsewhere, but which would come with less visibility).
Summary
This issue tracks discussion and tasks to allow executing ci.jenkins.io with a custom built Docker image to allow controlling:
Why
There is no audit of which plugin was updated when on ci.jenkins.io. It's a concern for:
What
Fact: ci.jenkins.io runs as a Docker container based on the "latest LTS" official Docker image, in a puppet-managed virtual machine (config at https://github.com/jenkins-infra/jenkins-infra/blob/cb0d16ce3a0b7095dcbf45d9ed22c37d9a781259/hieradata/common.yaml#L171-L172 for ALL controllers, then eventual overides per VM in https://github.com/jenkins-infra/jenkins-infra/tree/production/hieradata/clients ).
Fact: The puppet code ensures that there are "some" plugins installed once the controller is started: https://github.com/jenkins-infra/jenkins-infra/blob/production/hieradata/clients/azure.ci.jenkins.io.yaml#L348-L390
=> Defining a custom built Docker Image, like we already do for the Jenkins controllers hosted in Kubernetes (https://github.com/jenkins-infra/docker-jenkins-lts and https://github.com/jenkins-infra/docker-jenkins-weekly) would solve all these issues.
However it would introduces the following challenge that need to be SOLVED with consensus before proceeding: