 But your voice is a little faint. I can hear it fine, but if you can make it louder for the recording, it might be nice. Oh, OK, well, so let's let me do some checking here. Maybe I misconfigured. No, it's using my condenser mic. So is that any better? Slightly. Huh, weird. OK, so. Well, it doesn't sound like it's blurred or, you know, something. It's not breaking. So who knows. OK, well, let's we'll go with it as is. The mic's in as good a position as I can really make it. So we'll we'll run with that. OK, good. All right. So it's Docs Office Hours. It's the 25th of October. Proposed topics review the change log for the the weekly release. It'll be out tomorrow and then security restructuring. And so make if you're OK, let's go through the change log review first and we'll we'll adapt it and get it done. And then OK, so let's see that is GitHub Jenkins.io. OK, pull requests. And so here's the change log. OK, so OK, so this is. A rework for formatting of an old one. No problem. All right, here we go. Two dot three hundred eighteen. So add a constructor. OK, this one, add a constructor matching super is not something that end users need to be told about. So let's take that one and make it skip change log. OK, yeah, I don't see. Oh, it's it's listed as developer. OK, so. So they intentionally want to tell people about this new API only developers, so let's do this change log entries. Why did that not get it did add extreme to. OK, they thought about it. They assigned it developer. OK, so there we go. And then type next one. OK, bump the markup for matter. This one doesn't definitely does not need to be in the change log. This is just a plug in upgrade. Skip. OK, OK. Next, this one, internal. Remove unsafe classes copied. OK, OK, that that looks fine to me. It's it needs to be in the upgrade guide. So we definitely want it here. OK, then sixty six nine forty seven executor and may now be implemented as I was muted. Oh, go ahead. The previous one. The syntax says that Apache ant has been deprecated. Right. The remove unsafe classes that have been deprecated from Apache ant or something. So so the reason why they use the word copied is they had been copied into the Jenkins code base. No, no, I get that. I'm just it's the sentence. That the copy from Apache ant, which has been deprecated. It needs needs to be something of the classes that have been deprecated. And OK, so here, let's let's let's go through the work. That's the pros. OK, so let's work that work the pros. And here we go. OK, so what you're suggesting is it should say remove deprecated. Ah, that does it. Yes. Unsafe classes previously copied from OK. Is that all right? Yes. Now, do we need that October twenty nineteen deficit in there? Yeah, so I mean that that just supports we could put it in parentheses after deprecated. Yeah, for me, that breaks the flow if I put it there. So it does. The question is how important is it? And I don't think that the date of deprecation is. Is that crucial? Yeah. OK, so you OK with it as phrase there? Yeah, that sounds that's very good. OK, all right. OK, now back to where we were then. So executor listener may now be implemented as a static extension. That looks reasonable. Update tooltips to be consistent across Jenkins. That needs a full stop. So let's put the full stop on the end. And it Eric is added. Wait a sec. OK. I don't understand this. OK, update tooltips to be consistent. Where is that text? There it is. Proposed changelogs entries. There we go. OK. OK, so we got the full stop at the end there. We removed this one just to be sure. Let me double check. Yes, it said skip changelog. OK. All right. So I think we've completed the edits. Let's see. Let's look at the others just to be sure. All right, so we've got I don't see any there that are dramatic enough. Then we've got a bunch of French translations. This one generic one, several improvements to the French translations. But that doesn't really work for us, does it? We actually could do that, but we would have to do it after the release. So what for me, it's not really. Yeah. It's it's. It's a valid thing. But the the pull request generator doesn't really have a way of saying, please combine these two or three into one. Right. And OK, so we'll leave, which is she can go in and fix it. Right. Well, yeah, if if she has a strong preference, we can certainly take that feedback and make sure we do it differently in the future. And it isn't, you know, it's fixes. It's not something more that got a translation. Correct, that's right. All right. So we are set there and revised. Let let me do a quick check to see if there's something ready to merge that would then cause that to be processed. So do we have anything that is oops, wrong site? Just a minute. GitHub core. Pull requests. And I would like to see ready for merge. No, ready for merge. OK, so no luck. See, is this one? Basel's approved it. I don't see any that need merging that are ready to merge. So no. OK, out of luck. OK, so it'll just revised. We'll need another PR merged to process the to include the updated content. OK, so. Let's talk security restructuring. So make you want to give an overview of the the things that you've learned and the things that are in progress. OK, Lee, I could send you. Do you want links? Sure, if you've got them. OK, we have. And I can get to them. Basically, we had there were holes. It was a mess. We had redundancies between them. I started picking at it and trying to fill in some holes. And then Daniel and I are comments. We were like just going crosshags and we got on a phone call. We really wanted the same thing. We had a couple of slight minor different approaches that didn't matter at all. Um, oh, I know, I know what I need to do. I need to exit full screen and then I can get to my stuff. I bet. Yes. Um, so I get too many windows and too many tabs open. So now I have lost the meeting. Where are you? Oh, there we go. So putting in chat. The Google Doc that sort of made out what we were doing and. OK, and so you say in chat. So here we go. Got it. And I need to ask for access while I'm asking for access. So you'll need to open it on your side. Oh, yes. I thought I'd given you access to this already. And maybe you had in my CloudBees account that request came from my my personal account. Um, huh, it's not filling anything in for me. If you open your email, you it would it will offer to let you click one button that would then grant me grant me access. Oh, OK, good. Let's see if we can do that. God, all the the changes in moving to a different email there. Did that do it? Let's see. Open. Yes, it did. Perfect. Now I've lost my cab that has my. Ah, there we go. And also in chat now. Is the PR. OK. Yeah, and the PR I've got. So the PR is in the document. Oh, they put it in the Google doc. That was good of me to. OK, all right. So so concepts then. Top level, securing Jenkins and then a second page. So each of these numbered items is another page, right? That's actually a commit because since I made the PR so huge, I decided to just put links to the commits for the individual. Yeah, that was one thing I kind of wanted. I was going to put background concepts in the index.a doc file. And Daniel felt strong. He wanted sort of that high level story about security, which actually I like it now that I see it and put, you know, these are all your things because what I'm seeing to is we may have some topics that don't even have pages in this section. Like, for instance, I if I find the right stuff for credentials, I'm not sure we need to say anything other than be sure you use credentials for, you know, your external stuff. And here's how you set them up. And here's how you pull them in your pipeline. And that may be all we need. OK. Yeah. And that makes a link to stuff that's in here. OK, so what I was going to do is bring up your the visible form of your pull request here in in this. So let's see. And so this is securing Jenkins. OK, so this is now looking at so background concepts is here. As a separate subsection, good. All right. And I'm lousy at titling stuff. I'm not sure I like the. It has concepts and it has how Jenkins executes a pipeline. And that was the best title I came up with. But if you see anything better, please say so. Yeah, so this well, this is all nice. OK. And so in the in the body of it, you've also placed a brief description of each of the subsections so that so that they could either navigate from here at the top right or can navigate from the text here. Right. Excellent. OK, that's brilliant. OK. So background concepts then is. Security, the foundational security principles and then Jenkins specific. What it means to run a pipeline in Jenkins from the security perspective. Great. And we get the nice navigation of we can walk forward and back through the list. Good. OK, this looks gorgeous, Meg. Thank you. Well, I wouldn't go so far as say gorgeous, but it's it's something we can at least work with to continue to improve it. OK, so there's a broken link there that I'm not sure I understand why. Oh, because that should be going to the Jenkins access control page. Yeah, and I think it's going. I think it needs to go one level up. OK. No. Oh, yeah, it just needs to go one level up. So it's a needs to the hyperlink needs to be checked. That's all. Oh, OK. Let me I guess don't need to keep you on the line for that. I'll work with that. Yeah, well, and link checking we can do separately. Right. It's just this this is me checking navigation. So that's great. Very nice. So rendering user content. Oh, now that's interesting. This one. Oh, right. This is the table of contents for this page. Right. Not for not navigation other pages. I navigate other pages from here and here. OK. Good. All right. This looks gorgeous, Meg. Really excellent. It's a step forward. And then if you go back to the Google Doc at the end of it, there's some big things that are missing, but I think we can add them later. Is are these the things? Yes. OK, so credentials. We've actually got a page on credentials right now. Let me see if I can get the link to that one. Right. You just sent it to me. And then the question is whether there is. And how you found that, I don't know. I guess it's a search is not right. I think I found it with Google search. OK, yeah, it's only when you find stuff that we can't find. So where is but where is it? Maybe it's using Jenkins. Definitely not there. My sort of high level thought is when we're done, I would like this chapter to list everything we know about that can impact the security. Yeah, I think that's right. And it may be that it just, you know, something used credentials go here for information. But what I'm thinking of is so that some Daniel or somebody like him, our Vodic, can periodically look at this. And is there anything that's come up that's not here? Right, right. This should be comprehensive, even though the information may not all be here. There's no, we don't want duplicated information, certainly. Right. OK, so OK. And we and I, because I've also got to see the pipeline reference does have some information about credentials. You have to open the page and do a control F to find it. OK. And it's I'm not. It's nice reference material. If I didn't know what I was doing, I'm not sure I might want to beat that up somehow. But and it but it may be some place that I'm not finding it. So I'm going to look some more. Great. OK. And and it might be that there are guidelines from Daniel for credentials, like, you know, how often should you change them and this sort of stuff? Right. We have a one liner along with used distributed builds. But apparently I did not know this, that you can't you shouldn't run agents in the same docker container as the controller. Yeah, I'm. I'm trying to envision who would think that that was a healthy thing to do, because that's just another way of expressing that I'm running a and running something on the controller. OK, yeah, that good, good, good point. That's it's good that we should be explicit and say, hey, do not. Do not run things on the controller. And that includes running things inside the docker container that is running the controller if you're using docker. Right. And when we saw that when Daniel, I was like, he took off saying, oh, yeah, because this and this and this and this can happen. It was actually really interesting material that right get written down. But if he just he might want to put a couple of sentences, I can see for the same reason that we need to tell them why they shouldn't run on the build and build in node. It's not obvious to me that that that something running on that note is going to be able to get into all the other workspaces and stuff. So right. Backups. I have not found anything about excluding that your secret key or master key or whatever it is from your backups. Yeah. And and there's I don't recall that there's anything in the documentation on backups at all. My recollection was the last time I had seen it was it's this page that says it's a work in progress. Yeah, or work. Can we we should say work not in progress? Yeah, you're you you cause my excessive precisionometer to go off scale. But yes, absolutely. It's this is this is not yet written. Problem is, we don't have a very good answer for backups, right? And Jenkins. Oh, I have a lot of plugins that are last I checked. They were all up for adoption. Yeah, but I think we've got an excellent story. First story is use the backup system provided by your your operating system or hosting vendor. And use it because, for instance, if you're running on AWS and you're using or if you're running on open open Susie or Susie Linux or if you're running on FreeBSD, those are all systems that have the concept of a snapshot based file system. And so the easiest way to take a back up in those cases is you just create a snapshot and the snapshot is almost instantaneous. It's so fast because what it does is it records the file system is this big transaction log is what it is in these in these in these transactional file systems like FreeBSD and Susie Linux has it and and others Ubuntu is getting it, for instance, and and with a transactional file system. Now, all you have to do is record the point in time and now you can reconstruct that thing at any time. Oh, do we ever tell them to actually make Jenkins home its own mount point? I don't we don't. But I actually don't think we need to. OK, you said to take the file system and I was thinking that. Right, but but given given the way these trends of these snapshotting file systems work, you can use you can use you can create a subsection of it. There are all sorts of ways to do that. You don't necessarily have to put yourself on the dedicated. And I was thinking about security. I mean, I'm still my first job was running backups, by the way, for a research team in the 70s. And and actually we actually wanted the other another competing lab had somebody break into the lab with a great big magnet and run it over all the mag tapes and destroy all their data. So, you know, so I think of that. But does anybody run backups to external media anymore? I think lots of people run backups to external media. But the external media that they're doing is probably. Hard drive somewhere. Right. It's still external media because they've got to be they've got to be off site. Right. But so we can. OK, so have you done to make sure it's secure? But if you're running, if you're doing backups to the cloud, do you gain something by putting your backups in, say, two different geographies or? Yes. Yeah, that's again, there's most of the cloud vendors are I don't know that they'll if you're usually if you're doing a backup to the cloud, you'll back up in a way that you'll rely on the cloud vendor to protect the data by putting in multiple locations redundantly. Right. So put in a little bit of that softly. And then and I do have something that very good. I think it's very good anyhow from the existing training material that explains that master.key is the name of the file, I think. But what it's for. Yes. And how to manage it. And that that I think with Daniel, Daniel said, throw that on a thumb on a couple of thumb drives that people take somewhere far away, keep locked up in secret or something. But right. The the crucial the crucial thing with the master key is with it and some skill, you can decrypt every other potential in the system. And so the master key needs to be safeguarded. Right. Yeah, because you got your both you want to make sure your backup files don't get corrupted so that you can use them if you need them. And you also want to make sure that nobody can use those to steal your system. Right. Pipeline author who's talking about most of this stuff is admin, but for pipeline, I don't know what we're going to do with that stuff. And the single and double quotes issue he mentioned as he's getting a lot of calls on that. And and we've got sections on that already in there. So yes, we need to. So let's see how would I find it to them string interpolation. Yes, this thing. Yeah. And sensitive environment variables and why you don't want to do this, but you should do this instead. I don't know. There is. I mean, do we want. Should this chapter have a page on it that's notes for pipeline developers because really, or should I or the alternative is to do a security page for pipeline on the pipeline stuff? I think we want both. Yeah. And you may want to create one page and we just link it from both places. OK, so maybe while on the theory that it should be here so that Daniel, so it's on Daniel's list when he exactly I'll do that. And then we can figure out what else we want to write. Then if if we want to find a way to include it in the other section, we could we could consider that. And then the don't disable the sandbox, which the best thing I know is still Tyler's old blog. I haven't looked for that for a while to know if it's out there or not. Yeah, let's do a quick check. Don't disable the sandbox. There's Tyler's blog post. I still I love reading this because I can hear him saying it. Yes, yes. And him naming him naming a groovy method Hulk smash. Yes, this is great. Oh, I miss Tyler. It rate over rebuild deleting it. Yeah. So actually it'd be nice to have a little and I don't completely understand to see if I can find some on what the sandbox is for. Yeah, yeah, so it's that's described, I think here. Sandbox, groovy sandbox. So this is a description of what the sandbox is, right? OK, yeah, it'd be good. OK, yeah, I think a lot of this. And I think then that what Daniel wanted, I got the feeling that Daniel has a lot of information he wants to add, but the structure was such a mess. Then you can just go in and grab a file and fix it. So OK, makes sense. And the last one on my list is the big nasty that nobody wants. But we constantly tell people to monitor their system for intrusions. And we don't give them a clue about what they're looking for. OK, unless you know, read your log regularly. And if somebody says, hey, I'm about to steal your data. Right. That's a hint. Take that hint, run with it. But I think, you know, and it's I mean, we can't cook. Look at that. If you look for this, look for, you know, and if you don't find any of those, you haven't been intruded. But we we ought to be able to give them some hints. I mean, one of one of them, I think is probably the old fashioned one of just read your logs regularly. So when you see something unusual, you notice it. Look for it. Right. Unusual. Well, or you might have some examples that we could, you know, can configure configure your logs, your something to scan your logs and create filters that remove lines that are uninteresting in your scan so that what you see is things that are interesting. And then you just learn to tune your tune your filters. Right. OK, great. That's where we are. Excellent. That's an interesting one. I don't don't know the first thing about that. Well, and I'm willing to end early tonight. I'm a little weary and would would benefit from some extra sleep. So. Oh, dear. What's been going on? Oh, just just been a very busy time. OK, worker play. Both. OK. So anything else that you and I need to discuss here, Meg, or should we call ourselves done for tonight? Oh, one more quickie. Do you still have the page up where it's where the doc is built? I can get it up. It's right here. Yes, sure. Go to the distributed builds. The second second one. Just this one. OK. Yes. Um, and scroll down. I think that's where this is. I've got a quick explanation of. Nodes and of know what's a node. What's an agent? What's an executor? Is that in here someplace? And it's so create nodes and agents. OK, so we need to do some work on the on the links. There it is. There it is. Distributed components. OK. That is too long for here. But I went over the chapter on managing nodes. Has they it has something obscure that I don't even know what it's there for. It has a really nice video that Darren hope did. And I think I'm going to copy this whole thing in Toto and put it over there as an intro to Darren's. Oh, good. Yeah, that would be great. And then I'm going to pair this one way down, but I'm not going to pair this down until it's merged over there so I can link to it. That makes sense. So they don't need to know here. I don't need to tell them it's a jar in this sort of stuff. Right. But that's one thing it's so much of this stuff. I look at it and it makes sense, but I it wasn't so long ago that I didn't understand any of this. And I was so confused by what's a node and what's an agent and what's an executor. Right. The concepts, the concepts are certainly important. The distinction for me between nodes and agents is is more subtle than that I'm accustomed to, right? Because for me, I just think of controllers and agents. Right. But Daniel has very specific reasons why he likes to be sure that we mentioned the concept of a node and because a controller is a node and an agent is a node. So that the concept is a bridging term between controllers and agents. Well, when I first started, yeah, and I got I got the Kool-Aid about agents and then how do you create an agent? You manage a node. And I'm like, no, I just want to do the agent. And and that I find that I don't understand because in that case for me, the term node and agent are interchangeable, but Daniel may know better on what why. When I go to the you, I want to create an agent and I have to go to the UI and create a node. And and then and then my and the fact that the agent sort of the software on there. And OK, so and the other. So here, and then we know your surprise is this thing, a new node. And for me, I just ignore that word node and think agent. Yes. But here again, it says node name, even though it's doing if I can do this, I've never tried this. How about we're copy built in? No. Oh, that's cool. Very nice. And then, of course, on this from the end, we never actually tell them how they populate what's on that agent either. This gets them an agent. Oh, I'm just experimenting. Sorry. Go ahead. I know this is interesting. I see what you're playing with. I was just trying to understand if if agents were if, well, that's yeah, there's the UI uses the term node and Daniel stared at this enough that I'm confident if he thought it was a correct change, you would have long ago changed it to agent and he has not. And therefore there is there are important and relevant distinctions there that it should stay that way. At least that's my assumption. An agent would have a label, but a node would not, right? That that is that is a distinction I can't make because I look at this and this is definitely an agent. It has delete agent on it and yet it's under nodes and this is an agent. In fact, all the things here online or offline are all agents, right? So I'm not clear on the transition between node and agent for me someplace. I should make sure it's here someplace. I saw an explanation that says this is what a node the agents to jar file the node is sort of the hardware piece sort of maybe that's it. Okay, virtually indistinguishable in practice. And I think that's the useful thing to put in. Okay, that know that they are kind of two different things but you don't really need to care about it. Right. But yeah, so that's all I've got this week. Okay, well, let's call it good. Thanks very much for your time. Thank you, go get some rest. All right, talk to you later. You go yourself, we'll talk to you soon.