 Hello and welcome to the infrastructure and Jenkins infrastructure meeting. We are the 28th of February. With Mark White, Stephen Merle, Bruno Varen and Kevin Martens present. We'll start with announcements. This weekly release is currently in progress. Doing fine, I think. I don't know if there are other announcements. Upcoming calendar next weekly is today. Next LTS is March the 8th. Yes, so next Wednesday, I think. Next security release. I don't know if it has been announced yet. Yeah, no, no public announcement of any security releases yet. Any other calendar events? Scale, yes, scale. Scale you're going to scale. Scale X. Yeah, so scale 20 X. March 10 through 12. Los Angeles, California. Mark attending. Listen, I will be there. I've got, I've got two weeks to get my, my, my clone of mini Jen ready. Assemble my box. For information. Hmm. Oh, the job is still running Stefan on the package. It's package a stage. Oh, interesting. Good. Okay. Sorry. No problem. We can go now to the issue we've done. We've worked on this week. This past week. Let's switch to get up. First, we had the. As you can show. For trusted. Which expired. We've been a little bit. Late to renew them. So. Stephen, can you. Let us a little bit more about it. Yes, we did renew. We did have a service principle for Azure on the model of Azure.net. Which was already done on the other side. It appeared to have a little problem with the password we use was not, was not the correct one from Terraform to get used. So as an emergency. Solution Damien said a temporary manually a temporary password. And we would have to check on that and to. Respawn the correct service provider for Azure, but we it's almost done. We were on that yesterday evening at like seven p.m. So next one. Hi, the Jenkins that I always been building folks for pre-quest on Jenkins. Hi, your components. It was my mistake. I forgot to add this repository to the one. The Github action was allowed to work on. The CID that Jenkins. GitHub app we are using for the. For the GitHub interaction. Is authorized on a specific repository, not every repository on Jenkins. And I forgot to add Jenkins. Component in that list. So it's now working. So I've closed as the plan is someone bringing an issue concerning Jenkins itself. I'm not seeing Jenkins infrastructure. Some issue about. Not a lot. We had we had an issue with to regenerate the. See that some script certificates. It was a little bit tricky as. Damian had to use. To install a subbot with. A bit. Scripts. Yeah. With the Python where the, where that, that issue. I interact on another one because he had to install. Python 3.8. On system that had 3.6. And in fact, that installation. Crushed APT and something else would, which needed. Python 3.6. So we had to work on and virtual environment part to have the correct. Python. Each tools. Kind of a little nightmare on. But it did a nice job. I think it's, it's working now. What. This machine has code. Is more and more. Yeah. Use. S. H. S. H. A. One. Instead of. Metable reference for. So. To use. Commit reference instead of. Fashion number. Which are. You can create a new tag. And. With the same. So I've used. And. And. Tools to. To transform. To. To use. Commit. Instead of. While keeping. As comments. So depending on updates. Both. I'm still being readable for. Thank you. Thank you very much for the comment. Because the show on while I appreciate that it is absolutely unambiguous. I have a very difficult time reading. Shaw ones and understanding what they are. Yes. I've. Initially. Modified every. Get up action and. Reading again. Daniel. Issue. I'm. Reading. Tim. Jack. And. Alex and their. Comments. I've. Excluded. Official. Get up. And. Jenkins. Get up action. From this. Spining. So. We won't be. Merge by dependent. But. Notification. As we. Trust. This. Origin. So every action. Get up action. Starting with. Get up. Action. Or Jenkins. And. This one. Yeah. I've. Because. Wrong example. No, yes. This one. This one has been closed because. Daniel. Not it. It was. Indeed. Official. Get up action. So. Yeah. So. I was. I had misunderstood so. Official. Get up actions. He's okay. He's okay. He's okay. He's okay. He's okay. He's okay. He's okay. He's okay. He's okay. Official. Get up actions. He's okay. With those using symbolic because we trust that they won't. Hijack. They won't replace a release for a V2 with another, an alternate V2. Okay. Good. All right. So we don't have to do this except for. Actions that are not official get up actions. And not Jenkins actions. Not actually. It's not a good political think of risk. In fact, we, we choose to trust them. Yes. So I have. I did the script I used to insert this. So we can use it again for other similar action. We need to point that it did an awesome job. His tool is, is great. With one tool, one script. One on the help desk. He was able to provide. He was on like 10 or 15 different repository. And, and dealing with all that. SHA. SHA. Versioning. So it's, it's really awesome. And we need to keep that sample. If we want to provide. Multi. Multi-gitter. You say multi-gitter. PR everywhere. It's really cool. Not, not only the SHA stuff. The way used to do that is really great. Good. Good job. Thanks. So next issue was about. Bill's taking you. We. We don't. We know why. Stefan noticed by. Taking on post resume. It's a. Start again or stop some. I don't know why. I don't know why. I don't know why. I don't know why. I don't know why. I don't know why. I don't know why. I don't know why. Since last week. We've. Last. We didn't notice. This issue anymore. Yeah, but we also increased. The. Our drive, don't we. Yes. On this one. Yeah. Yes. We choose to have a very high. Our drive because we were using way too much. So despite that we were using. We're going over the. The. Three sold that we had. And by choosing another kind of SSD. We were able to have better pick and become better. Three sold. Great to. One. Twenty four. Subgrade went well. No issue whatsoever. We had. There was a modification about. I don't know if we put it. In there. There was. A spec. Which has been. Deplicated. And. We had. We had until one that. Twenty five to. Version to resolve it, but we found the. Corresponding annotation replacing it. It was a. Specter. Good balance. IP. And it's now. Yeah. To deal with IPv6 and the IPv4. So it's use is useful. Yes. So we. We. We didn't add. Any. Particular problem about this separate. I'm sure all GitHub action and version are pinned on tracks. Is. The. End of. I don't know why. Yeah. I re-opened it because. My initial request puts the dependable configuration file in the wrong folder. So I had to. Made another round of requests to fix that. Move them to. The. Kitab folder instead of the. Kitab slash workflows folder. At my fault. For two trusted. That's. It was a remaining issue. To the corresponding trusted group. In. And. Is. Ssh. To the bastion and trusted machine. So we can access it. As he wants. And. Finally. Climkin score. It is. I don't. Remember. I know this one. If you want, it's the problem that. I know this one if you want, it's the problem that Docker CE doesn't install at the same time BuildX. So as we were using BuildX, we had to install that by ourselves on the site. So Damian did a new release of PackerImage 060.1 and we had a problem with 060.0 because the AMD failed at the building so when we send it online we were missing one. So it did 060.1 and this one everything went fine, that was a temporary error and it deployed and we now have a specific installation for BuildX. So is BuildX, the removal of BuildX from Docker CE is intentional by Docker? Yes. Yes. It's installed if you leave, when you use APG you can leave all the packets it wants you to install but we removed that on the installation so that's why it's not pushed. So programming doesn't make it obvious that it was a breaking change for many people in an organization. Now we can go to the current issue, Trusted CI doesn't spawn new nodes, it's related to the service principle issue Stephens spoke about before. It should be working for the current release and there is additional work to do. Damian wrote what we need to do next. And some third jobs is failing, we should see today if the weekly release is working as it did and it was because Boxfair needed a virtual call. That's the Python problem, yes, that's what. Again, yes. Since there has been many issues related to Boxfair, I've opened an issue to see if we could replace it by an azetly command, CLI command. Last time we had this question, we wondered if we could do sim link with azet and since we can, I think we should let it to account, the first one is someone who doesn't know. We have asked them to send us an email from, we gave them the email associated to this user so they can try to reset the password themselves. The other one is in progress, I think we have to respond to them, send us an email, we have to take care of it. As your credential for third CI is expired, I think the service provider too. I think so, in short term, a new certificate has been issued and in long term, we have to ensure it can be automatically done. Atlaster, private, nothing has been done since last week, we still have to move different services from the current product, the new private one, the title is not the good one anymore. The title is not quite explicit, if you go down, you will understand. This one is about the load charge on certain Jenkins.io and now we have to see how we can isolate BumBuild from the other, so they don't keep all agent. Next, we have the code signing certificate renewal process and renews the signer certificate for Jenkins. We are working on it with Stefan and Marc. I don't know if we had any news from the desert since last week. No news from DigiCert, I'm going to have to contact, I will contact them directly this week to understand if they're blocked, if they're ignoring us, what it means, so I'll connect with DigiCert directly. I've implemented the certificate caching proxy on some new repository. I have my pull request for backend extension on the Excel ready for review. I've added two pipeline meta.utils and pipeline step doc generator. I have to review the one for the Java doc generation since it's failing and I'm continuing adding an artificial caching proxy to more builds. I have the biggest one, I think remaining is the acceptance test harness. But I have to see how I can do it since it's mainly working on Docker and working on it. And finally, Raleigh and Repo. Jenkins.ci.org on my mission. I don't know if there has been any progress since last week. Did we receive the last log from Gifford? They sent us the link three days ago, but I can't download from that link. And so I've asked for a new set of logs. And then this week I'll do more analysis on those logs and we still expect that the biggest consumer is that thing in China. And we're hoping they'll find a way to let us block that consumer. If not, we may have to use some devious techniques like blocking specific very old Jenkins war files or somehow throttling them so that they take a very long time to download. I'm not sure what techniques we'll need to use, but that abusing consumer, we don't know how to reach them. We don't know how to ask them to stop because we don't know how to contact them. With that last issue, I think we are done for this week. Anything, any questions? In the backlog, I don't think we have any. Let me check quickly. For the infraction, we got because we still have the alerts on the windows, some windows agents that have a low hard drive. We did extend the hard drive, but I think we discovered that there is two partition. So we need to understand why it's creating a second partition if we can remove it, if we can only have one. But it's it's not really obvious. So we can maybe those ones are the window ACI. That's that's the one. For now, we are we have been progress for windows. But more of them have to be upgraded to assist the hard drive or similar improvements. This one we can, yeah, we'll, as a long term issue, we'll send them. I don't remember. Yeah, we will shut down the Chinese Jenkins data version. Yes. No, I'm not I'm not overly concerned about doing that very quickly. But certainly Kevin, Kevin and I both have interest in it in the from the documentation side because we've started to receive bug reports from Chinese users who are reading outdated Chinese translations. Whereas if they'd read the English, they wouldn't have submitted that bug report. I think that's it for this week. Any questions? So, okay. So, see you next week. Bye. Thank you. Bye.