 Yeah, it's Ryan. Oh, we're running. All right. We're live. Hello everyone. My name is Martin d'Angelo and I'm the I'm one of the Jenkins Google summer of code organization Admins with the Jenkins organization this year and today is our part two of the Project presentations by our students. We are now at the coding at the end of coding phase two So we are in the in the evaluation phase of our projects So today we have we're combining two types of presentations We have presentations from JSOC students and we have a presentation from the outreach II The outreach II activity as well. So today, we're gonna have in order the following we're gonna have a presentation by Natasha stop on the plug-in installation manager CLI to a library the second presentation will be Jenkins pipelines for open-risk projects. This is a Libre core CI project and it will be presented by Nancy Joe ham Third presentation is an outreach II presentation. It's about the audit log plug-in Presented by Artie Raja to Ramon and I apologize for mispronouncing the names mmm, and the fourth presentation is the Jenkins howers plug-in UI improvements And our student is Jack shang so before I before I give the The presentation to Natasha. I would like to say that I would like to thank all our mentors and all our students for their contribution so far and We we are having a little bit of difficulties with the broadcasting today. So in in one hour from now If things go wrong, we will reschedule Whatever is missing. So just I hope that everything will work well. So fingers crossed fingers crossed. Okay. So I think we're ready. So Natasha Please oh leg. Yes. Yes. Yeah one comment before we start that if you have any questions Yeah, we have a YouTube broadcast But you won't be answering questions in YouTube instead of that we will be answering questions in the gitter chat So there is Jenkins CIG so seek a gitter if you're interested to ask any question just join this chat and we will pass the questions to presenters And yeah, this is our main channel basically for every activity. So at any moment feel free to join and ask there Okay, yeah for outreach here and for LibreCore CA we have other corny channels But I believe that students will present Their channels and their presentation. So yeah, I think it will be covered Okay. All right anything else Okay, I think Natasha you can start now. Thank you Hi everyone, I'm Natasha Stopa and let me get my Slides up. All right. So as I mentioned, my name is Natasha Stopa and My project is the plugin installation manager library Slash cli as part of the Jenkins Google summer of code So first I'm just going to give a quick overview of The point of this project and the benefits to the community. So One of the main benefits is better plugin tooling So basically allowing plugins to be downloaded before an instance of Jenkins starts Being able to see additional information about those plugins and then also having a library that can be reused across Different areas of Jenkins and different ways that you can start Jenkins And the end of at the end of my project the deliverable Deliverable will be a cli tool and a library that can be run independently or the library can then be incorporated into other areas of Jenkins So phase one mostly focused on Kind of like this basic skeleton of converting the existing Jenkins docker bash script to install plugins to java so we created kind of the basic functionality And released the first alpha but a lot of the features were kind of implemented in the most basic sense and then phase two is Trying to work on refining the work that was done in phase one adding additional features Trying to release additional alphas to get feedback from The community and get people to start using and testing it So I would say most of the work I did in phase two can fit into a couple different buckets So there was improving parsing so Just making that a little bit more robust. So instead of having the most basic input Trying to filter out like comments and blank lines adding yaml support for plugin input as well the second kind of Area of things I've been working on is docker compatibility So in the initial phase a lot of things were For example, like the update centers were hard-coded in and then In this coding phase, we've added support to try to Get those either through the cli or from environment variables and then also adding Windows compatible defaults And then the kind of like the last big bucket is Just additional features that people would actually want to use so This includes being able to see the plugins and their dependencies before you actually download them being able to see available updates and security warnings for your requested plugins Okay, so next I'll just do a quick demo So this is basically just how you can use this with docker. So getting closer to actually being able to incorporate the library into docker so this is basically the yaml format that That the tool can accept so Basically, you'll have this root element plugins and you'll define information about the plugins. So basically the plugin name Where you want to where you want to download it from so that includes either the version or the url I also it didn't make it into this demo, but I've recently added support for Actually a nicer format for getting the incrementals plugins from the incrementals repository. So having an option to also enter the group ID here as well And then just to kind of see a basic The basically that you can implement this in a docker file So you you can copy over Your plugin input either from your text file or your yaml file and then actually Run your jar on that input to go ahead and download those plugins And set that up before you start your Your jankin stalker So here's just a quick example of that um, so yep, basically the tool will go and um get the information about The plugins that you requested recursively download all the dependencies um, and then ultimately put that in a directory that you can specify or um You can also use the default one. Um, that then can be used for when you're starting out your docker instance Okay, so this is basically just going ahead and downloading them And so then I'll just show quick example of um Kind of how that looks like and if you um When you actually go ahead and install those plugins So now we're going ahead and um running this Okay, and then and then um So we'll actually see that our plugins are installed. Um for this set of plugins that I chose there were I think uh Uh, we'll see there's a bunch of security warnings, um, which we'll actually um talk about as well um We go and look at our plugins so we can see um, Basically the plugins that we requested and their dependencies have actually been installed Before this actually starts Okay, um, so then kind of the other thing that uh, I mentioned that we've been working on it are these sort of like new features Um, so as you saw when you um, just downloaded whatever plugins you specified without maybe knowing a little bit more information about them um That can you know, you might end up with plugins that are out of date or plugins that have security warnings that you Didn't know about so the second part of my demo is just showing um Basically some of these new cli options that I've added Okay, um, so this time just um, basically starting with um a plugin dot txt file um a pretty basic one um, and then actually running our um, basically the tool with um On this particular plugin file and then um listing all of the plugins um And their dependencies that will be installed. Um, so there's a couple different things that this option will show um So you can see basically, uh, all of your currently installed plugins the plugins that are already existing in your um uh I guess like war file or your bundled plugins. Um, and then plugins that will be downloaded. So kind of um, basically the set of all the dependencies and The plugins and the dependencies that you've requested and then um I guess also which ones will actually be downloaded. So given that you have some already installed Will this actually kind of change? Um, which ones will be downloaded? Um, that you've requested so Okay, so yeah, so basically these are all the plugins and their dependencies that you'll go ahead and install um So next is for all those plugins that you've requested. Are there actually available updates for those? So, um, if you have and this includes also the dependencies So you've requested some plugins and you can now see which ones have available updates And maybe you would want to change which plugins you actually install based off of that information And then um, basically the the last new piece is um, actually adding Yep, the security information So it's the same thing you can input your list of plugins so that can either be through your txt file or a yaml file Or actually just through the cli directly. Um, and then given those plugins you can actually see security warnings for That full set of like those plugins and the dependencies that would be installed before you even install them So, um, just kind of an overview of what's next. Um, so The unfortunately we're still working through some of the releases for this But basically we want to finish cleaning up and testing all of these changes And then release like an official version. So right now. I've just been doing kind of the pre release So just like alphas, but we actually want to release like a full working version of this and then actually then take that and incorporate that into the docker image and With the yaml file also add compatibility with um Jenkins configuration as code So this would be basically the way that would work is probably actually injecting the library before an instance of Jenkins starts so that you're not trying to download plugins from within The configuration is code, but you can set all of that up in the same yaml file And then continuing to add additional features So there are a couple Limitations right now that we're working through. Um, so the first is right now. We don't support downloading plugins from maven There are some issues where the plugin versions have to match exactly what's in the update center So for example, if you request 1.5, but the plugin and the version in the update center is 1.50 Then your plugin may not download. So something we're also aware of and working on fixing Um right now if there's any errors Basically the tool will just you know throw an error and stop This works. I think pretty well for docker images like that image won't even be created if there's an error But in case you're running it locally that might be a little bit more problematic. So we'd like to add some kind of support to restore the original directory or kind of deal with Leaving that directory in an inconsistent state where you might have some of the plugins downloaded, but not all of their dependencies And then the fourth probably a large one that we're working on is or will soon to be working on is Working on the performance Basically being able to download those plugins in parallel. So it goes a lot faster We were doing some speed tests this week and it turns out right now the the library is Quite a bit slower than the original bash script. So we want to get those close to being on the same level Yeah, so I can take any questions feel free to join our getter channel and Yeah, there's a link to the repository. So feel free to check it out. Like I said, we're still kind of working through some issues with some of the Latest releases but hopefully we'll get those worked out soon All right, um any questions Not in the getter chat Any questions from meeting participants? I have one question On the previous slide or the slide before You mentioned compatibility with jcask. Do you mean compatibility with jcask or integration with jcask? I think it was the slide before that Yeah, um It technically wouldn't be a full integration. So I think Well, I guess it depends. It really depends on how you define it Um, but I think some of the previous problems with installing plugins from uh, jcask is that you're Trying to install plugin from a plugin before the setup is even done So in some ways, this would be a little bit separate from that So basically being able to inject that like being able to install plugins separate from um jcask So that you can kind of do it before it's uh, that starts Um, yeah, so Yeah, does that clarify your question? Yes. Thank you. Okay. Yeah Okay, any other questions Yeah, maybe I have a question uh regarding supported for months Uh, what performance that we'll plan to support in version 1.0 and maybe later I mean input formats for plugging this Oh, this was for performance Um, I'm not sure that's a good question. Honestly, I don't think we had or I had really realized it was Uh, as slow as it was until um, like this week. So we hadn't really talked about it, but um So, yeah, I that's a good question. I'm not sure yet. Yeah, I was asking about Formats so basically file formats which we use as a Oh plugin to install Oh, I see. Um Hmm, that's a good question too. Um, I think probably just the txt and yaml file But if the people feel very strongly about that that there's um, other things that they really want supported for the first version We can probably do that I guess yaml and txt is perfect for the first version. Okay. If anybody wants to submit such feature requests How to do that? um, yeah, we have uh, they can submit um Jenkins JIRA tickets Um, also feel free to they can feel free to reach out to us on the getter channel um Yeah Okay, thank you. We have a question from the the getter channel. This is from Justin It says would you be able to use an internal proxy server with the plugin installation manager like senator type nexus? Or artifactory? um Yeah, I'm not Sure, I would have to get back to them on that There's the ability to use a custom url. So that might be What they need but um, yes, I don't know if that would help What they're looking what they're looking for there? Okay, thank you. I'm kind of like custom URLs if they'd like so Okay, thank you. Also. Good job. Natasha. It's really awesome Thanks Thank you. Okay Thank you for this presentation Natasha. Thank you for uh Good job. Actually, this is plugin. This plugin has been Has generated a lot of interest So People are excited about it Let's move on. Yeah, thanks Okay Yes for interact Hello, and yeah, my my connection will be will be unstable in an hour and so I'm sorry about that. Uh, so can I Be advanced that maybe, uh Yeah, it would have been much better if you let us know about it, uh 20 minutes ago, but yeah Nancy, are you fine with adjusting the sessions? Nancy, you are muted. Yeah, I'm sorry. Um Are you fine with the switching session with jack? Oh, yes. Yes, that's fine Yeah How about you rt Fine with that Okay Okay, so thank you. I think we're gonna proceed with a presentation from jack then And the presentation is The working hours plugin, uh, ui improvements Okay, so yeah, sir. Thanks jack. Thanks marketing. Uh, I'm Uh, I'm so sorry and I will I'll try to uh be quick So hello, hello everyone and this is jack shin For our working hours plugin. This is the second presentation Uh, of the working hours plugin in this project presentation. We uh, I will uh show the latest improvements of Uh, what we have done on this plugin during in the second the code phase uh My presentation will be mainly, uh, divided into three parts. The first would be, uh, the improvements Um, the overview and the second will be the demo and the wheel. We will test uh, some time and the data judge and Sometime and they excluded the judge in running wheeled tasks and the third part will be Some plans and useful links and also the question time Okay, the first first part is improvements and I mean what we have done to improve the improve the working hours plugin and the ui before and the first release of working hours plugin and has some shortage of Usability and like and The the time ranges and the dates imported and are should be hard coded and That will happen Many questions. There are any problems and also And it's in the system configure page and it's really cluttered So we need more usability improvements This is the uh currently currently ui and it's powered by reactive because reactor has and has to has so many ui components for us to to take advantage of Also, we add holiday presets I mean we can select Some preset holidays and we shouldn't we couldn't we could omit the operation of we And manually input at holiday Also, we still keep similar style with the original thinking style Okay, the second part will be the demo and i'm gonna running some test against some Excluded rule, okay, and I'm wrong. I had I had deployed This plugin into one of my server and here is the working hours configure page and here is the blotion ui and this displays a test task and we had Configure it to enforce build a schedule and you will obey the Uh the working hours we just we set in this In this plugin and We can see here is In my in my local time is 11 13 if I set it to such days From tab range from 8 to 20 and the issue and now it's outside of 10 range and if I click running now and We can see it's blocked by the working hours and is showing outside working hours and if I Wide within the time range to like to like Time much later and We just wait if I and if I run a new task now, sorry, that may be a little bug We'll continue to run me other tasks. Sorry Then and we also Oh, sorry because we because we have added a long excluded date and It's excluded by the date. We said if we remove the remove the date You can see the task is running So that's a that's my mistake And this task is is is running running. It's also running Uh, yeah, also and for excluded days, there are three types of excluded days and the For the first one is static date and that means the date is static like like we test Delight 25th here and it's automatically set automatically set to today and we save and close And the new task run started by us would be Will be blocked because according to the rule just as that and if we remove this rule it's running The second type is how they present I found the Croatian Croatian national days Um, exactly today and though we just uh, take uh, I would probably just Take convenience of it and we add this high day If we exclude this high day and the new task will be blocked And if we remove this high day it's running Also the third attack the third type is test dynamic Dynamic day mean means Means that a day is not on a static base and maybe uh, like Like for today For today is the first Thursday Every and we need to check dynamic and we like the first Thursday of July and save and close then the new task Will also be blocked. So if we remove the excluded dates it's running Yeah, if we don't set excluded days The new task will run indirectly. Okay the third part Are the other things like the first one is the plans for the code phase three and The working hours plans is to Is to write more tests and more more documents and the blogs Also, we want to support more regional holidays because the the holiday library we use You use we are using is job day and it does it better For today and maybe in the end holidays are Another present so we we so we want to implement that On our own also we want more ui improvements Also The online demo is deployed had this link and With username guest and we can and I can get you to the To the link Oh, yeah, it's already logging and Everybody can get log into this plugin use Username guest guest and the password literally password And you can send it send into this plugin and the work the plugins Your url will be On this and you can you can try to use this plugin and Yeah, and and we are we are looking forward to your feedback and Yeah, if you got if you got any devices on this Either ui or some or any feature or any bugs and we are Welcome we are welcome to your Feedback and then you can just send it to Your channel Genie and see Yeah, I working on this plugin also We are collecting we are collecting popular days Yeah Because jolly day's presence Is limited that we may need more ideas. So I created forms in google form and you can fill the form and To to give us some advices of your and Of some hard days that you think is is popular but not included in our presets Presets are here And you can chat you can check the presets and if you think there are some hard days that not That should that should somehow they should be popular but not present and then you can Fill the form and there will be really appreciate Will be will be really Appreciated if you can send us this form And some useful links are go and just the two links about Okay, and the sex for watching and I'm going to Answer some questions So so this is more more a comment than a question But one of the things that we're we're planning on doing in the third phase is Soliciting ui feedback from the community Um, I think the the ui is good, but it's it's always good to have another set of eyes on it Yeah We are looking forward to your feedback Yeah, I had one question about uh ui above Is it technically possible to break down the components you created for example calendar view et cetera and to offer Uh So for example, uh plugin developers can use your components during the development of your plugin Sorry during development there Sorry Sorry, sorry, I Is it Is it possible to use uh web ui components you created as a kind of library? So that we can reuse them in other plugins? Yeah, we are we're trying to create and We are trying to make it make it make it to to account and boilerplate and Other other plugins can use Use our and boilerplate and We we will add some uh Some already setting and We'll there should be a And go In this side of color in this side of color face Yeah, that's definitely something That's definitely Definitely something worth supporting but um in right right now using them Requires your your plugin to um to deploy a version of react so that the That that the plugins have have you know all the library stuff and that that's not available by default right now I don't think I have a question as well And I'd like to know if it's possible to upload um Upload a holiday Um From from the rest api or from some configuration file. Is that part of your yeah? That's a good it that's a good area Yeah, and do you mean like like have your own xml file that that lists your own holidays and you upload it somehow Martin yes, some something like that Um something that's you know a custom a custom So the the the library that it's using that um called jolly day has I believe has support for doing that type of stuff So it's probably something that we could wire up. Um, even if it's not done during gsoc, we could maybe do as a fast follow Okay Yeah, speaking of configurations. Is the jcask plugin supported? I I don't believe we we've tested it yet. So that that's a good question We would we like it to be I mean to to be supported just I think means that you're not Saving certain types of settings, right Well, I think a longer story than that So as long as you use the standard uh data binding mechanisms and Jenkins like data bound constructors and whatever It should be supported. But yeah, the devil is in details Yeah, that that's that's definitely a goal. So we will look into that Thank you I think question And that's all for my presentation. Thank you jack Yeah, thank you jack Thanks for watching Now now we all know what the uh the national holiday for Croatia is And uh, we can tell Jenkins to not build our During network maintenance or the Croatia national holiday Okay, let's move on to the next presentation The next one is okay, so The next one on the schedule is uh, Nancy And um, she's gonna present her work on the Jenkins pipelines for the open risk projects And it's a LibreCore's Organization project All right Yeah, yeah, so um Hi, yeah, uh, hi everyone. Um Hi everyone, this is Nancy So, uh, I've been um, I'm a google summer of code student under 4c foundation So I'll just share my screen So, uh, my project name is continuous integration for hardware projects on LibreCore's ci So I'll just tell you about 4c foundation. Uh, it's a non-profit foundation Its mission is to promote and assist free and open digital hardware designs It operates as an open inclusive and an independent group So, uh, LibreCore ci Is the project which comes under 4c foundation and olig is the core maintainer of it Uh, it's just an approach service to provide ci to hardware projects So currently, uh, I've been setting up demo ci flow for open risk project And, uh, I hope so that we target more in future And, uh, it is powered by Jenkins So, uh, since we are working on open risk project, so I'll just give a brief review about open risk Uh, basically it creates a free and open processor for embedded systems and It has all set of free open source tools libraries operating systems applications So, uh, the question arises that why we are working in with Jenkins Jenkins so Obviously for the reasons that it's free and open source project It's a framework and we can do whatever we want Like it we can have a self hosted setup For example, uh, remote build agents And the features we needed for our projects were multi branch pipeline We needed a lot of tool management plugins general purpose plug plugins like, uh, we have tap plugin performance plugin And for the security and shared Shared access engines. So these are the features which are provided with Jenkins and obviously we have success stories in this area Using Jenkins with hardware projects Yeah, so, uh, I'll just a review about the libra course ci infrastructure So as we can see from the diagram, um, it is basically powered by Jenkins like all the ci is done in Jenkins We have created a set of docker images Which includes set of edu tools or installation of all the tool chains and which we require for the hardware projects Like I like to give you a review of a demo Yeah, so we can see that, uh, this is a repository and, uh, it contains all the, um All the libra course docker images, which we use like this is the image which I've created Recently, uh, for the open-risk project So, uh, it is based on our standard libra course image, which, uh, install all the edu tools like yours is and this, uh, docker file includes It gets all the tool chains and Downloads and compile the all 1k test. Basically, it creates an environment which is required for the, uh, running of a test Uh, so, uh, coming back. So this was a brief introduction about the whole process Now coming back to the deliverables, uh, I just focused to modify the, uh, more 1k extravis ci flow To use the libra course ci docker image because it just speeds up the process Then, uh, we wanted to create jenkins file in open-risk project so that so that we, uh, we can have a faster process with jenkins and, uh, creating ci for your synthesis. Uh, so your synthesis, uh, it's it's a tool which Provides the monitoring resource usages It gives you all the printing statistics of how many, uh, wires we have Or cpu or the or the resource usages we have Uh, we want like then next was creating ci for open oscd gdb, which is used for debugging Then extending the jenkins file in open-risk projects To make yours's and open oscd a part of the build pipeline Then we wanted to, uh, detach the reusable logic to, uh, our pipeline library of libra course Uh, we wanted to add support for email notifications Then this was the major thing which we want to achieve Uh, we want to parse and visualize all the test reports for the open-risk projects And this can be achieved using jenkins plugins Then, uh, there's a fusoc which is a tool packet manager and, uh, it will be good if you can create something To call fusoc in its jenkins file and the fusoc based projects Will be automatically configured so it will save our time then, uh Then we uh, yeah, so this is the this is what has been achieved in phase one Uh, so we were able to uh, we were able to create multiple pipelines in open-risk projects So as you can see that we can create pipelines for more one kx and or one k modichino project Which are the projects under open-risk, so i'll just give you a demo So i just wrote a jenkins file for all the uh for for the more one kx project Which basically do uh, which basically checks out all the test And yes, so we have developed so now we can uh, so now this is in a working stage and we can see uh all the pipelines So and the same goes for the all one k modichino project. So this was the achievement of phase one Now, uh after the phase two after the phase one we had to we had to use the osis synthesis So osis is a framework for very long rto synthesis It was required for monitoring resource usages now We have a fusoc which uh fusoc, which is a tool packet manager and it has ice storm Which provides osis synthesis and it's back end So i just had to do some modifications with its core file So that we can so that we can have uh ice storm in our packet and we can generate a osis log for for the open-risk projects So, uh, we was we were able to successfully create osis log file Which has all the printing statistics of the project like as you can see the number of wires number of cell processes memory bits Now the next step was to represent this data With the help of jenkins plugin, uh, you know, you know graphical way So, uh, this is a quick start. Uh, we just need to follow these commands so that we can generate osis log file Now after that I created a parcel file Which basically fetches the important data which we require from the log file from the huge log file So I could get this kind of data which is uh, so I can get this kind of data now The work is in progress regarding So we want to use this data which we had generated from osis log to To we want to represent it in somewhere in this graphical method as it has seen in seen in this sample Images so for this we are working to working to use tap plugin so that we can show our test results of the open-risk projects And we want to use performance plugin To use to do that can be used for synthesis and pnr matrices So using jenkins simplified the method and we can present it very well So, uh, this is a work in progress and I hope uh, we will develop this until the end of the jsoc project Uh, then after this we have like we usually have a conversation on gitter So you can if you have any questions you can follow us here We remain quite updated on mailing list And you can check out my github dashboard for the for the progress timelines and also I I prefer to make blog post Explaining whatever I have done in detail So yes In the end I want to thanks Thank you to my mentor olig. Uh, he gave me quite. Uh, he gave me of Uh, a huge support regarding jenkins our library course ci And staff at honey. He is the uh core maintainer of open-risk project steven and uh, definitely fossey foundation for helping me out And jenkins for giving me an opportunity to, uh, present the work Yeah Thank you. Nancy Are there any questions? So no questions in the chat. Uh, maybe somebody would like to ask a question, uh, if you're on the call Yeah, or I can Probably ask a few questions if you didn't find They're just to repeat discussions we had before Uh, so yeah, originally open-risk projects. We are running on travis And yeah, what is your experience about migrating? definitions from travis to jenkins Are there any issues you experienced? And how was it for you? Yeah, okay. Um, thank you olig. Um, okay. So our first, uh, this is true like open-risk project has its own travis flow So we uh, we wanted to migrate it to jenkins. So as of now, I feel uh migrating to jenkins was a good option Because we have so many plugins and we wanted our uh, we wanted a lot of support like Like create like visualizing and passing the uh reports So that we can have a better view With the plugin support and we can create our own libraries. So it simplified our process So, uh, I think we can develop more in future with jenkins And libric or cim Yes I think this answers my question to you olig Yeah, right what I would like to add from the jenkins side. Yeah, well migrating. We hit some issues For example, if you open our jenkins file for open risk for modic project, you may see that there is a lot of configurations just Which are just implementing Uh, a kind of multi configuration run for matrix So it's one of the features which is heavily requested in jenkins community to have support of Monstrics configurations in declarative pipeline That I guess it would be something really helpful for this project Any other questions? If no questions, uh, yeah, thanks a lot, Nancy And uh, yeah, thanks a lot for your work as a mentor. I can say that uh, yeah, it's a hard project because We basically have to make contributions in multiple big hub organizations. Uh, which have completely different technology stacks So it's open risk. Uh, which is more Hardware design a lot of rtl code and very low than There is Libre course, which is rather about the jenkins jenkins files and docket definitions Plus there is a few soak which is mostly written in python And many other e-tools which just have a whole zoo of different technologies And basically Nancy in her project She handles all of these technologies in order to build an integrated CI CD pipeline Well, mostly CI pipeline for now, but eventually there might be some is cd bits as well For example hosting for Libre course and other bits So, yeah, I think that it's a great project and you already got a lot of improvements for Libre course system and yeah, I hope the project will continue so that We can offer more tools and more components for other open source hardware developers Okay, thanks Nancy So Martin has to leave at this So I'll probably take over the rest of the presentation unless marquee you want to do that or maybe you Jeff No, go ahead Okay So we have one presentation in Romanian I can take over if you need Okay, if my network breaks feel free to just take it over Okay, so the remaining presentation is for the outreach project this year We have two students working on outreach here. Basically outreach is a periodic program where Students just join Projects work on the mentorship of organizations pretty much like j-soc Just with different focus This is the second time we participate in this project. The first time was this winter Where we had a good progress with audit log plugin and this year Our students also continue working on that so we have our team on the call and She's one of the j-soc. Sorry outreach students this year So I'll let you present the project Hello everyone Hello everyone, I'm Ati Raja Raman. I'm also open by R in the project We are mentored by Maxi and Jeff Thompson And I like to say we are working on the audit log plugin project Using Apache log 4j audit. We are developing this plugin for jitgames Before the demo as this is our first call just to set the I like to say The context for the call here are the few pointers. I would say Auditing this is logging and need to audit their events and audit log plugin I'll start with the auditing versus logging In a typical application Developers add logging statements to help Diagnose problems or to document unexpected occurrences And these are normally referred to As a diagnostic blocks Generally the diagnostic blocks aren't helpful to determine the particular changes made by who and when it is made Uh on the other hand, uh, we have I'll tell about I'll tell about the audit logs Which is focusing on the identifying when a change was made who made it and what the data elements were changed And also it helps sometimes in troubleshooting the problems That though the troubleshooting is not a main purpose Uh that I like to see the key difference between audit logs and uh diagnostic blocks Which is like uh audit logs are generally free from with the content left up to our developer And but audit logs have a specific defined schema In many systems audit log or return to a database where the values are Placed or return in a specific columns and also sometimes other common destinations Uh in recent times, it is more common to see audit logs return to more SQL data stores where they can efficiently decorate Uh, I'll next I will continue. This is uh, this is the uh difference between auditing and logging Next I will continue with need to audit the events Uh, say for example in Jenkins environment where there is an item that deploys the code to the production and some changes happen often to them And change events or auditors so that figuring the cause for the impact Is here in the latest stages Might be if I put to uh put up to a general example audit logs are often used to uh generate reports that are of uh value to several reports for the organization For example, if an auditor at a bank might be interested in locating all the Accounts with more than three fail login attempts than the of the prior day Or all the transfers for more than like $10,000 It helps to identify the auditor to find the uh audit log of those uh, which he was searching And now I will come into a audit log plugin Uh audit log plugin helps us in auditing the defined events that are happening in the Jenkins environments The goal of our project is to release the plugin version 1.0 by the mid of next month So for the plugin uh is to audit we need to define the events and their audit attributes Uh as as per the Apache log 4j mandates the events are defined in a file called catalog json Currently we have defined a few events Uh, so basically we have something uh happens Uh, when something happens there are reasoners out to go to listen the event Which is happen and then the plugin uh logs the event audit events which are happening in the environment I would like to share the available events for the happening in the environment Uh, first is the user login user log out user password updated api keys updater creating user Start of a build and end of a build with information like the person were starting starting to build and ending to build And the creation of a new item copying updating and deleting the items creating updating and deleting the nodes And uh use of use of credentials from credentials source. These are the events with these are the available events in the Uh Jenkins environments and we do that by taking the fingerprint that the credentials plugin creates Also, currently we are working on the task that helps to add the events through an api By the end of it, uh, we will also be able to add new events from the third parties via api Um, now as we defined a lot of events and still defining them Uh, we also have to concentrate on getting the audit events to different destinations For now, uh, they are logged to a rolling file Rolling file, uh Then the location of the file is configured Otherwise, it goes in the logs folder in the Jenkins homes And I would like to share that guide to also recently enable the syslog destination Uh, where the logs are sent over? TCP to a different receivers Also, she worked on bringing up a ui ui in the Jenkins By having a whole rolling html file in the Jenkins user contact To the JDBC appender We also need to complete the Complete getting the logs to the to the appropriate database destinations Uh, I would like to have a short demo. I'll create an item Uh, this will make an event that is listened and audit log will be created For uh, for a freeze. I'll show you the html viewer So And uh, actually, uh, the audit log has already been the plugin has already been installed in the Environment, uh, I'll start with creating a new job Here you will be giving an uh item name Example like deployment Once uh Once it is the new job has been created it has been You can view the audit uh Auditored item of that uh item which we can see it over here In the audit screen and uh likewise, uh, we can we can audit a lot of events happening in the environment And uh, we are to document the whole thing and we'll do it shortly And Actually, we are proud to say that all of the code written so far is unit tested and A jpm writing process, uh, was also initiated but has to be continued and the draft submission has to take place I sincerely thank my mentors uh mark sicker and just comes in for helping us throughout and uh Thanks everyone Is any queries uh, thank you for the presentation. I have a question about uh, the release timelines uh, so When do you want to release the recent changes in the plugin most likely by mid of december Next month, sorry august Okay, thank you That's great to have more audit plugins in Jenkins Okay, could you please come again? Yeah, I just said that it's great to have a more audit functionality in Jenkins Because here when you maintain a big instance, it becomes a real problem to track down Who does what? Yeah, this plugin should help us a lot with that Any other questions? I might uh, would you like to add something? I don't have anything. This is a really great job everybody For doing all the work they've done. Thank you marketing Oh markets, okay You admitted yourself, so probably you wanted to say something Oh, yeah, because I thought you had said my name, but yeah, that was a great presentation and um Looking I was kind of wondering I suppose um about the no sequel databases you mentioned um, did you was there any you had in mind that might make sense or as like a Kind of like an initially supported one like that seems to be most common for um audit logging Like mongo db or couch db or elastic search or kassandra or something else We are not I mean, I know it's not on the roadmap for For now, but I'm kind of wondering if you like um when you were researching about audit logging. Did you come across any common? um, no sequel databases or is there just No real like uh winner there actually, uh, when I got when I went through I saw a few uh Places where no sequel data is where went through From there, I got an I got it. I got an idea about it Right. I'm asking like what kind which types of no sequel databases. Did you see? Do you remember any specific ones that came came across as more common that that's my question basically Uh, a few things well mentioned like uh, mongo db Okay, thanks that makes sense For me personally it would be interesting uh to have access to audit log data from lockstash So basically whatever back Can't lockstash supports mongo db or elastic search would be really helpful for this use case Any other questions or comments? Of sound So thanks a lot tall students for presentation. Thanks arty and nc natash and jeff Yeah, it was a great session And if you're interested to see more recordings, we had another session yesterday It's already published on youtube so you can go to jenkins youtube channel and find the presentations there This session will be published immediately after we finish the broadcast And if you have any questions After watching these presentations, just go to our g-source channel or use links provided by students so you can reach out directly in the retrospective Gitter channels and believe that every project we were presenting today is in beta He and get thanks all i'm going to stop at that broadcast unless there are any Questions or follow-up awards from participants Okay Then that's it. So thanks again everybody Thank you