[personal note] Leaving employer

[Jenkins, Rodney J (Rod)]

All,

I am leaving my employer.  However, I intend on continuing the work with this 
group, if you will still have me.  I will be subscribing under my personal 
email.

Thanks,
Rod.

RE: Re: TomEE 7 Docker Images

[Jenkins, Rodney J (Rod)]

Richard,

We can move them to Temurin, but the tags would have to change.  I am fine with 
doing that work, if we plan on making future changes to TomEE 7.

Unless there are any objections, I will move this to Temurin the next time we 
change 7.

Rod.

-Original Message-
From: Richard Zowalla  
Sent: Thursday, November 17, 2022 1:07 PM
To: dev@tomee.apache.org
Subject: [EXTERNAL] Re: TomEE 7 Docker Images

Can we switch to another OpenJDK vendor, which provides patched base images?

Gruß
Richard

Am Samstag, dem 12.11.2022 um 04:49 + schrieb Jenkins, Rodney J
(Rod):
> All,
> 
> I had to remove the TomEE 7 images from the Official Images 
> repository.  Currently, they are only set up for OpenJDK, which is no 
> longer available.
> 
> We need to do one of the following:
> 
> 
>   1.  Remove TomEE 7 from the tomitribe/docker-tomee repository
>   2.  Move the TomEE 7 images to a newer JDK/JRE
> 
> While I did remove them, the old images should still be available 
> until we decide what to do from here.
> 
> Thoughts?
> 
> Thanks,
> Rod.
> 

TomEE 7 Docker Images

[Jenkins, Rodney J (Rod)]

All,

I had to remove the TomEE 7 images from the Official Images repository.  
Currently, they are only set up for OpenJDK, which is no longer available.

We need to do one of the following:


  1.  Remove TomEE 7 from the tomitribe/docker-tomee repository
  2.  Move the TomEE 7 images to a newer JDK/JRE

While I did remove them, the old images should still be available until we 
decide what to do from here.

Thoughts?

Thanks,
Rod.

Re: [ANN] Apache TomEE 8.0.13

[Jenkins, Rodney J (Rod)]

All,

I see some new warnings when building the Docker images for 8.0.13:


WARNING: Please consider reporting this to the maintainers of 
org.apache.openejb.ClassLoaderUtil
WARNING: Use --illegal-access=warn to enable warnings of further illegal 
reflective access operations
WARNING: All illegal access operations will be denied in a future release

Are these something, we should be concerned about when shipping?

Thanks,
Rod.


-Original Message-
From: Jenkins, Rodney J (Rod)  
Sent: Thursday, October 27, 2022 11:25 AM
To: dev@tomee.apache.org; us...@tomee.apache.org; annou...@apache.org
Subject: [EXTERNAL] Re: [ANN] Apache TomEE 8.0.13

Nationwide Information Security Warning: This is an EXTERNAL email. Use CAUTION 
before clicking on links, opening attachments, or responding. (Sender: 
dev-return-30140-JENKIR14=nationwide@tomee.apache.org)

--


I missed this!!   I will get the containers updated tomorrow.

Rod.

From: Richard Zowalla 
Sent: Tuesday, October 25, 2022 2:52:24 AM
To: dev@tomee.apache.org ; us...@tomee.apache.org 
; annou...@apache.org 
Subject: [EXTERNAL] [ANN] Apache TomEE 8.0.13

Nationwide Information Security Warning: This is an EXTERNAL email. Use CAUTION 
before clicking on links, opening attachments, or responding. (Sender: 
dev-return-30114-JENKIR14=nationwide@tomee.apache.org)

--


The Apache TomEE team is pleased to announce the availability of TomEE
8.0.13

Apache TomEE delivers enterprise application containers and services based on, 
but not limited to the Enterprise JavaBeans Specification and Java Enterprise 
Edition Specifications.

These releases primarily provide bug fixes, documentation and update the 
dependencies TomEE uses.

Full release notes:

- https://tomee.apache.org/8.0.13/release-notes.html
-
https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12312320&version=12351820

Downloads are available at: https://tomee.apache.org/download.html

- The Apache TomEE team

Re: [ANN] Apache TomEE 8.0.13

[Jenkins, Rodney J (Rod)]

I missed this!!   I will get the containers updated tomorrow.

Rod.

From: Richard Zowalla 
Sent: Tuesday, October 25, 2022 2:52:24 AM
To: dev@tomee.apache.org ; us...@tomee.apache.org 
; annou...@apache.org 
Subject: [EXTERNAL] [ANN] Apache TomEE 8.0.13

Nationwide Information Security Warning: This is an EXTERNAL email. Use CAUTION 
before clicking on links, opening attachments, or responding. (Sender: 
dev-return-30114-JENKIR14=nationwide@tomee.apache.org)

--


The Apache TomEE team is pleased to announce the availability of TomEE
8.0.13

Apache TomEE delivers enterprise application containers and services
based on, but not limited to the Enterprise JavaBeans Specification and
Java Enterprise Edition Specifications.

These releases primarily provide bug fixes, documentation and update
the dependencies TomEE uses.

Full release notes:

- https://tomee.apache.org/8.0.13/release-notes.html
-
https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12312320&version=12351820

Downloads are available at: https://tomee.apache.org/download.html

- The Apache TomEE team

RE: Rename master to main -> update local copies

[Jenkins, Rodney J (Rod)]

All,

I will get https://github.com/tomitribe/docker-tomee/ done this week.

Thanks,
Rod.

-Original Message-
From: Richard Zowalla  
Sent: Tuesday, August 16, 2022 4:44 AM
To: dev@tomee.apache.org
Subject: [EXTERNAL] Rename master to main -> update local copies

Nationwide Information Security Warning: This is an EXTERNAL email. Use CAUTION 
before clicking on links, opening attachments, or responding. (Sender: 
dev-return-29790-JENKIR14=nationwide@tomee.apache.org)

--


Hi all,

INFRA completed the rename operation from master to main for

- https://github.com/apache/tomee
- https://github.com/apache/tomee-site-generator
- https://github.com/apache/tomee-release-tools
- https://github.com/apache/tomee-tck
- https://github.com/apache/tomee-jakarta
- https://github.com/apache/tomee-jakartaee-api
- https://github.com/apache/tomee-patch-plugin
- https://github.com/apache/tomee-chatterbox

If you have a local clone, you can update master to main by running the 
following commands:

git branch -m master main
git fetch origin
git branch -u origin/main main
git remote set-head origin -a

I already adjusted the CI checkout points and the GitHub action workflows, so 
we should be fine.

Gruß
Richard

RE: [DISCUSS] Renaming of master branches to main?

[Jenkins, Rodney J (Rod)]

+1

-Original Message-
From: Richard Zowalla  
Sent: Thursday, July 28, 2022 10:55 AM
To: dev@tomee.apache.org
Subject: [EXTERNAL] [DISCUSS] Renaming of master branches to main?

Nationwide Information Security Warning: This is an EXTERNAL email. Use CAUTION 
before clicking on links, opening attachments, or responding. (Sender: 
dev-return-29738-JENKIR14=nationwide@tomee.apache.org)

--


Hi all,

I would like to get the community's opinion on renaming the "master"
branches for the TomEE related repositories to "main".

I see quite a few ASF projects (and other OSS projects) have made the change 
and I personally think we should, too, for the same reason of promoting 
inclusivity (see [1]).

I think we would need to update the target branch of the outstanding PRs, 
update GitHub actions, update the Jenkins build config + local checkouts. 
Anything else?

Thoughts?

Gruß
Richard


[1] https://sfconservancy.org/news/2020/jun/23/gitbranchname/

Re: OpenJDK is no more? [action required, please]

[Jenkins, Rodney J (Rod)]

All

A couple of days ago Tianon over at Official Images updated my PR with the 
following:

"Whew, you are not kidding - that is a very large matrix. It reminds me a lot 
of the tomcat list 
(https://github.com/docker-library/docs/blob/master/tomcat/README.md#supported-tags-and-respective-dockerfile-links)
 which is similarly totally out of control and we've been seriously considering 
slimming down to a very small set (like at most one variant per Tomcat version) 
and at most providing example Dockerfiles for users who need something outside 
the smaller matrix, because not only is it kind of obscene to maintain such a 
large matrix of possibilities, it also actively makes the life of users more 
difficult ("which tag should I use?", etc). 😬"


We may have to make some decisions in the future.  However, if we want to keep 
the options as we have them, David (or someone with clout) may want to 
explain/defend what we are doing.

For now, I am going to ask them to approve the PR, 
https://github.com/docker-library/official-images/pull/12385

Thanks,
Rod.



On 5/6/22, 9:57 PM, "Jenkins, Rodney J (Rod)"  wrote:

Nationwide Information Security Warning: This is an EXTERNAL email. Use 
CAUTION before clicking on links, opening attachments, or responding. (Sender: 
dev-return-29452-JENKIR14=nationwide@tomee.apache.org)


--


All,

I have created the PR to the official images folks for the new TomEE images.

https://github.com/docker-library/official-images/pull/12385

Please go out and look at the new tags.  I have included many tags so that 
users can be very selective on the images they wish to use.

If anyone has an issue, please comment here or in the PR.  This was very 
complicated and I hope I did not make a mistake, lol.

Thanks,
Rod.


On 5/2/22, 12:41 PM, "Zowalla, Richard"  
wrote:

Thanks Rod!!

Am Montag, dem 02.05.2022 um 17:33 + schrieb Jenkins, Rodney J
(Rod):
> All,
> 
> I have added the Semeru images for Java 11 and 17 for TomEE 8 and 9.
> 
> Anything else anyone wants?
> 
> Thanks,
> Rod.
> 
> 
> 
> On 4/30/22, 12:35 PM, "Zowalla, Richard" <
> richard.zowa...@hs-heilbronn.de> wrote:
> 
> Nationwide Information Security Warning: This is an EXTERNAL
> email. Use CAUTION before clicking on links, opening attachments, or
> responding. (Sender: 
> dev-return-29380-JENKIR14=nationwide@tomee.apache.org)
> 
> -
> -
> 
> 
> Maybe 11 + 17 for OpenJ9/Semeru? ;)
> 
> Thanks.
    > 
> Gruß
> Richard
> 
> Von: Jenkins, Rodney J (Rod) 
> Gesendet: Samstag, 30. April 2022 19:12:40
> An: dev@tomee.apache.org
> Betreff: Re: Re: Re: OpenJDK is no more?
> 
> Alex,
> 
> That explains why I did not see it, lol.
> 
> 
> 
> All,
> 
> I have created this PR for review:  
> https://github.com/tomitribe/docker-tomee/pull/66
> 
> This is not final, so if we want to add Semeru, I just need to
> know what java versions we would like to add.
> 
> Thank you,
> Rod.
> 
> 
> On 4/30/22, 11:16 AM, "Alex The Rocker" 
> wrote:
> 
> Nationwide Information Security Warning: This is an EXTERNAL
> email. Use CAUTION before clicking on links, opening attachments, or
> responding. (Sender: 
> dev-return-29378-JENKIR14=nationwide@tomee.apache.org)
> 
> -
> -
> 
> 
> Hi Rod,
> 
    >     You won't find any Semeru/OpenJ9 image based on Alpine,
> because this
> JVM is not supporter on Alpine (alas...)
> 
> Thanks,
> Alex
> 
> Le sam. 30 avr. 2022 à 18:10, Jenkins, Rodney J (Rod)
>  a écrit :
> >
> > Richard,
> >
> > I am fine with providing a Semeru/OpenJ9.  Would we want
   

Re: OpenJDK is no more? [action required, please]

[Jenkins, Rodney J (Rod)]

All,

I have created the PR to the official images folks for the new TomEE images.

https://github.com/docker-library/official-images/pull/12385

Please go out and look at the new tags.  I have included many tags so that 
users can be very selective on the images they wish to use.

If anyone has an issue, please comment here or in the PR.  This was very 
complicated and I hope I did not make a mistake, lol.

Thanks,
Rod.


On 5/2/22, 12:41 PM, "Zowalla, Richard"  
wrote:

Thanks Rod!!

Am Montag, dem 02.05.2022 um 17:33 +0000 schrieb Jenkins, Rodney J
(Rod):
> All,
> 
> I have added the Semeru images for Java 11 and 17 for TomEE 8 and 9.
> 
> Anything else anyone wants?
> 
> Thanks,
> Rod.
> 
> 
> 
> On 4/30/22, 12:35 PM, "Zowalla, Richard" <
> richard.zowa...@hs-heilbronn.de> wrote:
> 
> Nationwide Information Security Warning: This is an EXTERNAL
> email. Use CAUTION before clicking on links, opening attachments, or
> responding. (Sender: 
> dev-return-29380-JENKIR14=nationwide@tomee.apache.org)
> 
> -
> -
> 
> 
> Maybe 11 + 17 for OpenJ9/Semeru? ;)
> 
> Thanks.
    > 
    > Gruß
> Richard
> 
> Von: Jenkins, Rodney J (Rod) 
> Gesendet: Samstag, 30. April 2022 19:12:40
> An: dev@tomee.apache.org
> Betreff: Re: Re: Re: OpenJDK is no more?
> 
> Alex,
> 
> That explains why I did not see it, lol.
> 
> 
> 
> All,
> 
> I have created this PR for review:  
> https://github.com/tomitribe/docker-tomee/pull/66
> 
> This is not final, so if we want to add Semeru, I just need to
> know what java versions we would like to add.
> 
> Thank you,
> Rod.
> 
> 
> On 4/30/22, 11:16 AM, "Alex The Rocker" 
> wrote:
> 
> Nationwide Information Security Warning: This is an EXTERNAL
> email. Use CAUTION before clicking on links, opening attachments, or
> responding. (Sender: 
> dev-return-29378-JENKIR14=nationwide@tomee.apache.org)
> 
> -
> -
> 
> 
> Hi Rod,
> 
>     You won't find any Semeru/OpenJ9 image based on Alpine,
> because this
> JVM is not supporter on Alpine (alas...)
> 
> Thanks,
> Alex
> 
> Le sam. 30 avr. 2022 à 18:10, Jenkins, Rodney J (Rod)
>  a écrit :
> >
> > Richard,
> >
> > I am fine with providing a Semeru/OpenJ9.  Would we want
> that or 8, 11, and 17?
> >
> > I do not see an alpine image, so it would just be adding a
> ubuntu image.
> >
> > Rod.
> >
> >
> > On 4/30/22, 1:30 AM, "Zowalla, Richard" <
> richard.zowa...@hs-heilbronn.de> wrote:
> >
> > Nationwide Information Security Warning: This is an
> EXTERNAL email. Use CAUTION before clicking on links, opening
> attachments, or responding. (Sender: 
> dev-return-29375-JENKIR14=nationwide@tomee.apache.org)
> >
> > ---
> ---
> >
> >
> > Hi,
> >
> > I think, that Alpine would be a great addition to
> shrink the images
> > sizes if it isn't too much work.
    > >
> > I am also wondering, if we should provide a
> Semeru/OpenJ9
> > runtime - but I guess, that there isn't too much need
> for it, so it is
> > super low prio :D
> >
> > Gruß
> > Richard
> >
> >
> >
> > Am Freitag, dem 29.04.2022 um 21:18 + schrieb
> Jenkins, Rodney J
> > (Rod):
> > > Hello all,
> > >
> > > There is more information on the PR I noted earlier.
> > >
> > 

Re: OpenJDK is no more?

[Jenkins, Rodney J (Rod)]

All,

I have added the Semeru images for Java 11 and 17 for TomEE 8 and 9.

Anything else anyone wants?

Thanks,
Rod.



On 4/30/22, 12:35 PM, "Zowalla, Richard"  
wrote:

Nationwide Information Security Warning: This is an EXTERNAL email. Use 
CAUTION before clicking on links, opening attachments, or responding. (Sender: 
dev-return-29380-JENKIR14=nationwide@tomee.apache.org)


--


Maybe 11 + 17 for OpenJ9/Semeru? ;)

Thanks.

Gruß
Richard

Von: Jenkins, Rodney J (Rod) 
Gesendet: Samstag, 30. April 2022 19:12:40
An: dev@tomee.apache.org
Betreff: Re: Re: Re: OpenJDK is no more?

Alex,

That explains why I did not see it, lol.



All,

I have created this PR for review:  
https://github.com/tomitribe/docker-tomee/pull/66

This is not final, so if we want to add Semeru, I just need to know what 
java versions we would like to add.

Thank you,
Rod.


On 4/30/22, 11:16 AM, "Alex The Rocker"  wrote:

Nationwide Information Security Warning: This is an EXTERNAL email. Use 
CAUTION before clicking on links, opening attachments, or responding. (Sender: 
dev-return-29378-JENKIR14=nationwide@tomee.apache.org)


--


Hi Rod,

You won't find any Semeru/OpenJ9 image based on Alpine, because this
JVM is not supporter on Alpine (alas...)

Thanks,
Alex

Le sam. 30 avr. 2022 à 18:10, Jenkins, Rodney J (Rod)
 a écrit :
>
> Richard,
>
> I am fine with providing a Semeru/OpenJ9.  Would we want that or 8, 
11, and 17?
>
> I do not see an alpine image, so it would just be adding a ubuntu 
image.
>
> Rod.
>
>
> On 4/30/22, 1:30 AM, "Zowalla, Richard" 
 wrote:
>
> Nationwide Information Security Warning: This is an EXTERNAL 
email. Use CAUTION before clicking on links, opening attachments, or 
responding. (Sender: dev-return-29375-JENKIR14=nationwide@tomee.apache.org)
>
> 
--
>
>
> Hi,
>
> I think, that Alpine would be a great addition to shrink the 
images
> sizes if it isn't too much work.
>
> I am also wondering, if we should provide a Semeru/OpenJ9
> runtime - but I guess, that there isn't too much need for it, so 
it is
> super low prio :D
>
> Gruß
    > Richard
    >
>
>
> Am Freitag, dem 29.04.2022 um 21:18 + schrieb Jenkins, Rodney 
J
> (Rod):
> > Hello all,
> >
> > There is more information on the PR I noted earlier.
> >
> > Essentially, OpenJDK 17 is being dereplicated.  In addition 
OpenJDK 8
> > and OpenJDK 11, "are not updated on an extreme priority."
> >
> > Given this new information, I propose the following:
> > Move immediately to Temurin for Java 17.  (There have been many 
+1
> > votes for this)
> > We add a Temurin option for Java 8 and 11 should we lose 
support for
> > those.  We would still leave OpenJDK as the default.
> >
> > These additional images will be using Ubuntu as the OS for
> > Temurin.  OpenJDK will stay with Debian.  As long as we are on 
the
> > topic of OS, there has been demand for Alpine for smaller 
images.  I
> > am also willing to add an Alpine option.
> >
> > I am going to start on these this weekend in hope of having a PR
    > > ready for review middle of next week.
> >
> > If anyone has thoughts or comments, please chime in.
> >
> > Thanks,
> > Rod.
> >
> >
> > On 4/27/22, 6:22 PM, "Jenkins, Rodney J (Rod)" <
> > jenki...@nationwide.com> wrote:
> >
> > Nationwide Information Security Warning: This is an EXTERNAL
> > email. Use CAUTION before clicking on links, opening 
attachments, or
> > responding. (Sender:
> > dev-return-29359-JENKIR14=nationwide@tomee.apach

Re: Re: Re: OpenJDK is no more?

[Jenkins, Rodney J (Rod)]

Alex,

That explains why I did not see it, lol.



All,

I have created this PR for review:  
https://github.com/tomitribe/docker-tomee/pull/66

This is not final, so if we want to add Semeru, I just need to know what java 
versions we would like to add.

Thank you,
Rod.


On 4/30/22, 11:16 AM, "Alex The Rocker"  wrote:

Nationwide Information Security Warning: This is an EXTERNAL email. Use 
CAUTION before clicking on links, opening attachments, or responding. (Sender: 
dev-return-29378-JENKIR14=nationwide@tomee.apache.org)


--


Hi Rod,

You won't find any Semeru/OpenJ9 image based on Alpine, because this
JVM is not supporter on Alpine (alas...)

Thanks,
Alex

Le sam. 30 avr. 2022 à 18:10, Jenkins, Rodney J (Rod)
 a écrit :
>
> Richard,
>
> I am fine with providing a Semeru/OpenJ9.  Would we want that or 8, 11, 
and 17?
>
> I do not see an alpine image, so it would just be adding a ubuntu image.
>
> Rod.
>
>
> On 4/30/22, 1:30 AM, "Zowalla, Richard"  
wrote:
>
> Nationwide Information Security Warning: This is an EXTERNAL email. 
Use CAUTION before clicking on links, opening attachments, or responding. 
(Sender: dev-return-29375-JENKIR14=nationwide@tomee.apache.org)
>
> 
--
>
>
> Hi,
>
> I think, that Alpine would be a great addition to shrink the images
> sizes if it isn't too much work.
>
> I am also wondering, if we should provide a Semeru/OpenJ9
> runtime - but I guess, that there isn't too much need for it, so it is
> super low prio :D
>
> Gruß
>     Richard
>
>
>
> Am Freitag, dem 29.04.2022 um 21:18 + schrieb Jenkins, Rodney J
> (Rod):
> > Hello all,
> >
> > There is more information on the PR I noted earlier.
> >
> > Essentially, OpenJDK 17 is being dereplicated.  In addition OpenJDK 
8
> > and OpenJDK 11, "are not updated on an extreme priority."
> >
> > Given this new information, I propose the following:
> > Move immediately to Temurin for Java 17.  (There have been many +1
> > votes for this)
> > We add a Temurin option for Java 8 and 11 should we lose support for
> > those.  We would still leave OpenJDK as the default.
> >
> > These additional images will be using Ubuntu as the OS for
> > Temurin.  OpenJDK will stay with Debian.  As long as we are on the
> > topic of OS, there has been demand for Alpine for smaller images.  I
> > am also willing to add an Alpine option.
> >
> > I am going to start on these this weekend in hope of having a PR
> > ready for review middle of next week.
> >
> > If anyone has thoughts or comments, please chime in.
> >
> > Thanks,
> > Rod.
> >
> >
> > On 4/27/22, 6:22 PM, "Jenkins, Rodney J (Rod)" <
> > jenki...@nationwide.com> wrote:
> >
> > Nationwide Information Security Warning: This is an EXTERNAL
> > email. Use CAUTION before clicking on links, opening attachments, or
> > responding. (Sender:
> > dev-return-29359-JENKIR14=nationwide@tomee.apache.org)
> >
> > 
-
> > -
> >
> >
> > All,
> >
> > I was notified of the pull request below.  Long story short:   
We
> > need to choose a different JDK to run on our docker images.
> >
> > At the moment I'm not sure what all the choices are.   When I
> > looked at this before, I suggested Eclipse Temurin.
> >
> > Does anyone have a preference or others to consider?
> >
> > Thanks,
> > Rod.
> >
> >
> > https://github.com/docker-library/openjdk/pull/495
> >
>

Re: Re: OpenJDK is no more?

[Jenkins, Rodney J (Rod)]

Richard,

I am fine with providing a Semeru/OpenJ9.  Would we want that or 8, 11, and 17?

I do not see an alpine image, so it would just be adding a ubuntu image.

Rod.


On 4/30/22, 1:30 AM, "Zowalla, Richard"  
wrote:

Nationwide Information Security Warning: This is an EXTERNAL email. Use 
CAUTION before clicking on links, opening attachments, or responding. (Sender: 
dev-return-29375-JENKIR14=nationwide@tomee.apache.org)


--


Hi,

I think, that Alpine would be a great addition to shrink the images
sizes if it isn't too much work.

I am also wondering, if we should provide a Semeru/OpenJ9
runtime - but I guess, that there isn't too much need for it, so it is
super low prio :D

Gruß
Richard



Am Freitag, dem 29.04.2022 um 21:18 +0000 schrieb Jenkins, Rodney J
(Rod):
> Hello all,
> 
> There is more information on the PR I noted earlier.
> 
> Essentially, OpenJDK 17 is being dereplicated.  In addition OpenJDK 8
> and OpenJDK 11, "are not updated on an extreme priority."
> 
> Given this new information, I propose the following:
> Move immediately to Temurin for Java 17.  (There have been many +1
> votes for this)
> We add a Temurin option for Java 8 and 11 should we lose support for
> those.  We would still leave OpenJDK as the default.
> 
> These additional images will be using Ubuntu as the OS for
> Temurin.  OpenJDK will stay with Debian.  As long as we are on the
> topic of OS, there has been demand for Alpine for smaller images.  I
> am also willing to add an Alpine option.
> 
> I am going to start on these this weekend in hope of having a PR
> ready for review middle of next week.
> 
> If anyone has thoughts or comments, please chime in.
> 
> Thanks,
> Rod.
> 
> 
> On 4/27/22, 6:22 PM, "Jenkins, Rodney J (Rod)" <
> jenki...@nationwide.com> wrote:
> 
> Nationwide Information Security Warning: This is an EXTERNAL
> email. Use CAUTION before clicking on links, opening attachments, or
> responding. (Sender: 
> dev-return-29359-JENKIR14=nationwide@tomee.apache.org)
> 
> -
> -
> 
> 
> All,
> 
> I was notified of the pull request below.  Long story short:   We
> need to choose a different JDK to run on our docker images.
> 
> At the moment I'm not sure what all the choices are.   When I
> looked at this before, I suggested Eclipse Temurin.
> 
> Does anyone have a preference or others to consider?
> 
> Thanks,
> Rod.
> 
> 
> https://github.com/docker-library/openjdk/pull/495
> 

Re: OpenJDK is no more?

[Jenkins, Rodney J (Rod)]

Hello all,

There is more information on the PR I noted earlier.

Essentially, OpenJDK 17 is being dereplicated.  In addition OpenJDK 8 and 
OpenJDK 11, "are not updated on an extreme priority."

Given this new information, I propose the following:
Move immediately to Temurin for Java 17.  (There have been many +1 votes for 
this)
We add a Temurin option for Java 8 and 11 should we lose support for those.  We 
would still leave OpenJDK as the default.

These additional images will be using Ubuntu as the OS for Temurin.  OpenJDK 
will stay with Debian.  As long as we are on the topic of OS, there has been 
demand for Alpine for smaller images.  I am also willing to add an Alpine 
option.

I am going to start on these this weekend in hope of having a PR ready for 
review middle of next week.

If anyone has thoughts or comments, please chime in.

Thanks,
Rod.


On 4/27/22, 6:22 PM, "Jenkins, Rodney J (Rod)"  wrote:

Nationwide Information Security Warning: This is an EXTERNAL email. Use 
CAUTION before clicking on links, opening attachments, or responding. (Sender: 
dev-return-29359-JENKIR14=nationwide@tomee.apache.org)


--


All,

I was notified of the pull request below.  Long story short:   We need to 
choose a different JDK to run on our docker images.

At the moment I'm not sure what all the choices are.   When I looked at 
this before, I suggested Eclipse Temurin.

Does anyone have a preference or others to consider?

Thanks,
Rod.


https://github.com/docker-library/openjdk/pull/495

Re: OpenJDK is no more?

[Jenkins, Rodney J (Rod)]

Swell,

Excellent questions:

What is the prerequisite:
  I can only speak for the docker images  The main prerequisite that I 
would have is that there is an official image in this list:
  https://github.com/docker-library/official-images/tree/master/library

JDK vs JRE:
  JRE would be preferred.  Better security and small image size.

Binary installer vs zip/tar archives vs container images:
  I am only speaking for container images.


Thank you,
Rod.

On 4/28/22, 4:35 AM, "Swell"  wrote:

Nationwide Information Security Warning: This is an EXTERNAL email. Use 
CAUTION before clicking on links, opening attachments, or responding. (Sender: 
dev-return-29362-JENKIR14=nationwide@tomee.apache.org)


--


Azul Zulu or Coretto could be a choice too.

What is the prerequisite ?
JDK vs JRE ?
Binary installer vs zip/tar archives vs container images ?

Temurin seems to have container images
https://github.com/adoptium/adoptium/issues/140

Azul Zulu seems to have container images too on docker hub.
https://registry.hub.docker.com/r/azul/zulu-openjdk#!

-Swell

On Thu 28 Apr 2022 at 01:22, Jenkins, Rodney J (Rod) <
jenki...@nationwide.com> wrote:

> All,
>
> I was notified of the pull request below.  Long story short:   We need to
> choose a different JDK to run on our docker images.
>
> At the moment I'm not sure what all the choices are.   When I looked at
> this before, I suggested Eclipse Temurin.
>
> Does anyone have a preference or others to consider?
>
> Thanks,
> Rod.
>
>
> https://github.com/docker-library/openjdk/pull/495
>

OpenJDK is no more?

[Jenkins, Rodney J (Rod)]

All,

I was notified of the pull request below.  Long story short:   We need to 
choose a different JDK to run on our docker images.

At the moment I'm not sure what all the choices are.   When I looked at this 
before, I suggested Eclipse Temurin.

Does anyone have a preference or others to consider?

Thanks,
Rod.


https://github.com/docker-library/openjdk/pull/495

Re: Re: Re: Follow-up to 8.0.11: Update of release documentation

[Jenkins, Rodney J (Rod)]

Thank you!


On 4/23/22, 4:18 AM, "Zowalla, Richard"  
wrote:

Hi Rod,

I updated the release tools (with TOMEE-3921), so we are now creating
consistent hashes regardless of the tooling used (homebrew release
tools vs linux onboard), i.e. it will be " filename".

Gruß
Richard

Am Freitag, dem 22.04.2022 um 21:41 +0000 schrieb Jenkins, Rodney J
(Rod):
> <<
> Do you have a preference for automation in your environment and
> for
> docker?
> 
> My only preference is consistency.  I have no technical preference
> one way or the other.  I can script it either way.  I do not want to
> alter Dockerfiles each time we do a release.
> 
> Thanks,
> Rod.
> 
> 
> On 4/22/22, 11:32 AM, "Richard Zowalla"  wrote:
> 
> Nationwide Information Security Warning: This is an EXTERNAL
> email. Use CAUTION before clicking on links, opening attachments, or
> responding. (Sender: 
> dev-return-29302-JENKIR14=nationwide@tomee.apache.org)
> 
> -
> -
> 
> 
> Hi Rod
> 
> > My counterparts have reported that the sha files are in
> different 
> > format than the last version, but the same as 8.0.7. 
> 
> >It would be nice if we could have a permanent standard.   When
> we
> >change the formats, it breaks automation on our end and in the
> docker
> >images.
> 
> I agree - this time, the SHA512 hashes are created using our 
> https://github.com/apache/tomee-release-tools 
> 
> I quickly checked the other releases (1.7.x, 7.x, 7.1.x), which
> follow
> the same pattern.
> 
> BUT I agree, that it was different in previous TomEE 8 releases -
> perhaps the SHA512 hashes were not created using the tomee-
> release-
> tools. Nevertheless, we can enhance the release tools to follow
> the
> unix like pattern:
> 
>  filename
> 
> instead of
> 
> 
> 
> I have no preference ;) - for the first option, we need to update
> the
> release tools to include the filename to the .sha512 files. That
> would
> beconsistent in case the release hashs aren't created via the
> tomee-
> release-tools.
    > 
> Do you have a preference for automation in your environment and
> for
> docker?
> 
> Gruß 
> Rchard
> 
> 
> 
> 
> Am Freitag, dem 22.04.2022 um 15:26 + schrieb Jenkins, Rodney
> J
> (Rod):
> > Richard,
> > 
> > Thank you for the release and congrats on your 1st release.
> > 
> > My counterparts have reported that the sha files are in
> different
> > format than the last version, but the same as 8.0.7.
> > 
> > It would be nice if we could have a permanent standard.   When
> we
> > change the formats, it breaks automation on our end and in the
> docker
> > images.
> > 
> > I've not had the time to verify this for myself, I will get to
> that
> > in the next couple of days.
> > 
> > Thank you,
> > Rod.
> > 
> > From: Zowalla, Richard 
> > Sent: Friday, April 22, 2022 1:37 AM
> > To: dev@tomee.apache.org 
> > Subject: [EXTERNAL] Follow-up to 8.0.11: Update of release
> > documentation
> > 
> > Hi all,
> > 
> > after conducting my first release, I put my notes together and
> > updated
> > our release documentation:
> > https://tomee.apache.org/dev/release-tomee.html
> > 
> > It might not be complete and might require some further
> polishing but
> > I
> > think, that this will help others in conducting a release. The
> > initial
> > ASF-related setup + GPG keys requires some effort ;)
> > 
> > In general, we learned that teaming up (committer + pmc) for a
> > release
> > works quite well and it was a pleassure to work with JL on
> 8.0.11 :)
> > 
> > Most of the mechanical steps can be conducted with committer
> access
> > privileges (building, tagging, nexus/maven deploy, staging
> artifacts
> > to
> > dist/dev); some formal steps like open/close the VOTE, moving
> the
> > artifacts from dist/dev to dist/release require a PMC member to
> be
> > involved.
> > 
> > Gruß
> > Richard
> 
> 

Re: Re: [ANN] Apache TomEE 8.0.11

[Jenkins, Rodney J (Rod)]

Richard,

I added your key to the Docker files.  Can you please verify your information 
here:

https://github.com/tomitribe/docker-tomee/pull/65/files


Also, if someone would review the changes, I would appreciate it.  If it is not 
approved on Monday, I will merge.

Thank you,
Rod.


On 4/22/22, 11:32 AM, "Richard Zowalla"  wrote:

Nationwide Information Security Warning: This is an EXTERNAL email. Use 
CAUTION before clicking on links, opening attachments, or responding. (Sender: 
dev-return-29303-JENKIR14=nationwide@tomee.apache.org)


--


Thanks, Rod!

Am Freitag, dem 22.04.2022 um 15:21 +0000 schrieb Jenkins, Rodney J
(Rod):
> I will get started on the Docker images.
> 
> Thank you,
> Rod.
> 
> From: Richard Zowalla 
> Sent: Friday, April 22, 2022 5:00:58 AM
> To: dev@tomee.apache.org ; 
> us...@tomee.apache.org ; annou...@apache.org
> 
> Subject: [EXTERNAL] [ANN] Apache TomEE 8.0.11
> 
> Nationwide Information Security Warning: This is an EXTERNAL email.
> Use CAUTION before clicking on links, opening attachments, or
> responding. (Sender: 
> users-return-28024-JENKIR14=nationwide@tomee.apache.org)
> 
> ---
> ---
> 
> 
> The Apache TomEE team is pleased to announce the availability of
> TomEE
> 8.0.11
> 
> Apache TomEE delivers enterprise application containers and services
> based on, but not limited to the Enterprise JavaBeans Specification
> and
> Java Enterprise Edition Specifications.
> 
> These releases primarily provide bug fixes, documentation and update
> the dependencies TomEE uses.
> 
> Full release notes:
> 
> - https://tomee.apache.org/8.0.11/release-notes.html
> -
> 
https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12312320&version=12351352
> 
> Downloads are available at: https://tomee.apache.org/download.html
> 
> - The Apache TomEE team
> 

Re: Re: Follow-up to 8.0.11: Update of release documentation

[Jenkins, Rodney J (Rod)]

<<
Do you have a preference for automation in your environment and for
docker?
>>

My only preference is consistency.  I have no technical preference one way or 
the other.  I can script it either way.  I do not want to alter Dockerfiles 
each time we do a release.

Thanks,
Rod.


On 4/22/22, 11:32 AM, "Richard Zowalla"  wrote:

Nationwide Information Security Warning: This is an EXTERNAL email. Use 
CAUTION before clicking on links, opening attachments, or responding. (Sender: 
dev-return-29302-JENKIR14=nationwide@tomee.apache.org)


--


Hi Rod

> My counterparts have reported that the sha files are in different 
> format than the last version, but the same as 8.0.7. 

>It would be nice if we could have a permanent standard.   When we
>change the formats, it breaks automation on our end and in the docker
>images.

I agree - this time, the SHA512 hashes are created using our 
https://github.com/apache/tomee-release-tools 

I quickly checked the other releases (1.7.x, 7.x, 7.1.x), which follow
the same pattern.

BUT I agree, that it was different in previous TomEE 8 releases -
perhaps the SHA512 hashes were not created using the tomee-release-
tools. Nevertheless, we can enhance the release tools to follow the
unix like pattern:

 filename

instead of



I have no preference ;) - for the first option, we need to update the
release tools to include the filename to the .sha512 files. That would
beconsistent in case the release hashs aren't created via the tomee-
release-tools.

Do you have a preference for automation in your environment and for
docker?

Gruß 
Rchard




Am Freitag, dem 22.04.2022 um 15:26 + schrieb Jenkins, Rodney J
(Rod):
> Richard,
> 
> Thank you for the release and congrats on your 1st release.
> 
> My counterparts have reported that the sha files are in different
> format than the last version, but the same as 8.0.7.
> 
> It would be nice if we could have a permanent standard.   When we
> change the formats, it breaks automation on our end and in the docker
> images.
> 
> I've not had the time to verify this for myself, I will get to that
> in the next couple of days.
> 
> Thank you,
> Rod.
> 
> From: Zowalla, Richard 
> Sent: Friday, April 22, 2022 1:37 AM
> To: dev@tomee.apache.org 
> Subject: [EXTERNAL] Follow-up to 8.0.11: Update of release
> documentation
> 
> Hi all,
> 
> after conducting my first release, I put my notes together and
> updated
> our release documentation:
> https://tomee.apache.org/dev/release-tomee.html
> 
> It might not be complete and might require some further polishing but
> I
> think, that this will help others in conducting a release. The
> initial
> ASF-related setup + GPG keys requires some effort ;)
> 
> In general, we learned that teaming up (committer + pmc) for a
> release
> works quite well and it was a pleassure to work with JL on 8.0.11 :)
> 
> Most of the mechanical steps can be conducted with committer access
> privileges (building, tagging, nexus/maven deploy, staging artifacts
> to
> dist/dev); some formal steps like open/close the VOTE, moving the
> artifacts from dist/dev to dist/release require a PMC member to be
> involved.
> 
> Gruß
> Richard

Re: Follow-up to 8.0.11: Update of release documentation

[Jenkins, Rodney J (Rod)]

Richard,

Thank you for the release and congrats on your 1st release.

My counterparts have reported that the sha files are in different format than 
the last version, but the same as 8.0.7.

It would be nice if we could have a permanent standard.   When we change the 
formats, it breaks automation on our end and in the docker images.

I've not had the time to verify this for myself, I will get to that in the next 
couple of days.

Thank you,
Rod.

From: Zowalla, Richard 
Sent: Friday, April 22, 2022 1:37 AM
To: dev@tomee.apache.org 
Subject: [EXTERNAL] Follow-up to 8.0.11: Update of release documentation

Hi all,

after conducting my first release, I put my notes together and updated
our release documentation:
https://tomee.apache.org/dev/release-tomee.html

It might not be complete and might require some further polishing but I
think, that this will help others in conducting a release. The initial
ASF-related setup + GPG keys requires some effort ;)

In general, we learned that teaming up (committer + pmc) for a release
works quite well and it was a pleassure to work with JL on 8.0.11 :)

Most of the mechanical steps can be conducted with committer access
privileges (building, tagging, nexus/maven deploy, staging artifacts to
dist/dev); some formal steps like open/close the VOTE, moving the
artifacts from dist/dev to dist/release require a PMC member to be
involved.

Gruß
Richard

Re: [ANN] Apache TomEE 8.0.11

[Jenkins, Rodney J (Rod)]

I will get started on the Docker images.

Thank you,
Rod.

From: Richard Zowalla 
Sent: Friday, April 22, 2022 5:00:58 AM
To: dev@tomee.apache.org ; us...@tomee.apache.org 
; annou...@apache.org 
Subject: [EXTERNAL] [ANN] Apache TomEE 8.0.11

Nationwide Information Security Warning: This is an EXTERNAL email. Use CAUTION 
before clicking on links, opening attachments, or responding. (Sender: 
users-return-28024-JENKIR14=nationwide@tomee.apache.org)

--


The Apache TomEE team is pleased to announce the availability of TomEE
8.0.11

Apache TomEE delivers enterprise application containers and services
based on, but not limited to the Enterprise JavaBeans Specification and
Java Enterprise Edition Specifications.

These releases primarily provide bug fixes, documentation and update
the dependencies TomEE uses.

Full release notes:

- https://tomee.apache.org/8.0.11/release-notes.html
-
https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12312320&version=12351352

Downloads are available at: https://tomee.apache.org/download.html

- The Apache TomEE team

Docker Tags

[Jenkins, Rodney J (Rod)]

All,

Joel Whitesel opened an issue asking for some further tags to be added to our 
docker images.  I am happy with setting up additional tags.  What I would like 
to know is what images should have priority to the more generic tags.

I would think that we would want Java 11 to be our default.  An argument could 
be made for Java 17.
I see that webprofile is the default for the different flavors,  I will go with 
that.
For major/minor versions we have these:  7, 7.1, 8, 9, 9.0.  The current 
defaults for 9 is 9.1.

I think the only decision/discussion point is what our “preferred” or default 
version of java should be.

Any thoughts would be appreciated.

Thanks,
Rod.

Re: Re: Improve security defaults

[Jenkins, Rodney J (Rod)]

David,

I agree on everything you said.  I may not have time on my plate.  However, I 
am trying to encourage more involvement in the open source community.  I think 
this would be a good project for someone new to the open source community.  I 
will attempt to get this in to the next sprint or myself or someone else (if 
you are ok with it).

Thanks,
Rod.


On 3/15/22, 2:49 PM, "David Blevins"  wrote:

Hey Rod,

One of the ideas Richard mentioned is a script that can audit an install 
and flag up issues like showServerInfo="false".

With your scripting skills, are you perhaps interested in working on 
something like that?  We could include the script in the bin/ directory and 
people could run it to get say a multi-line output of pass/fail lines.  Maybe 
something like the old System V startup output that has the left-aligned text 
with right-aligned green or red status.

We could potentially have a page on the website like the Tomcat one and 
then go section by section and add checks to the audit script (one output line 
each check), then at the end of the script it can print the link to the doc.

Just thinking out loud -- not sure what you have on your plate.


-David

> On Mar 14, 2022, at 7:07 AM, Jenkins, Rodney J (Rod) 
 wrote:
> 
> Hello all,
> 
> One thing we could look at is the CIS Benchmarks for Tomcat found here:  
https://www.cisecurity.org/benchmark/apache_tomcat   The benchmark is not 
perfect.  For example, it does not mention adding:
> 
> Valve className="org.apache.catalina.valves.ErrorReportValve" 
showServerInfo="false"/>
> 
> This is something I think is important.  It does recommend users do 
something similar by extracting the ServerInfo.properties from the 
catalina.jar, altering it, then repackaging it.  As I stated above, it is not 
perfect, but many people are using this as a guide.
> 
> We could add a page to the site pointing people to this link as well as 
bulleting some of the items we feel is most important.  We should encourage all 
users to follow what makes sense for them.
> 
> Thanks,
> Rod.
> 
> 
> 
> 
> On 3/13/22, 12:51 PM, "Zowalla, Richard" 
 wrote:
> 
>Nationwide Information Security Warning: This is an EXTERNAL email. 
Use CAUTION before clicking on links, opening attachments, or responding. 
(Sender: dev-return-28942-JENKIR14=nationwide@tomee.apache.org)
> 
>
--
> 
> 
>Thanks for brining up this important topic!
> 
>Perhaps it would be a good idea to include a security walkthrough on
>our web page (even if we only link to Tomcat) as well to cover this
>(very) important topic. This could also include secure systemd
>configuration, etc.
> 
>In addition it might be an option to go the "mariadb" way (I am
>thinking of 'mysql_secure_installation' [1]) and provide a shell / bash
>(+ Windows) script, which we include in our distribution archives. If a
>user execute the script, the default configurations are hardended.
>However, we would need to "promote" it, so users get to know it.
> 
>This would mitigate possible pain in our code base / tests / examples
>or for developers working with or on TomEE applications (or on TomEE
>itself). 
> 
>Wdyt?
> 
>Gruß
>Richard
> 
> 
> 
>[1] https://mariadb.com/kb/en/mysql_secure_installation/
> 
> 
>Am Sonntag, dem 13.03.2022 um 11:45 +0100 schrieb Jean-Louis Monteiro:
>> Thanks David for the quick reply. There is probably a balance to
>> find.
>> 
>> I agree that the tradeoffs can hurt us more than the actual small
>> settings
>> to apply.
>> They are pretty well documented and clear in the following page
>> https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html
>> 
>> 
>> --
>> Jean-Louis Monteiro
>> http://twitter.com/jlouismonteiro
>> http://www.tomitribe.com
>> 
>> 
>> On Sun, Mar 13, 2022 at 9:58 AM David Blevins >> 
>> wrote:
>> 
>>>> On Mar 12, 2022, at 11:34 PM, Jean-Louis Monteiro <
>>> jlmonte...@tomitribe.com> wrote:
>>>> xpoweredBy giving the exact version of Tomcat for instance
>>>> The error valve attributes are set to false so it does not
>>>> display
>>> Tomcat's
>>>> version

Re: Improve security defaults

[Jenkins, Rodney J (Rod)]

Hello all,

One thing we could look at is the CIS Benchmarks for Tomcat found here:  
https://www.cisecurity.org/benchmark/apache_tomcat   The benchmark is not 
perfect.  For example, it does not mention adding:

Valve className="org.apache.catalina.valves.ErrorReportValve" 
showServerInfo="false"/>

This is something I think is important.  It does recommend users do something 
similar by extracting the ServerInfo.properties from the catalina.jar, altering 
it, then repackaging it.  As I stated above, it is not perfect, but many people 
are using this as a guide.

We could add a page to the site pointing people to this link as well as 
bulleting some of the items we feel is most important.  We should encourage all 
users to follow what makes sense for them.

Thanks,
Rod.




On 3/13/22, 12:51 PM, "Zowalla, Richard"  
wrote:

Nationwide Information Security Warning: This is an EXTERNAL email. Use 
CAUTION before clicking on links, opening attachments, or responding. (Sender: 
dev-return-28942-JENKIR14=nationwide@tomee.apache.org)


--


Thanks for brining up this important topic!

Perhaps it would be a good idea to include a security walkthrough on
our web page (even if we only link to Tomcat) as well to cover this
(very) important topic. This could also include secure systemd
configuration, etc.

In addition it might be an option to go the "mariadb" way (I am
thinking of 'mysql_secure_installation' [1]) and provide a shell / bash
(+ Windows) script, which we include in our distribution archives. If a
user execute the script, the default configurations are hardended.
However, we would need to "promote" it, so users get to know it.

This would mitigate possible pain in our code base / tests / examples
or for developers working with or on TomEE applications (or on TomEE
itself). 

Wdyt?

Gruß
Richard



[1] https://mariadb.com/kb/en/mysql_secure_installation/


Am Sonntag, dem 13.03.2022 um 11:45 +0100 schrieb Jean-Louis Monteiro:
> Thanks David for the quick reply. There is probably a balance to
> find.
> 
> I agree that the tradeoffs can hurt us more than the actual small
> settings
> to apply.
> They are pretty well documented and clear in the following page
> https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html
> 
> 
> --
> Jean-Louis Monteiro
> http://twitter.com/jlouismonteiro
> http://www.tomitribe.com
> 
> 
> On Sun, Mar 13, 2022 at 9:58 AM David Blevins  >
> wrote:
> 
> > > On Mar 12, 2022, at 11:34 PM, Jean-Louis Monteiro <
> > jlmonte...@tomitribe.com> wrote:
> > > xpoweredBy giving the exact version of Tomcat for instance
> > > The error valve attributes are set to false so it does not
> > > display
> > Tomcat's
> > > version and does not discard exceptions.
> > > 
> > > Should we somehow pre-configure TomEE to be a bit more secure?
> > > The downside is that in development, with Arquillian or TomEE
> > > Maven
> > plugin
> > > we lose some useful information to debug and understand what's
> > > going on.
> > 
> > I think you raise a key point in that last sentence.  If we do
> > things like
> > have TomEE eat stacktraces and fail silently by default, that
> > doesn't just
> > make it harder for people to write applications on TomEE, that also
> > makes
> > it harder for us to develop TomEE.
> > 
> > I think that would likely translate into fewer people making it out
> > of the
> > development phase, which means fewer users, fewer contributors and
> > fewer
> > resources.
> > 
> > We'd also have to sweep through all our test cases and examples and
> > ensure
> > that things like stacktraces are enabled, which would make tests
> > and
> > examples more complicated.  It could also reinforce people using
> > the dev
> > settings in production if they're seeing them repeated in our 180+
> > examples.  They'd still be in the position of having to read a doc
> > to undo
> > the settings before production.
> > 
> > Not totally against, it just sounds very tricky.
> > 
> > It's definitely a good conversation and there are likely specific
> > things
> > we can do that could be palatable but don't completely sacrifice
> > the dev
> > experience.
> > 
> > 
> > 
> > -David
> > 
> > 

Re: [RESULT] [VOTE] Apache TomEE 8.0.10

[Jenkins, Rodney J (Rod)]

Docer-library official images has approved and merged 8.0.10.

Docker images should be live.

Thanks,
Rod.


On 2/23/22, 7:50 AM, "Jenkins, Rodney J (Rod)"  wrote:

Nationwide Information Security Warning: This is an EXTERNAL email. Use 
CAUTION before clicking on links, opening attachments, or responding. (Sender: 
dev-return-28906-JENKIR14=nationwide@tomee.apache.org)


--


David,

Understood.  I thought it was customary for someone to review the PR.  
However, in the future, I will just take care of it.

Thanks,
Rod.


On 2/22/22, 5:31 PM, "David Blevins"  wrote:

Nationwide Information Security Warning: This is an EXTERNAL email. Use 
CAUTION before clicking on links, opening attachments, or responding. (Sender: 
dev-return-28905-JENKIR14=nationwide@tomee.apache.org)


--


> On Feb 22, 2022, at 6:21 PM, Jenkins, Rodney J (Rod) 
 wrote:
> 
> Hello,
> 
> Can I get an approval for:
> https://github.com/tomitribe/docker-tomee/pulls

You have write access, so should be able to merge that directly.


-David

> On 2/22/22, 3:32 AM, "Jean-Louis Monteiro"  
wrote:
> 
>Nationwide Information Security Warning: This is an EXTERNAL 
email. Use CAUTION before clicking on links, opening attachments, or 
responding. (Sender: dev-return-28901-JENKIR14=nationwide@tomee.apache.org)
> 
>
--
> 
> 
>Thanks everyone for your time and reviews.
> 
>Vote passes with 7 +1 and enough bindings.
> 
>I'll proceed with the remaining steps.
>--
>Jean-Louis Monteiro
>http://twitter.com/jlouismonteiro
>http://www.tomitribe.com
> 
> 
>On Fri, Feb 11, 2022 at 9:53 AM Jean-Louis Monteiro <
>jlmonte...@tomitribe.com> wrote:
> 
>> Hi All,
>> 
>> This is a first attempt at a vote for a release of Apache TomEE 
8.0.10
>> 
>> Maven Repo:
>> 
https://repository.apache.org/content/repositories/orgapachetomee-1193/
>> 
>> Binaries & Source:
>> 
https://dist.apache.org/repos/dist/dev/tomee/staging_1193-TomEE-8.0.10/
>> 
>> Tags:
>> https://github.com/apache/tomee/releases/tag/tomee-project-8.0.10
>> 
>> Release notes:
>> 
>> 
https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12312320&version=12350706
>> 
>> Here are the releases notes
>> Sub-task
>> 
>>   - [TOMEE-2117 <https://issues.apache.org/jira/browse/TOMEE-2117>] -
>>   Rework ProcessObserverMethod integration
>>   - [TOMEE-2289 <https://issues.apache.org/jira/browse/TOMEE-2289>] -
>>   MicroProfile OpenAPI Example
>>   - [TOMEE-2349 <https://issues.apache.org/jira/browse/TOMEE-2349>] -
>>   Ensure each module can generate javadoc jars on release
>>   - [TOMEE-2350 <https://issues.apache.org/jira/browse/TOMEE-2350>] -
>>   Create a list of existing Javadoc using html
>>   - [TOMEE-2351 <https://issues.apache.org/jira/browse/TOMEE-2351>] -
>>   MicroProfile OpenTracing Example for Distributed Microservices
>>   - [TOMEE-2358 <https://issues.apache.org/jira/browse/TOMEE-2358>] -
>>   MicroProfile JWT rest-mp-jwt-claim Example
>> 
>> Bug
>> 
>>   - [TOMEE-2169 <https://issues.apache.org/jira/browse/TOMEE-2169>] -
>>   Interceptor Bean injection does not work for EJBs
>>   - [TOMEE-2270 <https://issues.apache.org/jira/browse/TOMEE-2270>] -
>>   Java11: Unable to initialize agent with embedded-maven-plugin
>>   - [TOMEE-2403 <https://issues.apache.org/jira/browse/TOMEE-2403>] -
>>   AutoConnectionTrackerTest fails randomly
>>   - [TOMEE-2427 <https://issues.apache.org/jira/browse/TOMEE-2427>] -
>>   Align text above the pictures
>>   - [TOMEE-2800 <https://issues.apache.org/jira/browse/TOMEE-2800>] -
>>   Issue : Unable to run EJB test cases for upgradatio

Re: [RESULT] [VOTE] Apache TomEE 8.0.10

[Jenkins, Rodney J (Rod)]

David,

Understood.  I thought it was customary for someone to review the PR.  However, 
in the future, I will just take care of it.

Thanks,
Rod.


On 2/22/22, 5:31 PM, "David Blevins"  wrote:

Nationwide Information Security Warning: This is an EXTERNAL email. Use 
CAUTION before clicking on links, opening attachments, or responding. (Sender: 
dev-return-28905-JENKIR14=nationwide@tomee.apache.org)


--


> On Feb 22, 2022, at 6:21 PM, Jenkins, Rodney J (Rod) 
 wrote:
> 
> Hello,
> 
> Can I get an approval for:
> https://github.com/tomitribe/docker-tomee/pulls

You have write access, so should be able to merge that directly.


-David

> On 2/22/22, 3:32 AM, "Jean-Louis Monteiro"  
wrote:
> 
>Nationwide Information Security Warning: This is an EXTERNAL email. 
Use CAUTION before clicking on links, opening attachments, or responding. 
(Sender: dev-return-28901-JENKIR14=nationwide@tomee.apache.org)
> 
>
--
> 
> 
>Thanks everyone for your time and reviews.
> 
>Vote passes with 7 +1 and enough bindings.
> 
>I'll proceed with the remaining steps.
>--
>Jean-Louis Monteiro
>http://twitter.com/jlouismonteiro
>http://www.tomitribe.com
> 
> 
>On Fri, Feb 11, 2022 at 9:53 AM Jean-Louis Monteiro <
>jlmonte...@tomitribe.com> wrote:
> 
>> Hi All,
>> 
>> This is a first attempt at a vote for a release of Apache TomEE 8.0.10
>> 
>> Maven Repo:
>> https://repository.apache.org/content/repositories/orgapachetomee-1193/
>> 
>> Binaries & Source:
>> https://dist.apache.org/repos/dist/dev/tomee/staging_1193-TomEE-8.0.10/
>> 
>> Tags:
>> https://github.com/apache/tomee/releases/tag/tomee-project-8.0.10
>> 
>> Release notes:
>> 
>> 
https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12312320&version=12350706
>> 
>> Here are the releases notes
>> Sub-task
>> 
>>   - [TOMEE-2117 <https://issues.apache.org/jira/browse/TOMEE-2117>] -
>>   Rework ProcessObserverMethod integration
>>   - [TOMEE-2289 <https://issues.apache.org/jira/browse/TOMEE-2289>] -
>>   MicroProfile OpenAPI Example
>>   - [TOMEE-2349 <https://issues.apache.org/jira/browse/TOMEE-2349>] -
>>   Ensure each module can generate javadoc jars on release
>>   - [TOMEE-2350 <https://issues.apache.org/jira/browse/TOMEE-2350>] -
>>   Create a list of existing Javadoc using html
>>   - [TOMEE-2351 <https://issues.apache.org/jira/browse/TOMEE-2351>] -
>>   MicroProfile OpenTracing Example for Distributed Microservices
>>   - [TOMEE-2358 <https://issues.apache.org/jira/browse/TOMEE-2358>] -
>>   MicroProfile JWT rest-mp-jwt-claim Example
>> 
>> Bug
>> 
>>   - [TOMEE-2169 <https://issues.apache.org/jira/browse/TOMEE-2169>] -
>>   Interceptor Bean injection does not work for EJBs
>>   - [TOMEE-2270 <https://issues.apache.org/jira/browse/TOMEE-2270>] -
>>   Java11: Unable to initialize agent with embedded-maven-plugin
>>   - [TOMEE-2403 <https://issues.apache.org/jira/browse/TOMEE-2403>] -
>>   AutoConnectionTrackerTest fails randomly
>>   - [TOMEE-2427 <https://issues.apache.org/jira/browse/TOMEE-2427>] -
>>   Align text above the pictures
>>   - [TOMEE-2800 <https://issues.apache.org/jira/browse/TOMEE-2800>] -
>>   Issue : Unable to run EJB test cases for upgradation in current project
>>   with Java 1.8 and WebLogic version 12.2.1.4 along with 
openejb.cxf.version
>>   7.0.1 / openejb.cxf.version 8 jar.
>>   - [TOMEE-2941 <https://issues.apache.org/jira/browse/TOMEE-2941>] -
>>   Regression: A connection factory created with TransactionSupport of 
"none"
>>   only sending message when transaction completes
>>   - [TOMEE-3777 <https://issues.apache.org/jira/browse/TOMEE-3777>] -
>>   
>>   org.apache.openjpa.persistence.ArgumentException: The persistence 
provider
>>   is attempting to use properties in the persistence.xml file to resolve 
the
>>   data source ...
>>   - [TOMEE-3816 <https://issues.apache.org/jira/browse/TOMEE-3816>] -
>>   Return "this" on

Re: [RESULT] [VOTE] Apache TomEE 8.0.10

[Jenkins, Rodney J (Rod)]

Hello,

Can I get an approval for:
https://github.com/tomitribe/docker-tomee/pulls

Thank you,
Rod.


On 2/22/22, 3:32 AM, "Jean-Louis Monteiro"  wrote:

Nationwide Information Security Warning: This is an EXTERNAL email. Use 
CAUTION before clicking on links, opening attachments, or responding. (Sender: 
dev-return-28901-JENKIR14=nationwide@tomee.apache.org)


--


Thanks everyone for your time and reviews.

Vote passes with 7 +1 and enough bindings.

I'll proceed with the remaining steps.
--
Jean-Louis Monteiro
http://twitter.com/jlouismonteiro
http://www.tomitribe.com


On Fri, Feb 11, 2022 at 9:53 AM Jean-Louis Monteiro <
jlmonte...@tomitribe.com> wrote:

> Hi All,
>
> This is a first attempt at a vote for a release of Apache TomEE 8.0.10
>
> Maven Repo:
> https://repository.apache.org/content/repositories/orgapachetomee-1193/
>
> Binaries & Source:
> https://dist.apache.org/repos/dist/dev/tomee/staging_1193-TomEE-8.0.10/
>
> Tags:
> https://github.com/apache/tomee/releases/tag/tomee-project-8.0.10
>
> Release notes:
>
> 
https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12312320&version=12350706
>
> Here are the releases notes
> Sub-task
>
>- [TOMEE-2117 ] -
>Rework ProcessObserverMethod integration
>- [TOMEE-2289 ] -
>MicroProfile OpenAPI Example
>- [TOMEE-2349 ] -
>Ensure each module can generate javadoc jars on release
>- [TOMEE-2350 ] -
>Create a list of existing Javadoc using html
>- [TOMEE-2351 ] -
>MicroProfile OpenTracing Example for Distributed Microservices
>- [TOMEE-2358 ] -
>MicroProfile JWT rest-mp-jwt-claim Example
>
> Bug
>
>- [TOMEE-2169 ] -
>Interceptor Bean injection does not work for EJBs
>- [TOMEE-2270 ] -
>Java11: Unable to initialize agent with embedded-maven-plugin
>- [TOMEE-2403 ] -
>AutoConnectionTrackerTest fails randomly
>- [TOMEE-2427 ] -
>Align text above the pictures
>- [TOMEE-2800 ] -
>Issue : Unable to run EJB test cases for upgradation in current project
>with Java 1.8 and WebLogic version 12.2.1.4 along with 
openejb.cxf.version
>7.0.1 / openejb.cxf.version 8 jar.
>- [TOMEE-2941 ] -
>Regression: A connection factory created with TransactionSupport of 
"none"
>only sending message when transaction completes
>- [TOMEE-3777 ] -
>
>org.apache.openjpa.persistence.ArgumentException: The persistence 
provider
>is attempting to use properties in the persistence.xml file to resolve 
the
>data source ...
>- [TOMEE-3816 ] -
>Return "this" on stateless EJB method looses container transaction
>management
>- [TOMEE-3823 ] -
>TomEE and Java 17 compatibility issue with Windows Service Tooling
>- [TOMEE-3825 ] -
>TomEE Maven Plugin does not wait for container startup, if 
"checkStarted"
>is set to true
>- [TOMEE-3832 ] -
>JAX-RS TomEEJsonbProvider not registered in tomee-embedded-maven-plugin
>when MicroProfile is present
>
> New Feature
>
>- [TOMEE-2306 ] -
>New Java EE Schemas for Java EE Deployment Descriptors
>- [TOMEE-2584 ] -
>Java 11 compliancy
>- [TOMEE-2706 ] -
>New TomEE Embedded Bootstrap
>
> Improvement
>
>- [TOMEE-1618 ] -
>Replace three register maps in Container in favour of one
>- [TOMEE-2277 ] -
>Java11: module name for TomEE
>- [TOMEE-2425 ] -
>Generate Tom

Re: TomEE Docker image support for arm64?

[Jenkins, Rodney J (Rod)]

Hello all,

Good news!!  The arm64v8 images should be live shortly.  The commit was 
accepted into official images a few minutes ago.  This also included a Java 17 
JDK for TomEE 8.0.  If that all looks good, I will get 17 ready for TomEE 9.0 
later this week.

Thank you,
Rod.


On 2/16/22, 10:10 AM, "Cesar Hernandez"  wrote:

Nationwide Information Security Warning: This is an EXTERNAL email. Use 
CAUTION before clicking on links, opening attachments, or responding. (Sender: 
dev-return-28873-JENKIR14=nationwide@tomee.apache.org)


--


+1 on the proposal to support arm64 for 8,9 with support for java 8, 11,
and 17.


El mar, 25 ene 2022 a las 8:47, Jonathan Gallimore (<
jonathan.gallim...@gmail.com>) escribió:

> That sounds like a good proposal to me, and I'm happy to help test.
>
> Jon
>
> On Mon, Jan 24, 2022 at 5:28 PM Jenkins, Rodney J (Rod) <
> jenki...@nationwide.com> wrote:
>
> > Hello,
> >
> > I would vote in favor of supporting arm64.  The question for me is how
> > deep do we go?  I propose 8 and 9 with java support for 8, 11, and 17.
> >
> > I will get a branch created so that you can pull it down and test.
> >
> > Thank you,
> > Rod.
> >
> >
> > On 1/24/22, 9:17 AM, "Memo Díaz Solis"  wrote:
> >
> > Nationwide Information Security Warning: This is an EXTERNAL email.
> > Use CAUTION before clicking on links, opening attachments, or 
responding.
> > (Sender: dev-return-28784-JENKIR14=nationwide@tomee.apache.org)
> >
> >
> >
> 
--
> >
> >
    > >     If the community agrees on adding support for arm64 then I can test
> it
> > if
> > you don't mind.
> >
> > El jue, 20 ene 2022 a las 14:24, Jenkins, Rodney J (Rod) (<
> > jenki...@nationwide.com>) escribió:
> >
> > > Hello,
> > >
> > > If the community would like an arm64 build, I would be happy to
> > create
> > > it.  I do not have the ability to test it.
> > >
> > > If we decided on this course, what images do we want to create?   
I
> > would
> > > assume 8.x and 9.x.  Would we want to create versions for Java 8,
> > 11, and
> > > 17?  (I would have to look to see what is available.)
> > >
> > >
> > > Thanks,
> > > Rod.
> > >
> > >
> > > On 1/17/22, 4:39 PM, "Cesar Hernandez" 
> wrote:
> > >
> > > Nationwide Information Security Warning: This is an EXTERNAL
> > email.
> > > Use CAUTION before clicking on links, opening attachments, or
> > responding.
> > > (Sender: dev-return-28775-JENKIR14=nationwide@tomee.apache.org
> )
> > >
> > >
> > >
> >
> 
--
> > >
> > >
> > > Hello,
> > >
> > > I saw Gillermo finding about running TomEE docker image on 
macs
> > with M1
> > > architecture (arm64)
> > > https://github.com/tomitribe/docker-tomee/issues/58
> > >
> > > I created https://issues.apache.org/jira/browse/TOMEE-3827 to
> > follow
> > > up
> > > this topic since it seems there is a workaround [1] but
> > ultimately I
> > > would
> > > like to know what do you think on adding support for arm64, it
> > seems
> > > Tomcat
> > > already is doing this and our base image (openjdk:8-jre)
> already
> > has
> > > support for it [2]
> > >
> > >
> > >
> > >
> > > [1] https://docs.docker.com/desktop/mac/apple-silicon/
> > > [2] https://hub.docker.com/r/arm64v8/openjdk/
> > > --
> > > Atentamente:
> > > César Hernández.
> > >
> > >
> >
> >
>


-- 
Atentamente:
César Hernández.

Re: TomEE Docker image support for arm64?

[Jenkins, Rodney J (Rod)]

FYI, 

I added arm64v8 to the official images today.  As I understand, there is not 
much we need to change just add the architecture to the list.

We will see what happens.

Rod.


On 2/16/22, 10:10 AM, "Cesar Hernandez"  wrote:

Nationwide Information Security Warning: This is an EXTERNAL email. Use 
CAUTION before clicking on links, opening attachments, or responding. (Sender: 
dev-return-28873-JENKIR14=nationwide@tomee.apache.org)


--


+1 on the proposal to support arm64 for 8,9 with support for java 8, 11,
and 17.


El mar, 25 ene 2022 a las 8:47, Jonathan Gallimore (<
jonathan.gallim...@gmail.com>) escribió:

> That sounds like a good proposal to me, and I'm happy to help test.
>
> Jon
>
> On Mon, Jan 24, 2022 at 5:28 PM Jenkins, Rodney J (Rod) <
> jenki...@nationwide.com> wrote:
>
> > Hello,
> >
> > I would vote in favor of supporting arm64.  The question for me is how
> > deep do we go?  I propose 8 and 9 with java support for 8, 11, and 17.
> >
> > I will get a branch created so that you can pull it down and test.
> >
> > Thank you,
> > Rod.
> >
> >
> > On 1/24/22, 9:17 AM, "Memo Díaz Solis"  wrote:
> >
> > Nationwide Information Security Warning: This is an EXTERNAL email.
> > Use CAUTION before clicking on links, opening attachments, or 
responding.
> > (Sender: dev-return-28784-JENKIR14=nationwide@tomee.apache.org)
> >
> >
> >
> 
--
> >
> >
    > >     If the community agrees on adding support for arm64 then I can test
> it
> > if
> > you don't mind.
> >
> > El jue, 20 ene 2022 a las 14:24, Jenkins, Rodney J (Rod) (<
> > jenki...@nationwide.com>) escribió:
> >
> > > Hello,
> > >
> > > If the community would like an arm64 build, I would be happy to
> > create
> > > it.  I do not have the ability to test it.
> > >
> > > If we decided on this course, what images do we want to create?   
I
> > would
> > > assume 8.x and 9.x.  Would we want to create versions for Java 8,
> > 11, and
> > > 17?  (I would have to look to see what is available.)
> > >
> > >
> > > Thanks,
> > > Rod.
> > >
> > >
> > > On 1/17/22, 4:39 PM, "Cesar Hernandez" 
> wrote:
> > >
> > > Nationwide Information Security Warning: This is an EXTERNAL
> > email.
> > > Use CAUTION before clicking on links, opening attachments, or
> > responding.
> > > (Sender: dev-return-28775-JENKIR14=nationwide@tomee.apache.org
> )
> > >
> > >
> > >
> >
> 
--
> > >
> > >
> > > Hello,
> > >
> > > I saw Gillermo finding about running TomEE docker image on 
macs
> > with M1
> > > architecture (arm64)
> > > https://github.com/tomitribe/docker-tomee/issues/58
> > >
> > > I created https://issues.apache.org/jira/browse/TOMEE-3827 to
> > follow
> > > up
> > > this topic since it seems there is a workaround [1] but
> > ultimately I
> > > would
> > > like to know what do you think on adding support for arm64, it
> > seems
> > > Tomcat
> > > already is doing this and our base image (openjdk:8-jre)
> already
> > has
> > > support for it [2]
> > >
> > >
> > >
> > >
> > > [1] https://docs.docker.com/desktop/mac/apple-silicon/
> > > [2] https://hub.docker.com/r/arm64v8/openjdk/
> > > --
> > > Atentamente:
> > > César Hernández.
> > >
> > >
> >
> >
>


-- 
Atentamente:
César Hernández.

Re: Java 17 and Tomee Containers

[Jenkins, Rodney J (Rod)]

Hello,

The PR was approved earlier today.  I will work on getting them moved to the 
official images.

Thanks,
Rod.


On 2/16/22, 5:02 AM, "Jean-Louis Monteiro"  wrote:

Nationwide Information Security Warning: This is an EXTERNAL email. Use 
CAUTION before clicking on links, opening attachments, or responding. (Sender: 
dev-return-28863-JENKIR14=nationwide@tomee.apache.org)


--


Should be ok

Le mer. 16 févr. 2022 à 09:21, Thomas Andraschko <
andraschko.tho...@gmail.com> a écrit :

> Hi,
>
> could anyone merge it?
> I would also like to see Java17 images.
>
> Best Regards,
> Thomas
>
> Am Do., 27. Jan. 2022 um 21:22 Uhr schrieb Jenkins, Rodney J (Rod) <
> jenki...@nationwide.com>:
>
> > Hello,
> >
> > I have created the PR for the OpenJDK.
> >
> > https://github.com/tomitribe/docker-tomee/pull/59
> >
> > I would encourage folks to test this new build.
> >
> > If the community decides they want OpenJDK,  approve the request and I
> > will update the official images in dockerhub.
> >
> > Thank you,
> > Rod.
> >
> >
> > On 1/24/22, 11:32 AM, "Jenkins, Rodney J (Rod)" <
> jenki...@nationwide.com>
> > wrote:
> >
> > Nationwide Information Security Warning: This is an EXTERNAL email.
> > Use CAUTION before clicking on links, opening attachments, or 
responding.
> > (Sender: dev-return-28786-JENKIR14=nationwide@tomee.apache.org)
> >
> >
> >
> 
--
> >
> >
> > Hello,
> >
> > If we use Temurin, I would recommend the tag 17-jre-focal.  That 
uses
> > Ubuntu for an OS, very slight change in OS.
> >
> > If we decide on OpenJDK, I would recommend the tag 17-jdk-bullseye.
> > Currently, we are using 11-jre.  11-jre is Debian Bullseye.  We would be
> > consistent with the OS
> >
> > I would recommend 17-jdk-bullseye.  It keeps us more constant with
> the
> > OS, even though it is larger than a jre.  I am going to move down this
> path
> > unless anyone objects.
> >
> > Do we need a vote for something like this?
> >
> > Thank you,
> > Rod Jenkins
> >
> >
> > On 1/14/22, 10:49 AM, "Anbu Sampath"  wrote:
> >
> > Nationwide Information Security Warning: This is an EXTERNAL
> > email. Use CAUTION before clicking on links, opening attachments, or
> > responding. (Sender: dev-return-28764-JENKIR14=
> > nationwide@tomee.apache.org)
> >
> >
> >
> 
--
> >
> >
> > Hi All,
> >
> > Eclipse Temurin started producing JRE, I guess TomEE can use it
> > for Java 17.
> >
> > https://blog.adoptium.net/2021/12/eclipse-temurin-jres-are-back/
> >
> > Regards
> > Anbu
> >
> >
> > On Thu, 13 Jan, 2022, 03:49 Jean-Louis Monteiro, <
> > jlmonte...@tomitribe.com>
> > wrote:
> >
> > > No, I was referring to what Rod was proposing.
> > >
> > > Checkout the following https://adoptium.net/
> > > Eclipse OpenJ9 is discontinued because IBM is taking over with
> > IBM Semeru.
> > >
> > > Adoptium and Eclipse Temurin aim at producing AdoptOpenJDK
> > distributions.
> > >
> > > --
> > > Jean-Louis Monteiro
> > > http://twitter.com/jlouismonteiro
> > > http://www.tomitribe.com
> > >
> > >
> > > On Wed, Jan 12, 2022 at 10:52 PM Alex The Rocker <
> > alex.m3...@gmail.com>
> > > wrote:
> > >
> > > > Hello Jean-Louis,
> > > >
> > > > Not sure what you mean by "Eclipse JRE", but maybe it's IBM
> > Semeru
> > > > Runtimes JRE, which is based on Ecli

Re: [VOTE] Apache TomEE 8.0.10

[Jenkins, Rodney J (Rod)]

Hello All,

If we are going to release TomEE 8.0.10, I would like to release Java 17 along 
with it.  Has anyone had a chance to test or work with the 17 image?

The docker files for 17 has been out there a couple weeks.  I have not seen any 
feedback.

Thanks,
Rod.


On 2/11/22, 2:54 AM, "Jean-Louis Monteiro"  wrote:

Nationwide Information Security Warning: This is an EXTERNAL email. Use 
CAUTION before clicking on links, opening attachments, or responding. (Sender: 
dev-return-28833-JENKIR14=nationwide@tomee.apache.org)


--


Hi All,

This is a first attempt at a vote for a release of Apache TomEE 8.0.10

Maven Repo:
https://repository.apache.org/content/repositories/orgapachetomee-1193/

Binaries & Source:
https://dist.apache.org/repos/dist/dev/tomee/staging_1193-TomEE-8.0.10/

Tags:
https://github.com/apache/tomee/releases/tag/tomee-project-8.0.10

Release notes:

https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12312320&version=12350706

Here are the releases notes
Sub-task

   - [TOMEE-2117 ] -
   Rework ProcessObserverMethod integration
   - [TOMEE-2289 ] -
   MicroProfile OpenAPI Example
   - [TOMEE-2349 ] -
   Ensure each module can generate javadoc jars on release
   - [TOMEE-2350 ] -
   Create a list of existing Javadoc using html
   - [TOMEE-2351 ] -
   MicroProfile OpenTracing Example for Distributed Microservices
   - [TOMEE-2358 ] -
   MicroProfile JWT rest-mp-jwt-claim Example

Bug

   - [TOMEE-2169 ] -
   Interceptor Bean injection does not work for EJBs
   - [TOMEE-2270 ] -
   Java11: Unable to initialize agent with embedded-maven-plugin
   - [TOMEE-2403 ] -
   AutoConnectionTrackerTest fails randomly
   - [TOMEE-2427 ] -
   Align text above the pictures
   - [TOMEE-2800 ] -
   Issue : Unable to run EJB test cases for upgradation in current project
   with Java 1.8 and WebLogic version 12.2.1.4 along with 
openejb.cxf.version
   7.0.1 / openejb.cxf.version 8 jar.
   - [TOMEE-2941 ] -
   Regression: A connection factory created with TransactionSupport of 
"none"
   only sending message when transaction completes
   - [TOMEE-3777 ] -
   
   org.apache.openjpa.persistence.ArgumentException: The persistence 
provider
   is attempting to use properties in the persistence.xml file to resolve 
the
   data source ...
   - [TOMEE-3816 ] -
   Return "this" on stateless EJB method looses container transaction
   management
   - [TOMEE-3823 ] -
   TomEE and Java 17 compatibility issue with Windows Service Tooling
   - [TOMEE-3825 ] -
   TomEE Maven Plugin does not wait for container startup, if "checkStarted"
   is set to true
   - [TOMEE-3832 ] -
   JAX-RS TomEEJsonbProvider not registered in tomee-embedded-maven-plugin
   when MicroProfile is present

New Feature

   - [TOMEE-2306 ] - New
   Java EE Schemas for Java EE Deployment Descriptors
   - [TOMEE-2584 ] - Java
   11 compliancy
   - [TOMEE-2706 ] - New
   TomEE Embedded Bootstrap

Improvement

   - [TOMEE-1618 ] -
   Replace three register maps in Container in favour of one
   - [TOMEE-2277 ] -
   Java11: module name for TomEE
   - [TOMEE-2425 ] -
   Generate TomEE-Cluster.html page
   - [TOMEE-2519 ] - MP
   JWT Logging Improvements
   - [TOMEE-2847 ] -
   Patch key `jakarta` namespace support
   - [TOMEE-2949 ] -
   Match TomEE tar and zip file syntax with extrac

Re: Re: Java 17 and Tomee Containers

[Jenkins, Rodney J (Rod)]

Hello,

I have created the PR for the OpenJDK.

https://github.com/tomitribe/docker-tomee/pull/59

I would encourage folks to test this new build.

If the community decides they want OpenJDK,  approve the request and I will 
update the official images in dockerhub.

Thank you,
Rod.


On 1/24/22, 11:32 AM, "Jenkins, Rodney J (Rod)"  
wrote:

Nationwide Information Security Warning: This is an EXTERNAL email. Use 
CAUTION before clicking on links, opening attachments, or responding. (Sender: 
dev-return-28786-JENKIR14=nationwide@tomee.apache.org)


--


Hello,

If we use Temurin, I would recommend the tag 17-jre-focal.  That uses 
Ubuntu for an OS, very slight change in OS.

If we decide on OpenJDK, I would recommend the tag 17-jdk-bullseye.  
Currently, we are using 11-jre.  11-jre is Debian Bullseye.  We would be 
consistent with the OS

I would recommend 17-jdk-bullseye.  It keeps us more constant with the OS, 
even though it is larger than a jre.  I am going to move down this path unless 
anyone objects.

Do we need a vote for something like this?

Thank you,
Rod Jenkins


On 1/14/22, 10:49 AM, "Anbu Sampath"  wrote:

Nationwide Information Security Warning: This is an EXTERNAL email. Use 
CAUTION before clicking on links, opening attachments, or responding. (Sender: 
dev-return-28764-JENKIR14=nationwide@tomee.apache.org)


--


Hi All,

Eclipse Temurin started producing JRE, I guess TomEE can use it for 
Java 17.

https://blog.adoptium.net/2021/12/eclipse-temurin-jres-are-back/

Regards
Anbu


On Thu, 13 Jan, 2022, 03:49 Jean-Louis Monteiro, 

wrote:

> No, I was referring to what Rod was proposing.
>
> Checkout the following https://adoptium.net/
> Eclipse OpenJ9 is discontinued because IBM is taking over with IBM 
Semeru.
>
> Adoptium and Eclipse Temurin aim at producing AdoptOpenJDK 
distributions.
>
> --
> Jean-Louis Monteiro
> http://twitter.com/jlouismonteiro
> http://www.tomitribe.com
>
>
> On Wed, Jan 12, 2022 at 10:52 PM Alex The Rocker 

> wrote:
>
> > Hello Jean-Louis,
> >
> > Not sure what you mean by "Eclipse JRE", but maybe it's IBM Semeru
> > Runtimes JRE, which is based on Eclipse OpenJ9 (IBM Semer open 
edition
> > was previously branded as "AdoptOpenJDK OpenJ9").
> >
> > That's what we use both our our container & VM based services
> >
> > Hope it helps,
> >
> > Alex
> >
> > Le mer. 12 janv. 2022 à 22:05, Jean-Louis Monteiro
> >  a écrit :
> > >
> > > Hi Rod,
> > >
> > > We can try the Eclipse JRE, at least for our own knowledge.
> > > For the Docker images, I'd probably go with OpenJDK for 
consistency in
> > > behavior even though it's bigger than JRE
> > > --
> > > Jean-Louis Monteiro
> > > http://twitter.com/jlouismonteiro
> > > http://www.tomitribe.com
> > >
> > >
> > > On Wed, Jan 12, 2022 at 7:12 PM Jenkins, Rodney J (Rod) <
> > > jenki...@nationwide.com> wrote:
> > >
> > > > Hello all,
> > > >
> > > > I am working on the Java17 TomEE containers.  The other TomEE 8
> > containers
> > > > use 11-jre or 8-jre tags from OpenJDK.  However, OpenJDK did not
> > release a
> > > > jre for 17.  All I see is 17-jdk.
> > > >
> > > > I think we need a discussion on what we want to do.  Here are a
> couple
> > > > options:
> > > >
> > > >
> > > >   1.  Use OpenJDK 17-jdk
> > > >   2.  Use Eclipse Temurin 17-jre
> > > >
> > > > I am going to test with option #2.  If anyone would like to 
throw out
> > > > other options, that would be great.
> > > >
> > > > Thank you,
> > > > Rod Jenkins
> > > >
> >
>

Re: Java 17 and Tomee Containers

[Jenkins, Rodney J (Rod)]

Hello,

If we use Temurin, I would recommend the tag 17-jre-focal.  That uses Ubuntu 
for an OS, very slight change in OS.

If we decide on OpenJDK, I would recommend the tag 17-jdk-bullseye.  Currently, 
we are using 11-jre.  11-jre is Debian Bullseye.  We would be consistent with 
the OS

I would recommend 17-jdk-bullseye.  It keeps us more constant with the OS, even 
though it is larger than a jre.  I am going to move down this path unless 
anyone objects.

Do we need a vote for something like this?

Thank you,
Rod Jenkins


On 1/14/22, 10:49 AM, "Anbu Sampath"  wrote:

Nationwide Information Security Warning: This is an EXTERNAL email. Use 
CAUTION before clicking on links, opening attachments, or responding. (Sender: 
dev-return-28764-JENKIR14=nationwide@tomee.apache.org)


--


Hi All,

Eclipse Temurin started producing JRE, I guess TomEE can use it for Java 17.

https://blog.adoptium.net/2021/12/eclipse-temurin-jres-are-back/

Regards
Anbu


On Thu, 13 Jan, 2022, 03:49 Jean-Louis Monteiro, 
wrote:

> No, I was referring to what Rod was proposing.
>
> Checkout the following https://adoptium.net/
> Eclipse OpenJ9 is discontinued because IBM is taking over with IBM Semeru.
>
> Adoptium and Eclipse Temurin aim at producing AdoptOpenJDK distributions.
>
> --
> Jean-Louis Monteiro
> http://twitter.com/jlouismonteiro
> http://www.tomitribe.com
>
>
> On Wed, Jan 12, 2022 at 10:52 PM Alex The Rocker 
> wrote:
>
> > Hello Jean-Louis,
> >
> > Not sure what you mean by "Eclipse JRE", but maybe it's IBM Semeru
> > Runtimes JRE, which is based on Eclipse OpenJ9 (IBM Semer open edition
> > was previously branded as "AdoptOpenJDK OpenJ9").
> >
> > That's what we use both our our container & VM based services
> >
> > Hope it helps,
> >
> > Alex
> >
> > Le mer. 12 janv. 2022 à 22:05, Jean-Louis Monteiro
> >  a écrit :
> > >
> > > Hi Rod,
> > >
> > > We can try the Eclipse JRE, at least for our own knowledge.
> > > For the Docker images, I'd probably go with OpenJDK for consistency in
> > > behavior even though it's bigger than JRE
> > > --
> > > Jean-Louis Monteiro
> > > http://twitter.com/jlouismonteiro
> > > http://www.tomitribe.com
> > >
> > >
> > > On Wed, Jan 12, 2022 at 7:12 PM Jenkins, Rodney J (Rod) <
> > > jenki...@nationwide.com> wrote:
> > >
> > > > Hello all,
> > > >
> > > > I am working on the Java17 TomEE containers.  The other TomEE 8
> > containers
> > > > use 11-jre or 8-jre tags from OpenJDK.  However, OpenJDK did not
> > release a
> > > > jre for 17.  All I see is 17-jdk.
> > > >
> > > > I think we need a discussion on what we want to do.  Here are a
> couple
> > > > options:
> > > >
> > > >
> > > >   1.  Use OpenJDK 17-jdk
> > > >   2.  Use Eclipse Temurin 17-jre
> > > >
> > > > I am going to test with option #2.  If anyone would like to throw 
out
> > > > other options, that would be great.
> > > >
> > > > Thank you,
> > > > Rod Jenkins
> > > >
> >
>

Re: Re: TomEE Docker image support for arm64?

[Jenkins, Rodney J (Rod)]

Hello,

I would vote in favor of supporting arm64.  The question for me is how deep do 
we go?  I propose 8 and 9 with java support for 8, 11, and 17.

I will get a branch created so that you can pull it down and test. 

Thank you,
Rod.


On 1/24/22, 9:17 AM, "Memo Díaz Solis"  wrote:

Nationwide Information Security Warning: This is an EXTERNAL email. Use 
CAUTION before clicking on links, opening attachments, or responding. (Sender: 
dev-return-28784-JENKIR14=nationwide@tomee.apache.org)


--


If the community agrees on adding support for arm64 then I can test it if
you don't mind.

El jue, 20 ene 2022 a las 14:24, Jenkins, Rodney J (Rod) (<
jenki...@nationwide.com>) escribió:

> Hello,
>
> If the community would like an arm64 build, I would be happy to create
> it.  I do not have the ability to test it.
>
> If we decided on this course, what images do we want to create?   I would
> assume 8.x and 9.x.  Would we want to create versions for Java 8, 11, and
> 17?  (I would have to look to see what is available.)
>
>
> Thanks,
> Rod.
>
>
> On 1/17/22, 4:39 PM, "Cesar Hernandez"  wrote:
>
> Nationwide Information Security Warning: This is an EXTERNAL email.
> Use CAUTION before clicking on links, opening attachments, or responding.
> (Sender: dev-return-28775-JENKIR14=nationwide@tomee.apache.org)
>
>
> 
--
>
>
> Hello,
>
> I saw Gillermo finding about running TomEE docker image on macs with 
M1
> architecture (arm64)
> https://github.com/tomitribe/docker-tomee/issues/58
>
> I created https://issues.apache.org/jira/browse/TOMEE-3827 to follow
> up
> this topic since it seems there is a workaround [1] but ultimately I
> would
> like to know what do you think on adding support for arm64, it seems
> Tomcat
> already is doing this and our base image (openjdk:8-jre) already has
> support for it [2]
>
>
>
>
> [1] https://docs.docker.com/desktop/mac/apple-silicon/
> [2] https://hub.docker.com/r/arm64v8/openjdk/
> --
> Atentamente:
> César Hernández.
>
>

Re: TomEE Docker image support for arm64?

[Jenkins, Rodney J (Rod)]

Hello,

If the community would like an arm64 build, I would be happy to create it.  I 
do not have the ability to test it.

If we decided on this course, what images do we want to create?   I would 
assume 8.x and 9.x.  Would we want to create versions for Java 8, 11, and 17?  
(I would have to look to see what is available.)


Thanks,
Rod.


On 1/17/22, 4:39 PM, "Cesar Hernandez"  wrote:

Nationwide Information Security Warning: This is an EXTERNAL email. Use 
CAUTION before clicking on links, opening attachments, or responding. (Sender: 
dev-return-28775-JENKIR14=nationwide@tomee.apache.org)


--


Hello,

I saw Gillermo finding about running TomEE docker image on macs with M1
architecture (arm64)
https://github.com/tomitribe/docker-tomee/issues/58

I created https://issues.apache.org/jira/browse/TOMEE-3827 to follow up
this topic since it seems there is a workaround [1] but ultimately I would
like to know what do you think on adding support for arm64, it seems Tomcat
already is doing this and our base image (openjdk:8-jre) already has
support for it [2]




[1] https://docs.docker.com/desktop/mac/apple-silicon/
[2] https://hub.docker.com/r/arm64v8/openjdk/
-- 
Atentamente:
César Hernández.

Java 17 and Tomee Containers

[Jenkins, Rodney J (Rod)]

Hello all,

I am working on the Java17 TomEE containers.  The other TomEE 8 containers use 
11-jre or 8-jre tags from OpenJDK.  However, OpenJDK did not release a jre for 
17.  All I see is 17-jdk.

I think we need a discussion on what we want to do.  Here are a couple options:


  1.  Use OpenJDK 17-jdk
  2.  Use Eclipse Temurin 17-jre

I am going to test with option #2.  If anyone would like to throw out other 
options, that would be great.

Thank you,
Rod Jenkins

Re: Re: Apache TomEE 8.0.9 now available

[Jenkins, Rodney J (Rod)]

The Pull Request has been opened

https://github.com/tomitribe/docker-tomee/pull/57

I have the rights to approve the PR, but I think someone should review it to 
make sure I did not break anything, lol.

Thanks,
Rod


On 1/10/22, 11:54 AM, "Jean-Louis Monteiro"  wrote:

Nationwide Information Security Warning: This is an EXTERNAL email. Use 
CAUTION before clicking on links, opening attachments, or responding. (Sender: 
users-return-27988-JENKIR14=nationwide@tomee.apache.org)


--


Thanks Rod

Le lun. 10 janv. 2022 à 16:51, Jenkins, Rodney J (Rod) <
jenki...@nationwide.com> a écrit :

> I will get on updating the Docker images.
>
> Rod.
>
>
> On 1/10/22, 6:01 AM, "Jean-Louis Monteiro" 
> wrote:
>
> Nationwide Information Security Warning: This is an EXTERNAL email.
> Use CAUTION before clicking on links, opening attachments, or responding.
> (Sender: dev-return-28749-JENKIR14=nationwide@tomee.apache.org)
>
>
> 
--
>
>
> The Apache TomEE team is pleased to announce the availability of 
Apache
> TomEE 8.0.9
>
> It contains several bug fixes, enhancements and dependency upgrades.
> Notably, Apache TomEE 8.0.9 can now be run with Java 17.
>
> In addition, it provides an upgrade of Geronimo Java Mail, which now
> allows
> configuring TLS/SSL protocol version as well as TLS/SSL ciphers for a
> given
> mail session.
>
> Thank you to everyone who contributed to this release, including all
> of our
> users and the people who submitted bug reports, contributed code or
> documentation changes in this release.
>
>
> Download:
>
>  - https://tomee.apache.org/download.html
>
> Release notes:
>
>  - https://tomee.apache.org/8.0.9/release-notes.html
>
> - The Apache TomEE team.
>
>

Re: Apache TomEE 8.0.9 now available

[Jenkins, Rodney J (Rod)]

I will get on updating the Docker images.

Rod.


On 1/10/22, 6:01 AM, "Jean-Louis Monteiro"  wrote:

Nationwide Information Security Warning: This is an EXTERNAL email. Use 
CAUTION before clicking on links, opening attachments, or responding. (Sender: 
dev-return-28749-JENKIR14=nationwide@tomee.apache.org)


--


The Apache TomEE team is pleased to announce the availability of Apache
TomEE 8.0.9

It contains several bug fixes, enhancements and dependency upgrades.
Notably, Apache TomEE 8.0.9 can now be run with Java 17.

In addition, it provides an upgrade of Geronimo Java Mail, which now allows
configuring TLS/SSL protocol version as well as TLS/SSL ciphers for a given
mail session.

Thank you to everyone who contributed to this release, including all of our
users and the people who submitted bug reports, contributed code or
documentation changes in this release.


Download:

 - https://tomee.apache.org/download.html

Release notes:

 - https://tomee.apache.org/8.0.9/release-notes.html

- The Apache TomEE team.

Java 17

[Jenkins, Rodney J (Rod)]

All,

Just as an FYI there is a discussion on Github about Java 17.  Seems we have a 
bit of demand for it.  If I have read the emails correctly, we need to wait 
until 8.0.9 for Java 17.  Is that correct?

The conversation can be found here:  
https://github.com/tomitribe/docker-tomee/issues/56

I have started on the Docker images, so I should be ready when we want to 
release.

Thanks,
Rod.

Re: [RESULT][VOTE] Apache TomEE 8.0.8

[Jenkins, Rodney J (Rod)]

All,

Dockerhub just approved the Docker images for the new TomEE 8.0.8 and, for the 
1st time 9.0.0-M7.

Thanks,
Rod.

On 9/20/21, 4:44 AM, "Jonathan Gallimore"  wrote:

Nationwide Information Security Warning: This is an EXTERNAL email. Use 
CAUTION before clicking on links, opening attachments, or responding. (Sender: 
dev-return-28641-JENKIR14=nationwide@tomee.apache.org)


--


That's merged - thanks Rod!

Jon

On Sat, Sep 18, 2021 at 5:40 PM Jenkins, Rodney J (Rod) <
jenki...@nationwide.com> wrote:

> Jon.
>
> One more (final maybe) PR the needs to be approved.  I had to make some
> changes that Dockerhub wanted.
>
> Thanks,
> Rod.
>
>
> On 9/16/21, 6:05 AM, "Jonathan Gallimore" 
> wrote:
>
> Nationwide Information Security Warning: This is an EXTERNAL email.
> Use CAUTION before clicking on links, opening attachments, or responding.
> (Sender: dev-return-28625-JENKIR14=nationwide@tomee.apache.org)
>
>
> 
--
>
>
> Hi Rod
>
> That's merged. I know David is out at the moment, but we'll get him to
> add
    >     his key as soon as possible.
>
> Jon
>
> On Thu, Sep 16, 2021 at 2:53 AM Jenkins, Rodney J (Rod) <
> jenki...@nationwide.com> wrote:
>
> > Jon,
> >
> > The DockerHub folks did not like me removing the keys, so I added
> them
> > back.  However, they also provided a different server to pull them
> from
> > which is far more stable.  So, I have a new PR that needs to be
> approved.
> >
> > However, that leads to two additional problems:
> >
> > 1) Richard's key is missing " Key fingerprint =" in front of his key
> in
> > the KEYS file.  I had to add that manually.
> >
> > 2) David's key he used for TomEE 9.0 is not in the public key
> servers.
> >
> > The first is a minor issue, the second will become  show stopper for
> a 9
> > full release.  I am not even sure they will 9.0.0-M7 without the
> key.  We
> > will see.
> >
> >
> > Please approve this PR:
> > https://github.com/tomitribe/docker-tomee/pull/53
> >
> > Thanks,
> > Rod.
> >
> >
> >
> > On 9/15/21, 9:46 AM, "Jonathan Gallimore" <
> jonathan.gallim...@gmail.com>
> > wrote:
> >
> > Nationwide Information Security Warning: This is an EXTERNAL
> email.
> > Use CAUTION before clicking on links, opening attachments, or
> responding.
> > (Sender: dev-return-28621-JENKIR14=nationwide@tomee.apache.org)
> >
> >
> >
> 
--
> >
> >
> > That's merged, thanks Rod!
> >
> > On Tue, Sep 14, 2021 at 11:04 PM Jenkins, Rodney J (Rod) <
> > jenki...@nationwide.com> wrote:
> >
> > > All,
> > >
> > > I have posed 8.0.8 to tomitribe/docker-tomee
> > >
> > > A few notes about this release..
> > >
> > > 1) I had to move away from the keys.  I just could not get
> them to
> > test.
> > > We are now verifying with the sha512 file.
> > >
> > > 2) Can we please be consistent on how we produce the sha512
> files?
> > >
> > > 8.0.6 file looks like this:
> > >
> >
> 
3e8fcaf50362169808f1dd09bcf844c642c2251a3a725c58100066500aa482d4c23a3c027c52178dc6a92b648f75b53106a9efdffc6e39918c7fa2e86c058bf7
> > > 8.0.8 looks like:
> > >
> >
> 
5a54e24400211f6ef6e48415713996fd5e89da1d5ad29f0e12202b685821245a9d600b4f0ad30539a479a8a8129fad9f7cfb2f3c8232178c42a39e2b9a84a5dd
> > > apache-tomee-8.0.8-plume.tar.gz
> > >
> > > I do not really have a preference.  My only preference is we 
be
 

Re: [RESULT][VOTE] Apache TomEE 8.0.8

[Jenkins, Rodney J (Rod)]

Jon.

One more (final maybe) PR the needs to be approved.  I had to make some changes 
that Dockerhub wanted.

Thanks,
Rod.


On 9/16/21, 6:05 AM, "Jonathan Gallimore"  wrote:

Nationwide Information Security Warning: This is an EXTERNAL email. Use 
CAUTION before clicking on links, opening attachments, or responding. (Sender: 
dev-return-28625-JENKIR14=nationwide@tomee.apache.org)


--


Hi Rod

That's merged. I know David is out at the moment, but we'll get him to add
his key as soon as possible.

Jon

On Thu, Sep 16, 2021 at 2:53 AM Jenkins, Rodney J (Rod) <
jenki...@nationwide.com> wrote:

> Jon,
>
> The DockerHub folks did not like me removing the keys, so I added them
> back.  However, they also provided a different server to pull them from
> which is far more stable.  So, I have a new PR that needs to be approved.
>
> However, that leads to two additional problems:
>
> 1) Richard's key is missing " Key fingerprint =" in front of his key in
> the KEYS file.  I had to add that manually.
>
> 2) David's key he used for TomEE 9.0 is not in the public key servers.
>
> The first is a minor issue, the second will become  show stopper for a 9
> full release.  I am not even sure they will 9.0.0-M7 without the key.  We
> will see.
>
>
> Please approve this PR:
> https://github.com/tomitribe/docker-tomee/pull/53
>
> Thanks,
> Rod.
>
>
>
> On 9/15/21, 9:46 AM, "Jonathan Gallimore" 
> wrote:
>
> Nationwide Information Security Warning: This is an EXTERNAL email.
> Use CAUTION before clicking on links, opening attachments, or responding.
> (Sender: dev-return-28621-JENKIR14=nationwide@tomee.apache.org)
>
>
> 
--------------
>
>
> That's merged, thanks Rod!
>
> On Tue, Sep 14, 2021 at 11:04 PM Jenkins, Rodney J (Rod) <
> jenki...@nationwide.com> wrote:
>
> > All,
> >
> > I have posed 8.0.8 to tomitribe/docker-tomee
> >
> > A few notes about this release..
> >
> > 1) I had to move away from the keys.  I just could not get them to
> test.
> > We are now verifying with the sha512 file.
> >
> > 2) Can we please be consistent on how we produce the sha512 files?
> >
> > 8.0.6 file looks like this:
> >
> 
3e8fcaf50362169808f1dd09bcf844c642c2251a3a725c58100066500aa482d4c23a3c027c52178dc6a92b648f75b53106a9efdffc6e39918c7fa2e86c058bf7
> > 8.0.8 looks like:
> >
> 
5a54e24400211f6ef6e48415713996fd5e89da1d5ad29f0e12202b685821245a9d600b4f0ad30539a479a8a8129fad9f7cfb2f3c8232178c42a39e2b9a84a5dd
> > apache-tomee-8.0.8-plume.tar.gz
> >
> > I do not really have a preference.  My only preference is we be
> consistent
> > on how we release these file.  If these change, then I have to alter
> the
> > Dockerfiles on each release.  Also, can we be consistent across
> versions.
> > 9.0.0-M7 follows the same convention as 8.0.6.
> >
>     >
> > Jon,
> > Can you have a look at the PR,
> > https://github.com/tomitribe/docker-tomee/pull/52.  When that gets
> > approved, I will get the official images repo updated.
> >
> >
> > Thanks,
> > Rod Jenkins
> >
> > On 9/13/21, 8:54 AM, "Jenkins, Rodney J (Rod)" <
> jenki...@nationwide.com>
> > wrote:
> >
> >
> > Thomas,
> >
> > I will get started on the Docker images later today.  I should
> have
> > the PR to the docker repos by tonight.  Then we have to go through
> the PRs
> > for the Docker Hub repo.
> >
> > Thanks,
> > Rod.
> >
> >
> > On 9/13/21, 6:32 AM, "Thomas Andraschko" <
> andraschko.tho...@gmail.com>
> > wrote:
> >
> >
> > Thanks :)
> >
> > is there also a way to update the docker images?
> >
> > Am Mo., 13. Sept. 2021 u

Re: TomEE KEYS update

[Jenkins, Rodney J (Rod)]

David,

Thank you for the insights and explanation!

I completely understand the technical debt and the challenge of making this 
better during a release.  I would like to jump in and see where I can help.  My 
problem is I am not a java developer.  What I am good it is automating tasks, 
if I can be taught to execute them.

The big ask is:  Would anyone want to take the time with me to educate me on 
what has to happen for a release (not during a release)?  I am thinking that we 
could set up a dummy repo that has some simple small java code in it to be a 
dummy TomEE release candidate.  Create some dummy destinations that mimic where 
the artifacts must be placed.  Once I understand the process, I can see about 
making it repeatable.

Personally, I would like to see it done in a way that someone with lesser 
skills (like, but not necessarily,  me) does releases.  The way I see it now is 
the heavy hitters do the releases.  I think their time would be better spent on 
the technical debt, bugs, etc.  Maybe we could find a small few that would be 
wiling the be release specialists.  I know some where I work that MAY be 
interested.  If someone would teach me, I would teach them.

Thanks,
Rod.

On 9/17/21, 12:05 PM, "David Blevins"  wrote:

> On Sep 17, 2021, at 9:39 AM, Jenkins, Rodney J (Rod) 
 wrote:
> 
> David,
> 
> <<<
>I think it's more that we're all using different commands/scripts to 
create those files and getting slightly different output.
>>>> 
> 
> Are we open to using some automation?  It would seem to me that there is 
plenty of tools we could leverage to automate the release.  I have not been 
around here all that long as compared to many of you, so this was probably 
discussed before.  I am open to working on that, if we are interested.

The primary trick to that is Apache does not have any concept of shared 
credentials or users.  Everything has to be executed as a committer using their 
personal credentials.  So that basically means we can't do releases from say a 
shared build box like a Jenkins or Buildbot install hosted at Apache or 
anywhere.

In our early days I put a lot of work into creating tooling we can all use 
to hopefully make the task of releasing easier / less time consuming.  It would 
use the credentials on your machine to move the binaries from Nexus into the 
Apache staging area (which is svn), generate release notes, update the download 
page, start the vote thread, etc.

I likely went overboard or it wasn't really user-friendly or documented 
enough as when I stopped doing releases, those tools stopped getting used and 
everything was done manually, we lost things like release notes and the 
documentation stopped getting used and updated.  These days people figure it 
out for themselves as there is no up-to-date documentation to help them.

If we could get back to a place where we are sharing the scripts & commands 
we use to do releases and documenting the process, that'd be really great.

The trick is there is there's so much technical debt piled up in the 
docs/tools that it's really too much to tackle while doing a release.


-David

Re: TomEE KEYS update

[Jenkins, Rodney J (Rod)]

David,

<<<
I think it's more that we're all using different commands/scripts to create 
those files and getting slightly different output.
>>>

Are we open to using some automation?  It would seem to me that there is plenty 
of tools we could leverage to automate the release.  I have not been around 
here all that long as compared to many of you, so this was probably discussed 
before.  I am open to working on that, if we are interested.

Thanks,
Rod.

On 9/16/21, 6:40 PM, "David Blevins"  wrote:

Nationwide Information Security Warning: This is an EXTERNAL email. Use 
CAUTION before clicking on links, opening attachments, or responding. (Sender: 
dev-return-28635-JENKIR14=nationwide@tomee.apache.org)


--


> On Sep 16, 2021, at 2:49 PM, Jean-Louis Monteiro 
 wrote:
> 
> Unless I'm mistaken I got 8.0.8 signing based on new apache guidelines.
> Sha512 is now recommended or required can't recall. So not surprised 
tomcat
> is doing the same

I think it's more that we're all using different commands/scripts to create 
those files and getting slightly different output.

I created a command in our release tools project to push binaries into 
dist.apache.org and it will create the sha256 and sha512 files in the process.  
Maybe we can all use it instead of our personal scripts?

 - 
https://github.com/apache/tomee-release-tools/blob/master/src/main/java/org/apache/openejb/tools/release/cmd/Dist.java#L63-L153

If we want to update the sha files so it has the file name in it, that's 
cool with me.


    -David


> 
> Le jeu. 16 sept. 2021 à 20:54, Jenkins, Rodney J (Rod) <
> jenki...@nationwide.com> a écrit :
> 
>> David,
>> 
>> From an earlier email:
>> 
>> .
>> 
>> 2) Can we please be consistent on how we produce the sha512 files?
>> 
>> 8.0.6 file looks like this:
>> 
3e8fcaf50362169808f1dd09bcf844c642c2251a3a725c58100066500aa482d4c23a3c027c52178dc6a92b648f75b53106a9efdffc6e39918c7fa2e86c058bf7
>> 8.0.8 looks like:
>> 
5a54e24400211f6ef6e48415713996fd5e89da1d5ad29f0e12202b685821245a9d600b4f0ad30539a479a8a8129fad9f7cfb2f3c8232178c42a39e2b9a84a5dd
>> apache-tomee-8.0.8-plume.tar.gz
>> 
>> 9.0 follows the 8.0.6 convention.  If pushed, I would prefer the 8.0.8
>> convention.  It matches how Tomcat does it.  However, I can make either
>> work.
>> 
>> Thanks,
>> Rod.
>> 
>> 
>> On 9/16/21, 1:31 PM, "David Blevins"  wrote:
>> 
>>> On Sep 16, 2021, at 1:10 PM, Jenkins, Rodney J (Rod) <
>> jenki...@nationwide.com> wrote:
>>> 
>>> David,
>>> 
>>> WOW, you’re a genius!!
>>> 
>>> This worked well and makes the Docerfiles clean.  For the record, I
>> dislike awk.  What you had is exactly I would have done it if I 
understood
>> gpg better.
>> 
>>Stackoverflow to the rescue :)  I knew fingerprints are usually some
>> kind of sha of the public key, so I figured there had to be a way to
    >> calculate it and went looking.
>> 
>>> Now, if we can get consistent on the sha512 files, lol.
>> 
>>What's the challenge there?  Are we missing them on occasion?
>> 
>> 
>>-David
>> 
>>> On 9/16/21, 11:55 AM, "David Blevins" 
>> wrote:
>>> 
>>>> On Sep 16, 2021, at 11:03 AM, Jenkins, Rodney J (Rod) <
>> jenki...@nationwide.com> wrote:
>>>> 
>>>> Hello David,
>>>> 
>>>> Thank you for the response.  I think I understand the
>> issue..
>>>> 
>>>> The script parses the KEYS file as such:
>>>> for key in `curl -fsSL 'https://www.apache.org/dist/tomee/KEYS' |
>> awk -F ' = ' '$1 ~ /^ +Key fingerprint$/ { gsub(" ", "", $2); print $2 
}' |
>> sort -u`; do \
>>>> 
>>>> The key you used that starts with 626C does not have the line "Key
>> fingerprint = 626C..."
>>>> 
>>>> Your output gave me the fingerprint I needed I added it to the
>> Dockerfile manually and it was found in the key servers.  Jean-Louis is 
in
>> a similar boat.  His finger print is there it is missing " Key 
fingerprint
>> =" in front of

Re: TomEE KEYS update

[Jenkins, Rodney J (Rod)]

David, 

From an earlier email:

.

2) Can we please be consistent on how we produce the sha512 files?  

8.0.6 file looks like this:  
3e8fcaf50362169808f1dd09bcf844c642c2251a3a725c58100066500aa482d4c23a3c027c52178dc6a92b648f75b53106a9efdffc6e39918c7fa2e86c058bf7
8.0.8 looks like:  
5a54e24400211f6ef6e48415713996fd5e89da1d5ad29f0e12202b685821245a9d600b4f0ad30539a479a8a8129fad9f7cfb2f3c8232178c42a39e2b9a84a5dd
  apache-tomee-8.0.8-plume.tar.gz

9.0 follows the 8.0.6 convention.  If pushed, I would prefer the 8.0.8 
convention.  It matches how Tomcat does it.  However, I can make either work.

Thanks,
Rod.


On 9/16/21, 1:31 PM, "David Blevins"  wrote:

> On Sep 16, 2021, at 1:10 PM, Jenkins, Rodney J (Rod) 
 wrote:
> 
> David,
> 
> WOW, you’re a genius!!
> 
> This worked well and makes the Docerfiles clean.  For the record, I 
dislike awk.  What you had is exactly I would have done it if I understood gpg 
better.

Stackoverflow to the rescue :)  I knew fingerprints are usually some kind 
of sha of the public key, so I figured there had to be a way to calculate it 
and went looking.

> Now, if we can get consistent on the sha512 files, lol.

What's the challenge there?  Are we missing them on occasion?


-David

> On 9/16/21, 11:55 AM, "David Blevins"  wrote:
    > 
    >> On Sep 16, 2021, at 11:03 AM, Jenkins, Rodney J (Rod) 
 wrote:
>> 
>> Hello David,
>> 
>> Thank you for the response.  I think I understand the issue..
>> 
>> The script parses the KEYS file as such:
>> for key in `curl -fsSL 'https://www.apache.org/dist/tomee/KEYS' | awk -F 
' = ' '$1 ~ /^ +Key fingerprint$/ { gsub(" ", "", $2); print $2 }' | sort -u`; 
do \
>> 
>> The key you used that starts with 626C does not have the line "Key 
fingerprint = 626C..."  
>> 
>> Your output gave me the fingerprint I needed I added it to the 
Dockerfile manually and it was found in the key servers.  Jean-Louis is in a 
similar boat.  His finger print is there it is missing " Key fingerprint =" in 
front of it.
> 
>Thanks for the explanation and pointer, Rod!
> 
>I dug and found the loop in question.  Looks like there's a way to get 
gpg to list the keys in a file without importing them and give us more 
consistent output to parse.
> 
>$ cat KEYS | gpg --with-colons --import-options show-only --import
> 
>I never learned awk, but here's a way to parse it:
> 
>for key in $(curl -fsSL 'https://www.apache.org/dist/tomee/KEYS' 
|cat KEYS | gpg --with-colons --import-options show-only --import | grep '^fpr' 
| cut -d : -f 10 ); do 
># do the stuff
>done
> 
>You could probably cook up something fancier with your awk skills :)
> 
> 
>-David
> 
> 

Re: TomEE KEYS update

[Jenkins, Rodney J (Rod)]

David,

WOW, you’re a genius!!

This worked well and makes the Docerfiles clean.  For the record, I dislike 
awk.  What you had is exactly I would have done it if I understood gpg better.

Now, if we can get consistent on the sha512 files, lol.

Thanks,
Rod.

On 9/16/21, 11:55 AM, "David Blevins"  wrote:

> On Sep 16, 2021, at 11:03 AM, Jenkins, Rodney J (Rod) 
 wrote:
> 
> Hello David,
> 
> Thank you for the response.  I think I understand the issue..
> 
> The script parses the KEYS file as such:
> for key in `curl -fsSL 'https://www.apache.org/dist/tomee/KEYS' | awk -F 
' = ' '$1 ~ /^ +Key fingerprint$/ { gsub(" ", "", $2); print $2 }' | sort -u`; 
do \
> 
> The key you used that starts with 626C does not have the line "Key 
fingerprint = 626C..."  
> 
> Your output gave me the fingerprint I needed I added it to the Dockerfile 
manually and it was found in the key servers.  Jean-Louis is in a similar boat. 
 His finger print is there it is missing " Key fingerprint =" in front of it.

Thanks for the explanation and pointer, Rod!

I dug and found the loop in question.  Looks like there's a way to get gpg 
to list the keys in a file without importing them and give us more consistent 
output to parse.

$ cat KEYS | gpg --with-colons --import-options show-only --import

I never learned awk, but here's a way to parse it:

for key in $(curl -fsSL 'https://www.apache.org/dist/tomee/KEYS' |cat 
KEYS | gpg --with-colons --import-options show-only --import | grep '^fpr' | 
cut -d : -f 10 ); do 
# do the stuff
done

You could probably cook up something fancier with your awk skills :)


-David

Re: TomEE KEYS update

[Jenkins, Rodney J (Rod)]

Hello David,

Thank you for the response.  I think I understand the issue..

The script parses the KEYS file as such:
for key in `curl -fsSL 'https://www.apache.org/dist/tomee/KEYS' | awk -F ' = ' 
'$1 ~ /^ +Key fingerprint$/ { gsub(" ", "", $2); print $2 }' | sort -u`; do \

The key you used that starts with 626C does not have the line "Key fingerprint 
= 626C..."  

Your output gave me the fingerprint I needed I added it to the Dockerfile 
manually and it was found in the key servers.  Jean-Louis is in a similar boat. 
 His finger print is there it is missing " Key fingerprint =" in front of it.

I am hoping that makes sense.

Thanks,
Rod.


On 9/16/21, 8:48 AM, "David Blevins"  wrote:

> On Sep 16, 2021, at 2:00 AM, Jean-Louis Monteiro 
 wrote:
> 
> Hi all,
> 
> Rod reported that we are missing some keys for signature checking of the
> binaries.
> David, yours isn't the correct one. So maybe you rotated the key to a new
> one.

Here's the revision where the key was added:

$ svn diff -c 47730 
https://dist.apache.org/repos/dist/release/tomee/KEYS

Here's a script that can verify 9.0.0-M7 in a temp dir starting with an 
empty gpg keys file:

 - https://gist.github.com/dblevins/949096886b293d4aec9af3312c48b4f9

I don't recall what key server I added it to.  It was whatever the Nexus 
install at repository.apache.org required before it would let me close the repo.

If Rod has a specific keys server he likes, I'm happy to add my key there 
as well.

I wrote a command in our release tools repo to make it easier for us to add 
our keys.

 - 
https://github.com/apache/tomee-release-tools/blob/master/src/main/java/org/apache/openejb/tools/release/cmd/Dist.java#L230-L248

We can expand that to also add it to a keys server.  That's something you 
have to do to make Nexus happy anyway, so it'd be a very good addition.


-David

Re: [RESULT][VOTE] Apache TomEE 8.0.8

[Jenkins, Rodney J (Rod)]

Jon,

The DockerHub folks did not like me removing the keys, so I added them back.  
However, they also provided a different server to pull them from which is far 
more stable.  So, I have a new PR that needs to be approved.

However, that leads to two additional problems:

1) Richard's key is missing " Key fingerprint =" in front of his key in the 
KEYS file.  I had to add that manually.

2) David's key he used for TomEE 9.0 is not in the public key servers.

The first is a minor issue, the second will become  show stopper for a 9 full 
release.  I am not even sure they will 9.0.0-M7 without the key.  We will see.


Please approve this PR:
https://github.com/tomitribe/docker-tomee/pull/53

Thanks,
Rod.



On 9/15/21, 9:46 AM, "Jonathan Gallimore"  wrote:

Nationwide Information Security Warning: This is an EXTERNAL email. Use 
CAUTION before clicking on links, opening attachments, or responding. (Sender: 
dev-return-28621-JENKIR14=nationwide@tomee.apache.org)


--


That's merged, thanks Rod!

    On Tue, Sep 14, 2021 at 11:04 PM Jenkins, Rodney J (Rod) <
jenki...@nationwide.com> wrote:

> All,
>
> I have posed 8.0.8 to tomitribe/docker-tomee
>
> A few notes about this release..
>
> 1) I had to move away from the keys.  I just could not get them to test.
> We are now verifying with the sha512 file.
>
> 2) Can we please be consistent on how we produce the sha512 files?
>
> 8.0.6 file looks like this:
> 
3e8fcaf50362169808f1dd09bcf844c642c2251a3a725c58100066500aa482d4c23a3c027c52178dc6a92b648f75b53106a9efdffc6e39918c7fa2e86c058bf7
> 8.0.8 looks like:
> 
5a54e24400211f6ef6e48415713996fd5e89da1d5ad29f0e12202b685821245a9d600b4f0ad30539a479a8a8129fad9f7cfb2f3c8232178c42a39e2b9a84a5dd
> apache-tomee-8.0.8-plume.tar.gz
>
> I do not really have a preference.  My only preference is we be consistent
> on how we release these file.  If these change, then I have to alter the
> Dockerfiles on each release.  Also, can we be consistent across versions.
> 9.0.0-M7 follows the same convention as 8.0.6.
>
>
> Jon,
> Can you have a look at the PR,
> https://github.com/tomitribe/docker-tomee/pull/52.  When that gets
> approved, I will get the official images repo updated.
>
>
> Thanks,
> Rod Jenkins
>
> On 9/13/21, 8:54 AM, "Jenkins, Rodney J (Rod)" 
> wrote:
>
>
> Thomas,
>
> I will get started on the Docker images later today.  I should have
> the PR to the docker repos by tonight.  Then we have to go through the PRs
> for the Docker Hub repo.
>
> Thanks,
> Rod.
>
>
> On 9/13/21, 6:32 AM, "Thomas Andraschko" 
> wrote:
>
>
> Thanks :)
>
> is there also a way to update the docker images?
>
> Am Mo., 13. Sept. 2021 um 13:10 Uhr schrieb Zowalla, Richard <
> richard.zowa...@hs-heilbronn.de>:
>
> > Can confirm. It is available via the mirrors.
> > DL page now contains the links to 8.0.8
> >
> > Thanks to all :)
> >
> > Am Montag, dem 13.09.2021 um 10:14 +0200 schrieb Jean-Louis
> Monteiro:
> > > Should be available soon.
> > > Just pushed
> > > --
> > > Jean-Louis Monteiro
> > > http://twitter.com/jlouismonteiro
> > > http://www.tomitribe.com
> > >
> > >
> > > On Mon, Sep 13, 2021 at 8:51 AM Jean-Louis Monteiro <
> > > jlmonte...@tomitribe.com> wrote:
> > >
> > > > I'll move the dist today.
> > > > Did it on Friday but forgot the SVN CI ...
> > > >
> > > > Le lun. 13 sept. 2021 à 08:11, Zowalla, Richard <
> > > > richard.zowa...@hs-heilbronn.de> a écrit :
> > > >
> > > > > Hi Thomas,
> > > > >
> > > > > looks like it is available via Maven Central but the
> distribution
> > > > > zips
> > > > > / tar.gz are not yet synced to the dl-cdn (+ archive).
> Perhaps an
> > > > > additiona step is needed?
> > > > >
>

Re: [RESULT][VOTE] Apache TomEE 8.0.8

[Jenkins, Rodney J (Rod)]

All,

I have posed 8.0.8 to tomitribe/docker-tomee

A few notes about this release..

1) I had to move away from the keys.  I just could not get them to test.  We 
are now verifying with the sha512 file.

2) Can we please be consistent on how we produce the sha512 files?  

8.0.6 file looks like this:  
3e8fcaf50362169808f1dd09bcf844c642c2251a3a725c58100066500aa482d4c23a3c027c52178dc6a92b648f75b53106a9efdffc6e39918c7fa2e86c058bf7
8.0.8 looks like:  
5a54e24400211f6ef6e48415713996fd5e89da1d5ad29f0e12202b685821245a9d600b4f0ad30539a479a8a8129fad9f7cfb2f3c8232178c42a39e2b9a84a5dd
  apache-tomee-8.0.8-plume.tar.gz

I do not really have a preference.  My only preference is we be consistent on 
how we release these file.  If these change, then I have to alter the 
Dockerfiles on each release.  Also, can we be consistent across versions.  
9.0.0-M7 follows the same convention as 8.0.6.


Jon,
Can you have a look at the PR, 
https://github.com/tomitribe/docker-tomee/pull/52.  When that gets approved, I 
will get the official images repo updated.


Thanks,
Rod Jenkins

On 9/13/21, 8:54 AM, "Jenkins, Rodney J (Rod)"  wrote:


Thomas,

I will get started on the Docker images later today.  I should have the PR 
to the docker repos by tonight.  Then we have to go through the PRs for the 
Docker Hub repo.

Thanks,
Rod.


On 9/13/21, 6:32 AM, "Thomas Andraschko"  
wrote:


Thanks :)

is there also a way to update the docker images?

Am Mo., 13. Sept. 2021 um 13:10 Uhr schrieb Zowalla, Richard <
richard.zowa...@hs-heilbronn.de>:

> Can confirm. It is available via the mirrors.
> DL page now contains the links to 8.0.8
>
> Thanks to all :)
>
> Am Montag, dem 13.09.2021 um 10:14 +0200 schrieb Jean-Louis Monteiro:
> > Should be available soon.
> > Just pushed
> > --
> > Jean-Louis Monteiro
> > http://twitter.com/jlouismonteiro
> > http://www.tomitribe.com
> >
> >
> > On Mon, Sep 13, 2021 at 8:51 AM Jean-Louis Monteiro <
> > jlmonte...@tomitribe.com> wrote:
> >
> > > I'll move the dist today.
> > > Did it on Friday but forgot the SVN CI ...
> > >
> > > Le lun. 13 sept. 2021 à 08:11, Zowalla, Richard <
> > > richard.zowa...@hs-heilbronn.de> a écrit :
> > >
> > > > Hi Thomas,
> > > >
> > > > looks like it is available via Maven Central but the 
distribution
> > > > zips
> > > > / tar.gz are not yet synced to the dl-cdn (+ archive). Perhaps 
an
> > > > additiona step is needed?
> > > >
> > > > The related page update is available as a PR [1], which can be
> > > > merged,
> > > > after the files are available.
> > > >
> > > > Gruss
> > > > Richard
> > > >
> > > >
> > > > [1] https://github.com/apache/tomee-site-generator/pull/29
> > > >
> > > > Am Sonntag, dem 12.09.2021 um 23:19 +0200 schrieb Thomas
> > > > Andraschko:
> > > > > Hi,
> > > > >
> > > > > is the release already done?
> > > > > the download page still shows 8.0.6
> > > > >
> > > > > Am Do., 9. Sept. 2021 um 11:29 Uhr schrieb Jean-Louis Monteiro
> > > > > <
> > > > > jlmonte...@tomitribe.com>:
> > > > >
> > > > > > Hi all,
> > > > > >
> > > > > > Closing the vote now.
> > > > > > Vote passes with 11 +1 and no other vote.
> > > > > >
> > > > > > Richard, Daniel, Luis, Thomas, Alexandre, Martin: +1 (non
> > > > > > binding)
> > > > > > Cesar, Jean-Louis, Mark, Jonathan, David: +1 (binding)
> > > > > >
> > > > > > I'll proceed with the release process.
> > > > > >
> > > > > > Thanks everyone for voting and Richard for helping.
> > > > > >
> > > > > > --
> > > > > > Jean-Louis Monteiro
> > > > > > http://twitter.com/jlouismonteiro
> > >

Re: [RESULT][VOTE] Apache TomEE 8.0.8

[Jenkins, Rodney J (Rod)]

Thomas,

I will get started on the Docker images later today.  I should have the PR to 
the docker repos by tonight.  Then we have to go through the PRs for the Docker 
Hub repo.

Thanks,
Rod.


On 9/13/21, 6:32 AM, "Thomas Andraschko"  wrote:

Nationwide Information Security Warning: This is an EXTERNAL email. Use 
CAUTION before clicking on links, opening attachments, or responding. (Sender: 
dev-return-28616-JENKIR14=nationwide@tomee.apache.org)


--


Thanks :)

is there also a way to update the docker images?

Am Mo., 13. Sept. 2021 um 13:10 Uhr schrieb Zowalla, Richard <
richard.zowa...@hs-heilbronn.de>:

> Can confirm. It is available via the mirrors.
> DL page now contains the links to 8.0.8
>
> Thanks to all :)
>
> Am Montag, dem 13.09.2021 um 10:14 +0200 schrieb Jean-Louis Monteiro:
> > Should be available soon.
> > Just pushed
> > --
> > Jean-Louis Monteiro
> > http://twitter.com/jlouismonteiro
> > http://www.tomitribe.com
> >
> >
> > On Mon, Sep 13, 2021 at 8:51 AM Jean-Louis Monteiro <
> > jlmonte...@tomitribe.com> wrote:
> >
> > > I'll move the dist today.
> > > Did it on Friday but forgot the SVN CI ...
> > >
> > > Le lun. 13 sept. 2021 à 08:11, Zowalla, Richard <
> > > richard.zowa...@hs-heilbronn.de> a écrit :
> > >
> > > > Hi Thomas,
> > > >
> > > > looks like it is available via Maven Central but the distribution
> > > > zips
> > > > / tar.gz are not yet synced to the dl-cdn (+ archive). Perhaps an
> > > > additiona step is needed?
> > > >
> > > > The related page update is available as a PR [1], which can be
> > > > merged,
> > > > after the files are available.
> > > >
> > > > Gruss
> > > > Richard
> > > >
> > > >
> > > > [1] https://github.com/apache/tomee-site-generator/pull/29
> > > >
> > > > Am Sonntag, dem 12.09.2021 um 23:19 +0200 schrieb Thomas
> > > > Andraschko:
> > > > > Hi,
> > > > >
> > > > > is the release already done?
> > > > > the download page still shows 8.0.6
> > > > >
> > > > > Am Do., 9. Sept. 2021 um 11:29 Uhr schrieb Jean-Louis Monteiro
> > > > > <
> > > > > jlmonte...@tomitribe.com>:
> > > > >
> > > > > > Hi all,
> > > > > >
> > > > > > Closing the vote now.
> > > > > > Vote passes with 11 +1 and no other vote.
> > > > > >
> > > > > > Richard, Daniel, Luis, Thomas, Alexandre, Martin: +1 (non
> > > > > > binding)
> > > > > > Cesar, Jean-Louis, Mark, Jonathan, David: +1 (binding)
> > > > > >
> > > > > > I'll proceed with the release process.
> > > > > >
> > > > > > Thanks everyone for voting and Richard for helping.
> > > > > >
> > > > > > --
> > > > > > Jean-Louis Monteiro
> > > > > > http://twitter.com/jlouismonteiro
> > > > > > http://www.tomitribe.com
> > > > > >
> > > > > >
> > > > > > On Wed, Sep 1, 2021 at 3:49 PM Jean-Louis Monteiro <
> > > > > > jlmonte...@tomitribe.com>
> > > > > > wrote:
> > > > > >
> > > > > > > Hi All,
> > > > > > >
> > > > > > > This is a first attempt at a vote for a release of Apache
> > > > > > > TomEE
> > > > > > > 8.0.8.
> > > > > > >
> > > > > > > Maven Repo:
> > > > > > >
> > > >
> https://repository.apache.org/content/repositories/orgapachetomee-1186
> > > > > > > Binaries & Source:
> > > > > > > https://dist.apache.org/repos/dist/dev/tomee/staging-1186/
> > > > > > >
> > > > > > > Tags:
> > > > > > > https://github.com/apache/tomee/tree/tomee-project-8.0.8
> > > > > > >
> > > > > > > Release notes:
> > > > > > >
> > > > > > >
> > > >
> 
https://issues.apache.org/jira/secure/ReleaseNote.jspa?version=12350177&styleName=Html&projectId=12312320
> > > > > > > Here is an adoc generated version (Thanks Richard)
> > > > > > >
> > > > > > > > = Apache TomEE 8.0.8 Release Notes
> > > > > > > > :index-group: Release Notes
> > > > > > > > :jbake-type: page
> > > > > > > > :jbake-status: published
> > > > > > > > == Dependency upgrade
> > > > > > > > [.compact]
> > > > > > > >  - link:
> > > > > > > > https://issues.apache.org/jira/browse/TOMEE-2990[TOMEE-2990]
> > > > > > > > BatchEE 0.6
> > > > > > > >  - link:
> > > > > > > > https://issues.apache.org/jira/browse/TOMEE-3750[TOMEE-3750]
> > > > > > > > BatchEE 1.0.0
> > > > > > > >  - link:
> > > > > > > > https://issues.apache.org/jira/browse/TOMEE-2987[TOMEE-2987]
> > > > > > CXF
> > > > > > > > 3.4.3
> > > > > > > >  - link:
> > > > > > > > https://issues.apache.org/jira/browse/TOMEE-3756[TOMEE-3756]
> > > > > > > > HSQLDB 2.3.4
> > > > > > > >  - link:
> > > > > > > > https://issues.apache.org/jira/browse/TOMEE-3772

New Dockerfiles

[Jenkins, Rodney J (Rod)]

All,

I have created new Dockerfiles.  These new images do some further clean up on 
TomEE 8.  Also, they introduce TomEE 9.0.0-M7 to Docker.  The only real 
difference, from a Docker perspective, between TomEE 8 and 9, 9 uses the SHA512 
signatures instead of the ASC keys.  These can be found here:  
https://github.com/tomitribe/docker-tomee/tree/cleanup

If the community likes these, I will get them added to Dockerhub.  Also, I am 
looking in to additional tags.  I am torn about adding new tags now, or waiting 
until the 9.0 general release.

Thanks,
Rod.

Re: Docker image change requests

[Jenkins, Rodney J (Rod)]

All,

All of the Docker images have been rebuild.  While I have issues using the key 
servers, it does not appear that the automated build process does not.  I will 
look in to this a bit further.

Rod.


From: Jenkins, Rodney J (Rod) 
Date: Wednesday, July 14, 2021 at 12:09 PM
To: dev@tomee.apache.org 
Subject: [EXTERNAL] Re: Docker image change requests
Nationwide Information Security Warning: This is an EXTERNAL email. Use CAUTION 
before clicking on links, opening attachments, or responding. (Sender: 
dev-return-28498-JENKIR14=nationwide@tomee.apache.org)

--


Jon,

I will get started on that.  I will move to SHA512 and should be able to 
release 9.0.

Thanks,
Rod.

From: Jonathan Gallimore 
Date: Wednesday, July 14, 2021 at 11:49 AM
To: dev@tomee.apache.org 
Subject: [EXTERNAL] Re: Docker image change requests
Nationwide Information Security Warning: This is an EXTERNAL email. Use CAUTION 
before clicking on links, opening attachments, or responding. (Sender: 
dev-return-28497-JENKIR14=nationwide@tomee.apache.org)

--


I'm fine with the sha512 change - go for it.


Jon

On Wed, 14 Jul 2021, 15:39 Jenkins, Rodney J (Rod), 
wrote:

> Jon,
>
> Here is a link with more info on the key server issues:
> https://github.com/tomitribe/docker-tomee/pull/47#issuecomment-872093674
>
> I was able to reproduce these.  I have not been able to reliably built an
> image in the last couple weeks.
>
> There is another issue blocking TomEE 9.0.  It looks like there is a
> missing key fingerprint from David’s new keys he uploaded.  See the email
> on this list on 5/29.
>
> In my opinion, it is simpler to use the SHA and seems to be more reliable.
>
> I have a PR request out there to remove the windows files.  David did give
> me access to approve that, but I am assuming that we would prefer someone
> else to approve it.
>
> I will start on a list of new tags to add to the images.
>
> Thanks,
> Rod.
>
>
> From: Jonathan Gallimore 
> Date: Wednesday, July 14, 2021 at 5:07 AM
> To: dev@tomee.apache.org 
> Subject: [EXTERNAL] Re: Docker image change requests
> Nationwide Information Security Warning: This is an EXTERNAL email. Use
> CAUTION before clicking on links, opening attachments, or responding.
> (Sender: dev-return-28494-JENKIR14=nationwide@tomee.apache.org)
>
>
> --
>
>
> Hi Rod,
>
> Can you elaborate on what the keyserver issue is? That sounds like the
> immediate blocker.
>
> We publish SHA512 checksums so I'm fine with using them, although a GPG
> check is also nice.
>
> I'm a +1 on the additional tags, and removing the .exes from the bin
> directory.
>
> Jon
>
> On Fri, Jul 9, 2021 at 7:35 PM Jenkins, Rodney J (Rod) <
> jenki...@nationwide.com> wrote:
>
> > All,
> >
> > There are two requests and one issue at
> > https://github.com/tomitribe/docker-tomee/issues
> >
> > The issue needs to be resolved sooner rather than later.  The base Debian
> > image as a vulnerability in it, we need to rebuild it.  I will get that
> > going.  However, I am concerned with the key server issues.  I would
> like a
> > discussion on moving to the sha512 checksums.
> >
> > Adding additional tags was requested back in 2017.  I like this idea.
> For
> > example we would point the “plus” tag at the latest 8 version on the
> newest
> > jre.  Additional tagging is something we should be doing.
> >
> > Cleanup of the bin directory is an easy fix.  This would make our images
> a
> > bit smaller, which users like.
> >
> > I am happy to make these changes, or have a discussion.
> >
> > Please advise,
> > Rod.
> >
> >
>

Re: Docker image change requests

[Jenkins, Rodney J (Rod)]

Jon,

I will get started on that.  I will move to SHA512 and should be able to 
release 9.0.

Thanks,
Rod.

From: Jonathan Gallimore 
Date: Wednesday, July 14, 2021 at 11:49 AM
To: dev@tomee.apache.org 
Subject: [EXTERNAL] Re: Docker image change requests
Nationwide Information Security Warning: This is an EXTERNAL email. Use CAUTION 
before clicking on links, opening attachments, or responding. (Sender: 
dev-return-28497-JENKIR14=nationwide@tomee.apache.org)

--


I'm fine with the sha512 change - go for it.


Jon

On Wed, 14 Jul 2021, 15:39 Jenkins, Rodney J (Rod), 
wrote:

> Jon,
>
> Here is a link with more info on the key server issues:
> https://github.com/tomitribe/docker-tomee/pull/47#issuecomment-872093674
>
> I was able to reproduce these.  I have not been able to reliably built an
> image in the last couple weeks.
>
> There is another issue blocking TomEE 9.0.  It looks like there is a
> missing key fingerprint from David’s new keys he uploaded.  See the email
> on this list on 5/29.
>
> In my opinion, it is simpler to use the SHA and seems to be more reliable.
>
> I have a PR request out there to remove the windows files.  David did give
> me access to approve that, but I am assuming that we would prefer someone
> else to approve it.
>
> I will start on a list of new tags to add to the images.
>
> Thanks,
> Rod.
>
>
> From: Jonathan Gallimore 
> Date: Wednesday, July 14, 2021 at 5:07 AM
> To: dev@tomee.apache.org 
> Subject: [EXTERNAL] Re: Docker image change requests
> Nationwide Information Security Warning: This is an EXTERNAL email. Use
> CAUTION before clicking on links, opening attachments, or responding.
> (Sender: dev-return-28494-JENKIR14=nationwide@tomee.apache.org)
>
>
> --
>
>
> Hi Rod,
>
> Can you elaborate on what the keyserver issue is? That sounds like the
> immediate blocker.
>
> We publish SHA512 checksums so I'm fine with using them, although a GPG
> check is also nice.
>
> I'm a +1 on the additional tags, and removing the .exes from the bin
> directory.
>
> Jon
>
> On Fri, Jul 9, 2021 at 7:35 PM Jenkins, Rodney J (Rod) <
> jenki...@nationwide.com> wrote:
>
> > All,
> >
> > There are two requests and one issue at
> > https://github.com/tomitribe/docker-tomee/issues
> >
> > The issue needs to be resolved sooner rather than later.  The base Debian
> > image as a vulnerability in it, we need to rebuild it.  I will get that
> > going.  However, I am concerned with the key server issues.  I would
> like a
> > discussion on moving to the sha512 checksums.
> >
> > Adding additional tags was requested back in 2017.  I like this idea.
> For
> > example we would point the “plus” tag at the latest 8 version on the
> newest
> > jre.  Additional tagging is something we should be doing.
> >
> > Cleanup of the bin directory is an easy fix.  This would make our images
> a
> > bit smaller, which users like.
> >
> > I am happy to make these changes, or have a discussion.
> >
> > Please advise,
> > Rod.
> >
> >
>

Re: Docker image change requests

[Jenkins, Rodney J (Rod)]

Jon,

Here is a link with more info on the key server issues:
https://github.com/tomitribe/docker-tomee/pull/47#issuecomment-872093674

I was able to reproduce these.  I have not been able to reliably built an image 
in the last couple weeks.

There is another issue blocking TomEE 9.0.  It looks like there is a missing 
key fingerprint from David’s new keys he uploaded.  See the email on this list 
on 5/29.

In my opinion, it is simpler to use the SHA and seems to be more reliable.

I have a PR request out there to remove the windows files.  David did give me 
access to approve that, but I am assuming that we would prefer someone else to 
approve it.

I will start on a list of new tags to add to the images.

Thanks,
Rod.


From: Jonathan Gallimore 
Date: Wednesday, July 14, 2021 at 5:07 AM
To: dev@tomee.apache.org 
Subject: [EXTERNAL] Re: Docker image change requests
Nationwide Information Security Warning: This is an EXTERNAL email. Use CAUTION 
before clicking on links, opening attachments, or responding. (Sender: 
dev-return-28494-JENKIR14=nationwide@tomee.apache.org)

--


Hi Rod,

Can you elaborate on what the keyserver issue is? That sounds like the
immediate blocker.

We publish SHA512 checksums so I'm fine with using them, although a GPG
check is also nice.

I'm a +1 on the additional tags, and removing the .exes from the bin
directory.

Jon

On Fri, Jul 9, 2021 at 7:35 PM Jenkins, Rodney J (Rod) <
jenki...@nationwide.com> wrote:

> All,
>
> There are two requests and one issue at
> https://github.com/tomitribe/docker-tomee/issues
>
> The issue needs to be resolved sooner rather than later.  The base Debian
> image as a vulnerability in it, we need to rebuild it.  I will get that
> going.  However, I am concerned with the key server issues.  I would like a
> discussion on moving to the sha512 checksums.
>
> Adding additional tags was requested back in 2017.  I like this idea.  For
> example we would point the “plus” tag at the latest 8 version on the newest
> jre.  Additional tagging is something we should be doing.
>
> Cleanup of the bin directory is an easy fix.  This would make our images a
> bit smaller, which users like.
>
> I am happy to make these changes, or have a discussion.
>
> Please advise,
> Rod.
>
>

Docker image change requests

[Jenkins, Rodney J (Rod)]

All,

There are two requests and one issue at 
https://github.com/tomitribe/docker-tomee/issues

The issue needs to be resolved sooner rather than later.  The base Debian image 
as a vulnerability in it, we need to rebuild it.  I will get that going.  
However, I am concerned with the key server issues.  I would like a discussion 
on moving to the sha512 checksums.

Adding additional tags was requested back in 2017.  I like this idea.  For 
example we would point the “plus” tag at the latest 8 version on the newest 
jre.  Additional tagging is something we should be doing.

Cleanup of the bin directory is an easy fix.  This would make our images a bit 
smaller, which users like.

I am happy to make these changes, or have a discussion.

Please advise,
Rod.

Re: Re: Issue with a docker image

[Jenkins, Rodney J (Rod)]

David,

My GH ID is Scriptmonkey.

Any thoughts on the proposed changes?

Thanks,
Rod.


On 7/7/21, 5:08 PM, "David Blevins"  wrote:

> On Jul 7, 2021, at 1:56 PM, Jenkins, Rodney J (Rod) 
 wrote:
> 
> Also, can I get access to close issues on tomitribe/docker-tomee?  There 
is an old issue lingering out there I was going to close.

Send me your github ID and I'll hook you up.


-David

> 
> On 7/1/21, 9:12 PM, "Cesar Hernandez"  wrote:
> 
>Nationwide Information Security Warning: This is an EXTERNAL email. 
Use CAUTION before clicking on links, opening attachments, or responding. 
(Sender: dev-return-28476-JENKIR14=nationwide@tomee.apache.org)
> 
>
--
> 
> 
>Hi Rodney,
> 
>Thank you for the notice. The repo now have github issues enable.
    > 
>El jue, 1 jul 2021 a las 8:42, Jenkins, Rodney J (Rod) (<
>jenki...@nationwide.com>) escribió:
> 
>> Hello all,
>> 
>> Someone was unable to open an issue on
>> https://github.com/tomitribe/docker-tomee.  Two things….
>> 
>> 
>>  1.  Can we allow the creation of issues for that repo?
>>  2.  Can someone look in to it?  I think it is something very simple.
>> 
>> I would look into it, but I am out of the office until next week.  If it
>> is not resolved by then, I will look at it then.
>> 
>> Thanks,
>> Rod.
>> 
>> 
> 
>-- 
>Atentamente:
>César Hernández.
> 

Re: Issue with a docker image

[Jenkins, Rodney J (Rod)]

All,

There seem to be some issues getting responses from the key servers.  I have 
not been able to get them to work consistently.  Therefore, I propose using the 
SHA512 checksums in place of the keys for the docker files.  We have a user 
that is trying a newer version of Java and is having some issues.

I have created a proposed Docker image here:
https://github.com/scriptmonkey/docker-tomee/blob/mv-sha/TomEE-8.0/jre8/plus/Dockerfile

Thoughts?

Also, can I get access to close issues on tomitribe/docker-tomee?  There is an 
old issue lingering out there I was going to close.

Thanks,
Rod.


On 7/1/21, 9:12 PM, "Cesar Hernandez"  wrote:

Nationwide Information Security Warning: This is an EXTERNAL email. Use 
CAUTION before clicking on links, opening attachments, or responding. (Sender: 
dev-return-28476-JENKIR14=nationwide@tomee.apache.org)


--


Hi Rodney,

Thank you for the notice. The repo now have github issues enable.

El jue, 1 jul 2021 a las 8:42, Jenkins, Rodney J (Rod) (<
jenki...@nationwide.com>) escribió:

> Hello all,
>
> Someone was unable to open an issue on
> https://github.com/tomitribe/docker-tomee.  Two things….
>
>
>   1.  Can we allow the creation of issues for that repo?
>   2.  Can someone look in to it?  I think it is something very simple.
>
> I would look into it, but I am out of the office until next week.  If it
> is not resolved by then, I will look at it then.
>
> Thanks,
> Rod.
>
>

-- 
Atentamente:
César Hernández.

Issue with a docker image

[Jenkins, Rodney J (Rod)]

Hello all,

Someone was unable to open an issue on 
https://github.com/tomitribe/docker-tomee.  Two things….


  1.  Can we allow the creation of issues for that repo?
  2.  Can someone look in to it?  I think it is something very simple.

I would look into it, but I am out of the office until next week.  If it is not 
resolved by then, I will look at it then.

Thanks,
Rod.

Re: Keys and ASC files

[Jenkins, Rodney J (Rod)]

David,

I see the issue.  Your new key is missing the key fingerprint.  

The Dockerfile uses the finger print to import they keys.  I am not sure why it 
was written that way.  Maybe we should go a different direction?  I will admit 
gpg is not my strong suit.  I am thinking that I can pull they KEY file and use 
the public keys in there.  Is there any reason to pull them from the key 
servers other than having to parse the KEY file?

Thanks,
Rod.


On 5/28/21, 8:36 PM, "David Blevins"  wrote:

> On May 28, 2021, at 3:23 PM, Jenkins, Rodney J (Rod) 
 wrote:
> 
> David,
> 
> While I was working the Docker images for 9.0.0-M7, I could not use the 
keys file to verify the downloads.  Does the keys file need an update?
> 

Hey Rod!

I used a new key and uploaded it as part of the build.  It should be the 
last public key in the file:

 - https://dist.apache.org/repos/dist/release/tomee/KEYS

If it doesn't work, I'll try myself Tuesday.


-David

Keys and ASC files

[Jenkins, Rodney J (Rod)]

David,

While I was working the Docker images for 9.0.0-M7, I could not use the keys 
file to verify the downloads.  Does the keys file need an update?

Thanks,
Rod.

Re: Docker Images and Automation

[Jenkins, Rodney J (Rod)]

All,

I see that the 9.0.0-M7 has a tar.gz file.  I will get Docker images created.

Thanks,
Rod.


On 5/13/21, 4:57 PM, "Jenkins, Rodney J (Rod)"  wrote:

Nationwide Information Security Warning: This is an EXTERNAL email. Use 
CAUTION before clicking on links, opening attachments, or responding. (Sender: 
dev-return-28359-JENKIR14=nationwide@tomee.apache.org)


--


Hello All,

As usual, I will get the 8.0.7 images out as soon as I can.

With that in mind, what automation does the Apache Foundation offer for 
automation of Docker image releases?  I attempted to do some Docker work for 
ActiveMQ, but they decided to go a different direction.  What I did learn is 
that they wanted to use some automation from Apache.

My question is if automation is available, have we looked in to it?  If 
not, would you all support me researching?

Thanks,
Rod.

Docker Images and Automation

[Jenkins, Rodney J (Rod)]

Hello All,

As usual, I will get the 8.0.7 images out as soon as I can.

With that in mind, what automation does the Apache Foundation offer for 
automation of Docker image releases?  I attempted to do some Docker work for 
ActiveMQ, but they decided to go a different direction.  What I did learn is 
that they wanted to use some automation from Apache.

My question is if automation is available, have we looked in to it?  If not, 
would you all support me researching?

Thanks,
Rod.

Re: [DISCUSS] Retiring the "tomee" webapps from TomEE 8

[Jenkins, Rodney J (Rod)]

David,

We have fully moved off of the drop in WARs.  No need to maintain them further. 
 Thank you for thinking about us!!

Thanks,
Rod.


On 4/19/21, 3:21 PM, "David Blevins"  wrote:

> On Apr 19, 2021, at 11:15 AM, Jenkins, Rodney J (Rod) 
 wrote:
> 
> You stated, "In practice, I don't believe anyone actually used it and we 
do not heavily test this technique."
> 
> Until recently, we heavily relied on the drop in war.  It was our main 
source of obtaining TomEE.  In the recent months we have moved to the full 
version of TomEE.  It was quite nice to be able to have a base TomCat 
installation, then when someone needed it, we just dropped in the war.  This 
reduced our overhead.  However, the classes did not get loaded the same.  That 
lead us to moving to the full version of TomEE with embedded Tomcat.

That's great news, Rod.  I recall you mentioning you were heavily reliant 
on the wars, so I was concerned you'd be affected.  Are you full transitioned 
off the wars or would it be helpful for us to maintain them for a couple 
releases?

On classes not getting loaded the same, that's definitely the primary 
pitfall of them.  The war essentially loads and shoves a bunch of libraries 
into the Tomcat parent classloader such that other webapps can then see them.  
It's non-deterministic, however, as webapps might have been loaded before that 
happens.  The webapp would try to address that by restarting those webapps, 
which would of course introduce other complexities.


-David

> 
> On 4/17/21, 6:06 PM, "David Blevins"  wrote:
> 
>Digging up this old discussion thread on removing the tomee-foo-webapp 
modules.
> 
>At the moment our TCK progress is essentially halted due to issues 
created by the complexity of these webapps and how we build the server.
> 
>The crux of the issue is that we're getting duplicate jars in our war 
files which causes the TCK runs to encounter startup errors and fail before any 
tests are run.  Here's an example:
> 
>$ curl -O 
https://repository.apache.org/content/groups/snapshots/org/apache/tomee/apache-tomee/8.0.7-SNAPSHOT/apache-tomee-8.0.7-20210417.052409-158-plume.zip
 
> 
>$ unzip -l apache-tomee-8.0.7-20210417.052409-158-plume.zip | grep 
cxf-core
>  1431799  04-17-2021 05:23   
apache-tomee-plume-8.0.7-SNAPSHOT/lib/cxf-core-3.5.0-SNAPSHOT.jar
>  1431799  04-17-2021 05:23   
apache-tomee-plume-8.0.7-SNAPSHOT/lib/cxf-core-3.5.0-20210417.035622-203.jar
> 
>There are duplicates of basically any SNAPSHOT dependency.  Sometimes 
there'll be duplicates even of openejb-core.  I've checked the sha256 hashes on 
the duplicate jars like the above and in most cases they are different, meaning 
we're getting two different builds of the SNAPSHOT showing up.
> 
>When we go to run the TCK we encounter issues as there are parts of 
the TCK that are standalone (no server) and we need to construct a classpath of 
specific jars.  That will fail like so:
> 
>Caused by: java.lang.Exception: Found more than one file to be 
included into path; dir=target/apache-tomee-plume-8.0.7-SNAPSHOT/lib, 
includes=cxf-rt-rs-client-*.jar, excludes=null; found: 
/Users/dblevins/work/apache/tomee-tck/target/apache-tomee-plume-8.0.7-SNAPSHOT/lib/cxf-rt-rs-client-3.5.0-20210417.035728-202.jar:/Users/dblevins/work/apache/tomee-tck/target/apache-tomee-plume-8.0.7-SNAPSHOT/lib/cxf-rt-rs-client-3.5.0-SNAPSHOT.jar
>at sun.reflect.NativeConstructorAccessorImpl.newInstance0 
(Native Method)
>at sun.reflect.NativeConstructorAccessorImpl.newInstance 
(NativeConstructorAccessorImpl.java:62)
>at sun.reflect.DelegatingConstructorAccessorImpl.newInstance 
(DelegatingConstructorAccessorImpl.java:45)
>at java.lang.reflect.Constructor.newInstance 
(Constructor.java:423)
>at org.codehaus.groovy.reflection.CachedConstructor.invoke 
(CachedConstructor.java:77)
>at 
org.codehaus.groovy.reflection.CachedConstructor.doConstructorInvoke 
(CachedConstructor.java:71)
>at 
org.codehaus.groovy.runtime.callsite.ConstructorSite$ConstructorSiteNoUnwrap.callConstructor
 (ConstructorSite.java:84)
>at 
org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCallConstructor 
(CallSiteArray.java:52)
>at 
org.codehaus.groovy.runtime.callsite.AbstractCallSite.callConstructor 
(AbstractCallSite.java:192)
>at 
org.codehaus.groovy.runtime.callsite.AbstractCallSite.callConstructor 
(AbstractCallSite.java:200)
>at openejb.tck.util.PathBuilder.append (PathBuilder.groovy:89)
> 
>Wha

Re: [DISCUSS] Retiring the "tomee" webapps from TomEE 8

[Jenkins, Rodney J (Rod)]

David,

You stated, "In practice, I don't believe anyone actually used it and we do not 
heavily test this technique."

Until recently, we heavily relied on the drop in war.  It was our main source 
of obtaining TomEE.  In the recent months we have moved to the full version of 
TomEE.  It was quite nice to be able to have a base TomCat installation, then 
when someone needed it, we just dropped in the war.  This reduced our overhead. 
 However, the classes did not get loaded the same.  That lead us to moving to 
the full version of TomEE with embedded Tomcat.

Rod. 




On 4/17/21, 6:06 PM, "David Blevins"  wrote:

Digging up this old discussion thread on removing the tomee-foo-webapp 
modules.

At the moment our TCK progress is essentially halted due to issues created 
by the complexity of these webapps and how we build the server.

The crux of the issue is that we're getting duplicate jars in our war files 
which causes the TCK runs to encounter startup errors and fail before any tests 
are run.  Here's an example:

$ curl -O 
https://repository.apache.org/content/groups/snapshots/org/apache/tomee/apache-tomee/8.0.7-SNAPSHOT/apache-tomee-8.0.7-20210417.052409-158-plume.zip
 

$ unzip -l apache-tomee-8.0.7-20210417.052409-158-plume.zip | grep 
cxf-core
  1431799  04-17-2021 05:23   
apache-tomee-plume-8.0.7-SNAPSHOT/lib/cxf-core-3.5.0-SNAPSHOT.jar
  1431799  04-17-2021 05:23   
apache-tomee-plume-8.0.7-SNAPSHOT/lib/cxf-core-3.5.0-20210417.035622-203.jar

There are duplicates of basically any SNAPSHOT dependency.  Sometimes 
there'll be duplicates even of openejb-core.  I've checked the sha256 hashes on 
the duplicate jars like the above and in most cases they are different, meaning 
we're getting two different builds of the SNAPSHOT showing up.

When we go to run the TCK we encounter issues as there are parts of the TCK 
that are standalone (no server) and we need to construct a classpath of 
specific jars.  That will fail like so:

Caused by: java.lang.Exception: Found more than one file to be included 
into path; dir=target/apache-tomee-plume-8.0.7-SNAPSHOT/lib, 
includes=cxf-rt-rs-client-*.jar, excludes=null; found: 
/Users/dblevins/work/apache/tomee-tck/target/apache-tomee-plume-8.0.7-SNAPSHOT/lib/cxf-rt-rs-client-3.5.0-20210417.035728-202.jar:/Users/dblevins/work/apache/tomee-tck/target/apache-tomee-plume-8.0.7-SNAPSHOT/lib/cxf-rt-rs-client-3.5.0-SNAPSHOT.jar
at sun.reflect.NativeConstructorAccessorImpl.newInstance0 (Native 
Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance 
(NativeConstructorAccessorImpl.java:62)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance 
(DelegatingConstructorAccessorImpl.java:45)
at java.lang.reflect.Constructor.newInstance (Constructor.java:423)
at org.codehaus.groovy.reflection.CachedConstructor.invoke 
(CachedConstructor.java:77)
at 
org.codehaus.groovy.reflection.CachedConstructor.doConstructorInvoke 
(CachedConstructor.java:71)
at 
org.codehaus.groovy.runtime.callsite.ConstructorSite$ConstructorSiteNoUnwrap.callConstructor
 (ConstructorSite.java:84)
at 
org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCallConstructor 
(CallSiteArray.java:52)
at 
org.codehaus.groovy.runtime.callsite.AbstractCallSite.callConstructor 
(AbstractCallSite.java:192)
at 
org.codehaus.groovy.runtime.callsite.AbstractCallSite.callConstructor 
(AbstractCallSite.java:200)
at openejb.tck.util.PathBuilder.append (PathBuilder.groovy:89)

What's worse is that this issue seems somewhat random.  Sometimes you get 
away with no duplicate jars.

Additionally, if you need to rebuild the server binary (say plume) to test 
a one line change it takes quite a while because we need to build several 
binaries first.  The tomee/tomee-webapp/ module builds a war that feeds into 
the tomee/tomee-plume-webapp/ module which feeds into tomee/apache-tomee/ which 
produces all the actual zips, tars.  Here's how big the target directories are 
for those three modules after a build:

$ du -sh tomee/tomee-webapp/target/ tomee/tomee-plume-webapp/target/ 
tomee/apache-tomee/target/
 37Mtomee/tomee-webapp/target/
206Mtomee/tomee-plume-webapp/target/
1.1Gtomee/apache-tomee/target/

Overall we produce 3.3GB in our build.  To get your one-line change up to 
the internet for a TCK run, you need to up load an insane amount of binaries.  
On an EC2 box with extremely good internet connection it takes about 2 hours to 
do a snapshot deploy.

A snapshot that is broken and unusable.

I think I can fix our duplicate jar issue and get things working, but FYI 
that doesn't really fix our build.  We'll need to do more serious work to get 
that in shape.


-David

SHA files

[Jenkins, Rodney J (Rod)]

All,

Is there a reason that we do not post proper sha files for download.  In the 
files we post, all it shows is the checksum.  If we added the file at the end, 
the sha512 command would be able to make use of it.   For example we post:

3e8fc…yougettheidea…8bf7

As opposed to:


3e8fc…yougettheidea…8bf7 *apache-tomee-8.0.6-plume.tar.gz





If you execute shaw512 -c apache-tomee-8.0.6-plume.tar.gz on the 1st line you 
get:
sha512sum: apache-tomee-8.0.6-plume.tar.gz.sha512: no properly formatted SHA512 
checksum lines found

It would make automation easier, if we could include the proper shaw files.

Thanks,
Rod.

CVE-2019-20367 - TomEE not affected

[Jenkins, Rodney J (Rod)]

All,

Just an FYI….

Today, our vulnerability scanners started alerting us to this CVE when we 
pulled the Official Tomcat image.  I have opened a ticket with 
docker-library-tocmat to see if they can rebuild the images, as this was 
address in the OpenJDK layer.  After I sorted that out, I wondered if TomEE was 
vulnerable as well.  The good news is we are not.  The difference is Tomcat is 
build OpenJDK’s JDK and we use the JRE.  It would seem the affecting library, 
libbsd0, is not found on the JRE.

Again, there is nothing for us to do, but I thought you may all want to be 
aware.

If you have any questions, please reach out.

Thanks,
Rod.


PS:  It is not lost on me that it is a fairly old vulnerability.  I am not sure 
why it started to notify us today, something else I will have to research.

Docker Images for TomEE 9.0

[Jenkins, Rodney J (Rod)]

Hello all,

I have mentioned this a in the past, but I could use some discussion on the 
topic.

We are not generating tar.gz files for TomEE 9, we are only generating a zip 
file.  If I recall, the zip files do not contain any file ownership or 
permissions.  Therefore, I will need to set all of the owner ship and 
permissions in the Dockerfile.  If we are set on only creating the zip file, I 
can start on the new Dockerfile, but it will not look like the others.  I would 
rather not go through the work of creating something to use the zip file, only 
to have to revert it back to using the tar.gz later.

Thanks,
Rod.

Re: [RESULT] [VOTE] Release Apache TomEE 8.0.6

[Jenkins, Rodney J (Rod)]

Hello All,

I will get the docker images released in the next day or two.

Thanks,
Rod.

On 1/25/21, 9:19 AM, "Jonathan Gallimore"  wrote:

Nationwide Information Security Warning: This is an EXTERNAL email. Use 
CAUTION before clicking on links, opening attachments, or responding. (Sender: 
dev-return-27772-JENKIR14=nationwide@tomee.apache.org)


--


Hi All

Here are the vote results:

+1s

Alexandre Vermeerbergen
Richard Zowalla
Cesar Hernandez
Daniel Dias Dos Santos
Martin Wiesner
Jean-Louis Monteiro (binding)
Jonathan Gallimore (binding)
Mark Struberg (binding)
David Blevins (binding)

With 9 +1s and no other votes, this vote passes, and I'll now proceed with
the final release steps.

Jon

On Thu, Jan 14, 2021 at 4:05 PM Jonathan Gallimore <
jonathan.gallim...@gmail.com> wrote:

> Hi All,
>
> This is a first attempt at a vote for a release of Apache TomEE 8.0.6.
>
> Maven Repo:
> https://repository.apache.org/content/repositories/orgapachetomee-1179
>
> Binaries & Source:
> https://dist.apache.org/repos/dist/dev/tomee/staging-1179/tomee-8.0.6/
>
> Source code:
>
> 
https://dist.apache.org/repos/dist/dev/tomee/staging-1179/tomee-8.0.6/tomee-project-8.0.6-source-release.zip
>
> Tags:
>
> 
https://gitbox.apache.org/repos/asf?p=tomee.git;a=tag;h=refs/tags/tomee-8.0.6
>
> Release notes:
>
>
> 
https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12312320&version=12349403
>
> (Developers - please review and adjust your tickets if necessary!)
>
> Please VOTE:
>
> [+1] Yes, release it
> [+0] Not fussed
> [-1] Don't release, there's a showstopper (please specify what the
> showstopper is)
>
> Vote will be open for 72 hours.
>
> Thanks
>
> Jon
>
>

Re: Drop in TomEE WAR

[Jenkins, Rodney J (Rod)]

All,

We solved the problem.  As it turned out there was a discrepancy in the 
directory naming conventions between what we created and the image in DockerHub.

Jon,  my team appreciates your willingness to jump on the problem.

Thanks,
Rod.


On 12/8/20, 7:40 AM, "Jonathan Gallimore"  wrote:

Nationwide Information Security Warning: This is an EXTERNAL email. Use 
CAUTION before clicking on links, opening attachments, or responding. (Sender: 
dev-return-27525-JENKIR14=nationwide@tomee.apache.org)


--


That's awesome, thanks Rod. I'll keep an eye for the mail on the users list.

Jon

On Tue, Dec 8, 2020 at 1:28 PM Jenkins, Rodney J (Rod) <
jenki...@nationwide.com> wrote:

> Jon,
>
> Thank you for the response.  I did not jump straight to bug.  I figured I
> missed something in the building of our image.
>
> I have passed along the request for the exception and a reproducer.  We
> cannot share the actual code base, but I did ask for something that will
> reproduce the error.  I am working on the stack trace now.
>
> Also, I will have the user email all of this to the users mailing list.  I
> think it is more fitting there.
>
> Thanks again,
> Rod.
>
>
> On 12/7/20, 3:38 PM, "Jonathan Gallimore" 
> wrote:
>
> Nationwide Information Security Warning: This is an EXTERNAL email.
> Use CAUTION before clicking on links, opening attachments, or responding.
> (Sender: dev-return-27511-JENKIR14=nationwide@tomee.apache.org)
>
>
> 
--
>
>
> Let's get a view on the exception and a reproducer. Sounds like a bug
    > we'd
> want to iron out.
>
> Jon
>
> On Mon, Dec 7, 2020 at 4:59 PM Jenkins, Rodney J (Rod) <
> jenki...@nationwide.com> wrote:
>
> > All,
> >
> > Would anyone know what differences between the drop in WAR vs the
> full
> > install?  I am working with someone who is using our internally 
built
> > Docker image.  Our image is built with the drop in WAR.  If they use
> the
> > public container pulled from Dockerhub (built on the full TomEE
> version),
> > everything works fine.
> >
> > I am having them do a write up to send to the users list for some
> > support.The email to the user list will have the stack trace and
> > additional information.  However, I was hoping for someone provide
> an idea
> > as to what would be different.  The high level issue is:
> > javax.naming.NameNotFoundException
> >
> >
> > Thanks for any initial ideas,
> > Rod.
> >
> >
>
>
>

Re: Drop in TomEE WAR

[Jenkins, Rodney J (Rod)]

Jon,

Thank you for the response.  I did not jump straight to bug.  I figured I 
missed something in the building of our image.

I have passed along the request for the exception and a reproducer.  We cannot 
share the actual code base, but I did ask for something that will reproduce the 
error.  I am working on the stack trace now.

Also, I will have the user email all of this to the users mailing list.  I 
think it is more fitting there.

Thanks again,
Rod.


On 12/7/20, 3:38 PM, "Jonathan Gallimore"  wrote:

Nationwide Information Security Warning: This is an EXTERNAL email. Use 
CAUTION before clicking on links, opening attachments, or responding. (Sender: 
dev-return-27511-JENKIR14=nationwide@tomee.apache.org)


--


Let's get a view on the exception and a reproducer. Sounds like a bug we'd
want to iron out.

Jon

On Mon, Dec 7, 2020 at 4:59 PM Jenkins, Rodney J (Rod) <
jenki...@nationwide.com> wrote:

> All,
>
> Would anyone know what differences between the drop in WAR vs the full
> install?  I am working with someone who is using our internally built
> Docker image.  Our image is built with the drop in WAR.  If they use the
> public container pulled from Dockerhub (built on the full TomEE version),
> everything works fine.
>
> I am having them do a write up to send to the users list for some
> support.The email to the user list will have the stack trace and
> additional information.  However, I was hoping for someone provide an idea
> as to what would be different.  The high level issue is:
> javax.naming.NameNotFoundException
>
>
> Thanks for any initial ideas,
> Rod.
>
>

Drop in TomEE WAR

[Jenkins, Rodney J (Rod)]

All,

Would anyone know what differences between the drop in WAR vs the full install? 
 I am working with someone who is using our internally built Docker image.  Our 
image is built with the drop in WAR.  If they use the public container pulled 
from Dockerhub (built on the full TomEE version), everything works fine.

I am having them do a write up to send to the users list for some support.
The email to the user list will have the stack trace and additional 
information.  However, I was hoping for someone provide an idea as to what 
would be different.  The high level issue is:  
javax.naming.NameNotFoundException


Thanks for any initial ideas,
Rod.

Re: [VOTE] Release Apache TomEE 8.0.5 and 9.0.0-M3

[Jenkins, Rodney J (Rod)]

Jon,

Do we have tarballs for TomEE 9.0.0-M3?  This issue is still a blocker for the 
containers.  If you want another chain to discuss, I can start one.

Thanks,
Rod.


On 11/17/20, 4:11 PM, "Jonathan Gallimore"  
wrote:

Nationwide Information Security Warning: This is an EXTERNAL email. Use 
CAUTION before clicking on links, opening attachments, or responding. (Sender: 
dev-return-27430-JENKIR14=nationwide@tomee.apache.org)


--


Hi All,

This is a first attempt at a vote for a release of Apache TomEE 9.0.0-M3
and Apache TomEE 8.0.5.

Maven Repo:
https://repository.apache.org/content/repositories/orgapachetomee-1177
https://repository.apache.org/content/repositories/orgapachetomee-1178

Binaries & Source:
https://dist.apache.org/repos/dist/dev/tomee/staging-1177/tomee-8.0.5/
https://dist.apache.org/repos/dist/dev/tomee/staging-1178/tomee-9.0.0-M3/

Source code:
TomEE 8.0.5:

https://dist.apache.org/repos/dist/dev/tomee/staging-1177/tomee-8.0.5/tomee-project-8.0.5-source-release.zip
TomEE Jakarta Conversion for 9.0.0-M3:

https://dist.apache.org/repos/dist/dev/tomee/staging-1173/tomee-8.0.4/apache-tomee-9.0.0-M2-source-release.zip

Tags:


https://gitbox.apache.org/repos/asf?p=tomee.git;a=tag;h=refs/tags/tomee-8.0.5

https://gitbox.apache.org/repos/asf?p=tomee-jakarta.git;a=tag;h=refs/tags/tomee-9.0.0-M3

Release notes:


https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12312320&version=12348622

(I'll be going through issues and correcting them where they haven't been
marked as complete)

Please VOTE:

[+1] Yes, release it
[+0] Not fussed
[-1] Don't release, there's a showstopper (please specify what the
showstopper is)

Vote will be open for 72 hours.

Thanks

Jon

Dockerfiles for 7.1.4

[Jenkins, Rodney J (Rod)]

All,

I noticed that 7.1.4 was missed on the last updated.  I will get a card to get 
this done during my next sprint.

Thanks,
Rod.

Re: Docker Images

[Jenkins, Rodney J (Rod)]

Hello,

I have submitted a PR to tomitribe/docker-tomee to get these updated.  

This brings everything to 8.0.4, except webprofile which this updates to 8.0.3.

Status
8.0.4
  Plume
  Plus
  Microprofile

8.0.3
  Webprofile

9.0.0-M2
  None


If we want to fix webprofile artifact for 8.0.4, let me know and I will bring 
those up to date.  Also, let me know how we want to proceed for the tarballs on 
9.0.

Thanks,
Rod.


On 8/30/20, 1:05 AM, "Jenkins, Rodney J (Rod)"  wrote:

Nationwide Information Security Warning: This is an external email. Do not 
click on links or open attachments unless you trust the sender.

--

Hello,

I have working 8.0.4 images created.  I started working on the 9.0.0-M2 
images, but I am running in to issues.  As I stated before, we do not have the 
tar.gz files, only the zips.  I started converting Dockerfiles to using zips.  
However, when I unzip, I am not getting the permissions.  All files are coming 
in as "-rw-r--r--" and directories are coming in as "drwxr-sr-x".

I could go through and set all of the permissions manually, but that would 
make for a very ugly Dockerfile.  I would highly recommend creating the tar.gz 
files.  This way permissions will be preserved from the tomcat tarball.

If all we are providing are the zip files, how are people testing?  Are 
they setting all the permissions manually?  If so, are they just setting them 
to 777 (or at least executable on all) to make it easy?  

If we want 8.0.4 sooner, I can drop the 9.0.0-M2 and push at anytime.

Thoughts?

Thanks,
Rod.

    
    On 8/21/20, 3:47 PM, "Jenkins, Rodney J (Rod)"  
wrote:

Nationwide Information Security Warning: This is an external email. Do 
not click on links or open attachments unless you trust the sender.

--

Hello all,

I have been absent for a while, but I am back.  I will start work this 
weekend to get the Dockerfiles updated as well as getting caught back up.

If I recall correctly, when I left off, I needed to create images for 
TomEE 9 on OpenJDK 8 and 11.  I did not see that anyone has done that, so I 
will start there.

Thanks,
Rod.

Re: [VOTE] Missing artifact - TomEE 8.0.4

[Jenkins, Rodney J (Rod)]

All,

This is blocking 8.0.4 on Docker.  8.0.3 was the last artifact that was 
available for webprofile via these links:

https://dist.apache.org/repos/dist/release/tomee/tomee-${TOMEE_VER}/apache-tomee-${TOMEE_VER}-${TOMEE_BUILD}.tar.gz


Thanks,
Rod.


On 8/11/20, 3:58 AM, "Jonathan Gallimore"  wrote:

Nationwide Information Security Warning: This is an external email. Do not 
click on links or open attachments unless you trust the sender.

--

Hi All,

We're missing an artifact on our download page for TomEE 8.0.4 Webprofile
(thanks Richard Zowalla for pointing this out).

This is already in Maven:
https://repo1.maven.org/maven2/org/apache/tomee/apache-tomee/8.0.4/, but
was missed in the staging directory for the vote, and hence is missing from
the promotion to the website.

I don't know if a vote is needed to add the missing artifact, but I think
it covers us well to have one anyway. Here's the reference to the original
vote:


https://lists.apache.org/thread.html/r5d6b2fe8998da647fdcf405ab721e6f882d40f271b9a92527257bd45%40%3Cdev.tomee.apache.org%3E

I've added the missing artifacts to the staging area here:
https://dist.apache.org/repos/dist/dev/tomee/staging-1173/tomee-8.0.4/

Please VOTE:

[+1] Yes, release it
[+0] Not fussed
[-1] Don't release, there's a showstopper (please specify what the
showstopper is)

Vote will be open for 72 hours.

Thanks

Jon

Re: Docker Images

[Jenkins, Rodney J (Rod)]

Hello,

I have working 8.0.4 images created.  I started working on the 9.0.0-M2 images, 
but I am running in to issues.  As I stated before, we do not have the tar.gz 
files, only the zips.  I started converting Dockerfiles to using zips.  
However, when I unzip, I am not getting the permissions.  All files are coming 
in as "-rw-r--r--" and directories are coming in as "drwxr-sr-x".

I could go through and set all of the permissions manually, but that would make 
for a very ugly Dockerfile.  I would highly recommend creating the tar.gz 
files.  This way permissions will be preserved from the tomcat tarball.

If all we are providing are the zip files, how are people testing?  Are they 
setting all the permissions manually?  If so, are they just setting them to 777 
(or at least executable on all) to make it easy?  

If we want 8.0.4 sooner, I can drop the 9.0.0-M2 and push at anytime.

Thoughts?

Thanks,
Rod.


On 8/21/20, 3:47 PM, "Jenkins, Rodney J (Rod)"  wrote:

Nationwide Information Security Warning: This is an external email. Do not 
click on links or open attachments unless you trust the sender.

--

Hello all,

I have been absent for a while, but I am back.  I will start work this 
weekend to get the Dockerfiles updated as well as getting caught back up.

If I recall correctly, when I left off, I needed to create images for TomEE 
9 on OpenJDK 8 and 11.  I did not see that anyone has done that, so I will 
start there.

Thanks,
Rod.

Docker Images

[Jenkins, Rodney J (Rod)]

Hello all,

I have been absent for a while, but I am back.  I will start work this weekend 
to get the Dockerfiles updated as well as getting caught back up.

If I recall correctly, when I left off, I needed to create images for TomEE 9 
on OpenJDK 8 and 11.  I did not see that anyone has done that, so I will start 
there.

Thanks,
Rod.

Re: Base JDK for TomEE 9 in Docker (was Re: [RESULT] [VOTE] Release Apache TomEE 9.0.0-M1 and Apache TomEE 8.0.3)

[Jenkins, Rodney J (Rod)]

Hello David,

I think we have two options.

1) Change the Docker images to use the zip files

2) Create the tar.gz files

I think sort term we can do the zip files.  I think from there it becomes a 
question of what is best for the long run.  We may not need to provide tar.gz 
files at all.  I think most people are capable of using zip, but it may require 
some changes.

Forgive my ignorance, but "Do you want the honors of filing the ticket," does 
that mean a Jira card for the project?

Thanks,
Rod.

On 6/25/20, 5:56 PM, "David Blevins"  wrote:

Nationwide Information Security Warning: This is an external email. Do not 
click on links or open attachments unless you trust the sender.

--

> On Jun 25, 2020, at 2:46 PM, Jenkins, Rodney J (Rod) 
 wrote:
> 
> Is there any reason that we did not provide TAR.GZ files for TomEE 9.0?

You're reminding me of a thought where I said to myself, "oh gee, we need 
to not forget to " :)

I had that thought as well and it escaped me.  Do you want the honors of 
filing the ticket so we don't forget to create TAR.GZ files for TomEE 9.0?

I think the answer here is simply that the Eclipse Transformer might not 
support that format.  If we added that capability we might still not want to 
use it because that would double the time it takes to do the bytecode 
processing.  The right answer here might be to add that capability to the TomEE 
Patch Plugin and have it output a ZIP and TAR.GZ in parallel.  If we made it 
smart enough to set the right execution bits on the *.sh files, it could work 
fine.

Thinking out loud.


-David

Re: Base JDK for TomEE 9 in Docker (was Re: [RESULT] [VOTE] Release Apache TomEE 9.0.0-M1 and Apache TomEE 8.0.3)

[Jenkins, Rodney J (Rod)]

Jon,

Is there any reason that we did not provide TAR.GZ files for TomEE 9.0?

Thanks,
Rod.


On 6/24/20, 11:58 AM, "Jenkins, Rodney J (Rod)"  
wrote:

Nationwide Information Security Warning: This is an external email. Do not 
click on links or open attachments unless you trust the sender.

--

Hello,

I will get a pull request out later today for TomEE 9 on OpenJDK 8 and 11.

Thanks for the direction

Rod.


On 6/24/20, 4:02 AM, "Jonathan Gallimore"  
wrote:

Nationwide Information Security Warning: This is an external email. Do 
not click on links or open attachments unless you trust the sender.

--

We have images for TomEE 8 using both JRE 8 and 11:
https://hub.docker.com/_/tomee

How about we do the same for TomEE 9? We'll definitely want to pass the 
TCK
with Java 11, and very likely with Java 8 as well. I think it makes 
sense
that we put something that uses Java 11 in people's hands to get 
feedback,
and the Docker images offer a really quick way to do that.

Cheers

Jon

On Tue, Jun 23, 2020 at 10:21 PM David Blevins 
wrote:

> Hey, Rod!
>
    > > On Jun 23, 2020, at 11:45 AM, Jenkins, Rodney J (Rod) <
> jenki...@nationwide.com> wrote:
> >
> > This may be a really dumb line of questions but.
>
> I've got a saying:
>
>  - Ask a dumb question and look dumb for a minute.  Don't ask a dumb
> question and be dumb forever.
>
> Anyway, better luck next time as your question is actually really 
good. :)
>
> > Currently for TomEE 8, we use openjdk:8-jre as our base.  Does this 
(or
> should we ) make a change and make from another base?  If so, what 
base?
> >
> > For TomEE we have these profiles:
> > plume
> > webprofile
> > Microprofile
> > Plus
> >
> > Do we want the same profiles for TomEE 9 going forward?
>
> The TCK tests I ran to get the 90% were all done on JDK 8 so for now 
we
> probably should put out the same four profiles for TomEE 9.0.0-M1 for 
JDK 8.
>
> That said, to actually be certified in the future we'll have to pass 
on
> Java 11.  Passing on Java 8 is actually optional from a specification
> perspective.  We know TomEE 9 should always on work JDK 8 because 
we're
> creating these binaries by modifying TomEE 8.
>
> Where that leaves it is it's pretty much our choice.  We could do 
either.
>
> Maybe people who try out TomEE 9 in Docker might prefer to Java 11 be 
the
> base? (when we actually start testing on that JDK that is)
>
> Thoughts?
>
>
> -David
>
>
>
>
>
>

Re: Base JDK for TomEE 9 in Docker (was Re: [RESULT] [VOTE] Release Apache TomEE 9.0.0-M1 and Apache TomEE 8.0.3)

[Jenkins, Rodney J (Rod)]

Hello,

I will get a pull request out later today for TomEE 9 on OpenJDK 8 and 11.

Thanks for the direction

Rod.


On 6/24/20, 4:02 AM, "Jonathan Gallimore"  wrote:

Nationwide Information Security Warning: This is an external email. Do not 
click on links or open attachments unless you trust the sender.

--

We have images for TomEE 8 using both JRE 8 and 11:
https://hub.docker.com/_/tomee

How about we do the same for TomEE 9? We'll definitely want to pass the TCK
with Java 11, and very likely with Java 8 as well. I think it makes sense
that we put something that uses Java 11 in people's hands to get feedback,
and the Docker images offer a really quick way to do that.

Cheers

Jon

On Tue, Jun 23, 2020 at 10:21 PM David Blevins 
wrote:

> Hey, Rod!
>
> > On Jun 23, 2020, at 11:45 AM, Jenkins, Rodney J (Rod) <
> jenki...@nationwide.com> wrote:
> >
> > This may be a really dumb line of questions but.
>
> I've got a saying:
>
>  - Ask a dumb question and look dumb for a minute.  Don't ask a dumb
> question and be dumb forever.
>
> Anyway, better luck next time as your question is actually really good. :)
>
> > Currently for TomEE 8, we use openjdk:8-jre as our base.  Does this (or
> should we ) make a change and make from another base?  If so, what base?
> >
> > For TomEE we have these profiles:
> > plume
> > webprofile
> > Microprofile
> > Plus
> >
> > Do we want the same profiles for TomEE 9 going forward?
>
> The TCK tests I ran to get the 90% were all done on JDK 8 so for now we
> probably should put out the same four profiles for TomEE 9.0.0-M1 for JDK 
8.
>
> That said, to actually be certified in the future we'll have to pass on
> Java 11.  Passing on Java 8 is actually optional from a specification
> perspective.  We know TomEE 9 should always on work JDK 8 because we're
> creating these binaries by modifying TomEE 8.
>
> Where that leaves it is it's pretty much our choice.  We could do either.
>
> Maybe people who try out TomEE 9 in Docker might prefer to Java 11 be the
> base? (when we actually start testing on that JDK that is)
>
> Thoughts?
>
>
> -David
>
>
>
>
>
>

Re: [RESULT] [VOTE] Release Apache TomEE 9.0.0-M1 and Apache TomEE 8.0.3

[Jenkins, Rodney J (Rod)]

Hello all,

This may be a really dumb line of questions but.

Currently for TomEE 8, we use openjdk:8-jre as our base.  Does this (or should 
we ) make a change and make from another base?  If so, what base?

For TomEE we have these profiles:
plume
webprofile
Microprofile
Plus

Do we want the same profiles for TomEE 9 going forward?

I am going to release 8.0.3 now.  I can do 9 when we have these answered.

Thanks,
Rod.

On 6/22/20, 7:39 PM, "David Blevins"  wrote:

It's incredibly amazing what we've all done.  We should all be very proud.

It takes a lot of work to get off the idea stage with bytecode 
transformation.  It takes a lot of work to close the last issues.  It takes a 
big effort to get a vote across the finish line at all, let alone this fast.

The last time I saw a vote clear this quickly was TomEE 1.0.0 beta 1 in 
October 4th, 2011, the day before JavaOne 2011.

I'm going to take this as a sign. The good-ol-days are ahead of us :)

Massive thank you and congratulations to everyone.  Get ready to do some 
retweeting tomorrow!


-David


> On Jun 22, 2020, at 6:43 AM, Jonathan Gallimore 
 wrote:
> 
> Hi All,
> 
> Thank you for voting. The following +1 votes were cast:
> 
> Thiago Henrique Hupner
> Cesar Hernandez
> Ivan Junckes Filho
> Nishant Raut
> Daniel Dias Dos Santos
> David Jencks (binding)
> David Blevins (binding)
> Jonathan Gallimore (binding)
> 
> With 8 +1's and no other votes, this vote passes. Thank you everyone for
> your reviews and votes. I'll promote these artifacts and complete the
> release.
> 
> Jon
> 
> 
> On Fri, Jun 19, 2020 at 2:01 PM Jonathan Gallimore <
> jonathan.gallim...@gmail.com> wrote:
> 
>> Hi All,
>> 
>> I am delighted to present a vote for Apache TomEE 9.0.0-M1 and Apache
>> TomEE 8.0.3.
>> 
>> There's some background on this release here:
>> 
https://lists.apache.org/thread.html/r1d89e3c1cd9dba9695e059c96efc8af0d68f18e40c4d4c688801db8d%40%3Cdev.tomee.apache.org%3E
>> 
>> The key points here are:
>> 
>> * TomEE 8.0.3 is essentially identical to TomEE 8.0.2, bar some changes 
to
>> examples. Release notes are below.
>> 
>> * TomEE 9.0.0-M1 is a transformed version of TomEE 8.0.3, to shift TomEE
>> and all its dependencies from the javax to jakarta namespace.
>> 
>> * If you're targeting Jakarta EE 8, use TomEE 8.0.3. If you would like to
>> try out Jakarta EE 9, with the new namespace, try TomEE 9.0.0-M1. If you
>> build the examples, for most of them you should get a `javax` version 
and a
>> `jakarta` version. Moviefun is a good app to use to play around.
>> 
>> * TomEE 8.0.3 is production-ready. TomEE 9.0.0-M1 is a milestone. We'd
>> love you to try it, kick the tyres and provide feedback. There will 
likely
>> be a few milestone releases before we get to a production-ready 9.0.0.
>> 
>> * We expect things to not work with the 9.0.0-M1 version. Feedback is
>> gratefully received, but will be addressed with subsequent releases.
>> Genuine show-stopper issues, such as legal issues, should be voted -1, 
but
>> bugs or functionality in the 9.0.0-M1 should not prevent this release 
going
>> ahead. If you have questions around this, please let us know.
>> 
>> * Both versions are built from the same codebase, hence the single vote.
>> 
>> * This vote includes the release of a patch plugin:
>> https://github.com/apache/tomee-patch-plugin, and one separate single
>> module to do the translation work for the jakarta version:
>> https://github.com/apache/tomee-jakarta. I'm expecting the
>> tomee-jakara repo to be removed and the module bought back under the 
tomee
>> tree when we can work out the build issues there.
>> 
>> Maven Repo:
>> https://repository.apache.org/content/repositories/orgapachetomee-1172/
>> 
>> Binaries & Source:
>> https://dist.apache.org/repos/dist/dev/tomee/staging-1172/tomee-8.0.3/
>> 
>> Tags:
>> 
>> 
>> 
https://gitbox.apache.org/repos/asf?p=tomee.git;a=tag;h=refs/tags/tomee-project-8.0.3
>> 
>> 
https://gitbox.apache.org/repos/asf?p=tomee-patch-plugin.git;a=tag;h=refs/tags/tomee-patch-parent-0.1
>> 
>> 
https://gitbox.apache.org/repos/asf?p=tomee-jakarta.git;a=tag;h=refs/tags/apache-tomee-9.0.0-M1
>> 
>> Release notes:
>> 
>> 
>> 
https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12312320&version=12348219
>> 
>> Please VOTE:
>> 
>> [+1] Yes, release it
>> [+0] Not fussed
>> [-1] Don't release, there's a showstopper (please specify what the
>> showstopper is)
>> 
>> Vote will be open for 72 hours.
>> 
>> Here is my +1.
>> 
>> Thanks
>> 
>> Jon
>> 

Re: [RESULT] [VOTE] Release Apache TomEE 9.0.0-M1 and Apache TomEE 8.0.3

[Jenkins, Rodney J (Rod)]

I will begin on getting the docker images updated.

Thanks,
Rod.


On 6/22/20, 7:39 PM, "David Blevins"  wrote:

It's incredibly amazing what we've all done.  We should all be very proud.

It takes a lot of work to get off the idea stage with bytecode 
transformation.  It takes a lot of work to close the last issues.  It takes a 
big effort to get a vote across the finish line at all, let alone this fast.

The last time I saw a vote clear this quickly was TomEE 1.0.0 beta 1 in 
October 4th, 2011, the day before JavaOne 2011.

I'm going to take this as a sign. The good-ol-days are ahead of us :)

Massive thank you and congratulations to everyone.  Get ready to do some 
retweeting tomorrow!


-David


> On Jun 22, 2020, at 6:43 AM, Jonathan Gallimore 
 wrote:
> 
> Hi All,
> 
> Thank you for voting. The following +1 votes were cast:
> 
> Thiago Henrique Hupner
> Cesar Hernandez
> Ivan Junckes Filho
> Nishant Raut
> Daniel Dias Dos Santos
> David Jencks (binding)
> David Blevins (binding)
> Jonathan Gallimore (binding)
> 
> With 8 +1's and no other votes, this vote passes. Thank you everyone for
> your reviews and votes. I'll promote these artifacts and complete the
> release.
> 
> Jon
> 
> 
> On Fri, Jun 19, 2020 at 2:01 PM Jonathan Gallimore <
> jonathan.gallim...@gmail.com> wrote:
> 
>> Hi All,
>> 
>> I am delighted to present a vote for Apache TomEE 9.0.0-M1 and Apache
>> TomEE 8.0.3.
>> 
>> There's some background on this release here:
>> 
https://lists.apache.org/thread.html/r1d89e3c1cd9dba9695e059c96efc8af0d68f18e40c4d4c688801db8d%40%3Cdev.tomee.apache.org%3E
>> 
>> The key points here are:
>> 
>> * TomEE 8.0.3 is essentially identical to TomEE 8.0.2, bar some changes 
to
>> examples. Release notes are below.
>> 
>> * TomEE 9.0.0-M1 is a transformed version of TomEE 8.0.3, to shift TomEE
>> and all its dependencies from the javax to jakarta namespace.
>> 
>> * If you're targeting Jakarta EE 8, use TomEE 8.0.3. If you would like to
>> try out Jakarta EE 9, with the new namespace, try TomEE 9.0.0-M1. If you
>> build the examples, for most of them you should get a `javax` version 
and a
>> `jakarta` version. Moviefun is a good app to use to play around.
>> 
>> * TomEE 8.0.3 is production-ready. TomEE 9.0.0-M1 is a milestone. We'd
>> love you to try it, kick the tyres and provide feedback. There will 
likely
>> be a few milestone releases before we get to a production-ready 9.0.0.
>> 
>> * We expect things to not work with the 9.0.0-M1 version. Feedback is
>> gratefully received, but will be addressed with subsequent releases.
>> Genuine show-stopper issues, such as legal issues, should be voted -1, 
but
>> bugs or functionality in the 9.0.0-M1 should not prevent this release 
going
>> ahead. If you have questions around this, please let us know.
>> 
>> * Both versions are built from the same codebase, hence the single vote.
>> 
>> * This vote includes the release of a patch plugin:
>> https://github.com/apache/tomee-patch-plugin, and one separate single
>> module to do the translation work for the jakarta version:
>> https://github.com/apache/tomee-jakarta. I'm expecting the
>> tomee-jakara repo to be removed and the module bought back under the 
tomee
>> tree when we can work out the build issues there.
>> 
>> Maven Repo:
>> https://repository.apache.org/content/repositories/orgapachetomee-1172/
>> 
>> Binaries & Source:
>> https://dist.apache.org/repos/dist/dev/tomee/staging-1172/tomee-8.0.3/
>> 
>> Tags:
>> 
>> 
>> 
https://gitbox.apache.org/repos/asf?p=tomee.git;a=tag;h=refs/tags/tomee-project-8.0.3
>> 
>> 
https://gitbox.apache.org/repos/asf?p=tomee-patch-plugin.git;a=tag;h=refs/tags/tomee-patch-parent-0.1
>> 
>> 
https://gitbox.apache.org/repos/asf?p=tomee-jakarta.git;a=tag;h=refs/tags/apache-tomee-9.0.0-M1
>> 
>> Release notes:
>> 
>> 
>> 
https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12312320&version=12348219
>> 
>> Please VOTE:
>> 
>> [+1] Yes, release it
>> [+0] Not fussed
>> [-1] Don't release, there's a showstopper (please specify what the
>> showstopper is)
>> 
>> Vote will be open for 72 hours.
>> 
>> Here is my +1.
>> 
>> Thanks
>> 
>> Jon
>> 

Re: Re: [RESULT] [VOTE] Release TomEE 8.0.2

[Jenkins, Rodney J (Rod)]

These are now available in Dockerhub.

Rod.


On 6/3/20, 1:50 PM, "Jenkins, Rodney J (Rod)"  wrote:

Nationwide Information Security Warning: This is an external email. Do not 
click on links or open attachments unless you trust the sender.

--

I have built the new images.  I am testing this as I send this email.

There will be a pull request to docker-tomee within the hour.  When that is 
approved, I will updated Dockerhub.

Thanks,
Rod.


On 6/1/20, 8:30 AM, "Jenkins, Rodney J (Rod)"  
wrote:

Nationwide Information Security Warning: This is an external email. Do 
not click on links or open attachments unless you trust the sender.

--

Hello All,

I see this is available for download, along with 7.1.3 and 7.0.8.  I 
will get the docker images updated later today or tomorrow.

Thanks,
Rod.


On 5/27/20, 10:01 AM, "Jonathan Gallimore" 
 wrote:

Nationwide Information Security Warning: This is an external email. 
Do not click on links or open attachments unless you trust the sender.

--

Just an FYI, something has gone badly wrong in the promotion of the 
Nexus
staging repo. Some of the artifacts made it to the release 
repository, and
others didn't. I've filed a ticket with Infra to see if we can get 
it
resolved. Looking through the JIRAs for INFRA, it looks like there 
are sync
issues with Maven central as well. So if you're trying to get new 
artifacts
from Maven, please bear with us.

Jon

On Tue, May 26, 2020 at 12:28 PM Jonathan Gallimore <
jonathan.gallim...@gmail.com> wrote:

> Hi All,
>
> The following votes were cast:
>
> +1: (* binding)
>
> Richard Zowalla
> Martin Wiesner
> Daniel Dias Dos Santos
> Nishant Raut
> Stéphane Kay
> Cesar Hernandez
> Vincente Rossello
> Alexandre Vermeerbergen
> Emerson Castañeda
> Daniel Cunha
> Jean-Louis Monteiro *
> Jonathan Gallimore *
> Thiago Henrique Hupner
> Mark Struberg *
>
> With 14 +1's and no other votes, this vote passes. I'll promote 
these
> artifacts and continue with the next steps of the release.
>
> Many thanks
>
> Jon
>
> On Thu, May 14, 2020 at 2:27 PM Jonathan Gallimore <
> jonathan.gallim...@gmail.com> wrote:
>
>> Hi All,
>>
>> Here's a third attempt at releasing of TomEE 8.0.2. Please can 
you take a
>> careful look, review, test and provide feedback.
>>
>> Maven Repo:
>> 
https://repository.apache.org/content/repositories/orgapachetomee-1168
>>
>> Binaries & Source:
>> 
https://dist.apache.org/repos/dist/dev/tomee/staging-1168/tomee-8.0.2
>>
>> Tag:
>>
>>
>> 
https://gitbox.apache.org/repos/asf?p=tomee.git;a=tag;h=refs/tags/tomee-8.0.2
>>
>> Release notes:
>>
>>
>> 
https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12312320&version=12346650
>>
>> Please VOTE:
>>
>> [+1] Yes, release it
>> [+0] Not fussed
>> [-1] Don't release, there's a showstopper (please specify what 
the
>> showstopper is)
>>
>> Vote will be open for 72 hours or as needed.
>>
>> Thanks
>>
>> Jon
>>
>

Automation for relases

[Jenkins, Rodney J (Rod)]

Hello,

What do we have for automation in to perform our releases?  I am currently 
working with concourse to automate some of our internal products.  I know I can 
automate the Docker TomEE images, but what about what Jon does for the new 
releases?  I will admit what he does is a bit of a mystery to me.

I guess my main question would be:  Do we have automation today? If so, can we 
plug the docker stuff into it?  If not, do we have any interest in creating 
automation using concourse or something else?

Thanks,
Rod.

Re: Re: [RESULT] [VOTE] Release TomEE 8.0.2

[Jenkins, Rodney J (Rod)]

FYI

The pull request to DockerHub official images has been made.

Thanks,
Rod.


On 6/4/20, 4:16 AM, "Jonathan Gallimore"  wrote:

Nationwide Information Security Warning: This is an external email. Do not 
click on links or open attachments unless you trust the sender.

--

Thanks Rod!

On Wed, Jun 3, 2020 at 7:50 PM Jenkins, Rodney J (Rod) <
jenki...@nationwide.com> wrote:

> I have built the new images.  I am testing this as I send this email.
>
> There will be a pull request to docker-tomee within the hour.  When that
> is approved, I will updated Dockerhub.
>
> Thanks,
> Rod.
    >
    >
    > On 6/1/20, 8:30 AM, "Jenkins, Rodney J (Rod)" 
> wrote:
>
> Nationwide Information Security Warning: This is an external email. Do
> not click on links or open attachments unless you trust the sender.
>
> 
--
>
> Hello All,
>
> I see this is available for download, along with 7.1.3 and 7.0.8.  I
> will get the docker images updated later today or tomorrow.
>
> Thanks,
> Rod.
>
>
> On 5/27/20, 10:01 AM, "Jonathan Gallimore" <
> jonathan.gallim...@gmail.com> wrote:
>
> Nationwide Information Security Warning: This is an external
> email. Do not click on links or open attachments unless you trust the
> sender.
>
> 
--
>
> Just an FYI, something has gone badly wrong in the promotion of
> the Nexus
> staging repo. Some of the artifacts made it to the release
> repository, and
> others didn't. I've filed a ticket with Infra to see if we can get
> it
> resolved. Looking through the JIRAs for INFRA, it looks like there
> are sync
> issues with Maven central as well. So if you're trying to get new
> artifacts
> from Maven, please bear with us.
>
> Jon
>
> On Tue, May 26, 2020 at 12:28 PM Jonathan Gallimore <
> jonathan.gallim...@gmail.com> wrote:
>
> > Hi All,
> >
> > The following votes were cast:
> >
> > +1: (* binding)
> >
> > Richard Zowalla
> > Martin Wiesner
> > Daniel Dias Dos Santos
> > Nishant Raut
> > Stéphane Kay
> > Cesar Hernandez
> > Vincente Rossello
> > Alexandre Vermeerbergen
> > Emerson Castañeda
> > Daniel Cunha
> > Jean-Louis Monteiro *
> > Jonathan Gallimore *
> > Thiago Henrique Hupner
> > Mark Struberg *
> >
> > With 14 +1's and no other votes, this vote passes. I'll promote
> these
> > artifacts and continue with the next steps of the release.
> >
> > Many thanks
> >
> > Jon
> >
> > On Thu, May 14, 2020 at 2:27 PM Jonathan Gallimore <
> > jonathan.gallim...@gmail.com> wrote:
> >
> >> Hi All,
> >>
> >> Here's a third attempt at releasing of TomEE 8.0.2. Please can
> you take a
> >> careful look, review, test and provide feedback.
> >>
> >> Maven Repo:
> >>
> https://repository.apache.org/content/repositories/orgapachetomee-1168
> >>
> >> Binaries & Source:
> >>
> https://dist.apache.org/repos/dist/dev/tomee/staging-1168/tomee-8.0.2
> >>
> >> Tag:
> >>
> >>
> >>
> 
https://gitbox.apache.org/repos/asf?p=tomee.git;a=tag;h=refs/tags/tomee-8.0.2
> >>
> >> Release notes:
> >>
> >>
> >>
> 
https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12312320&version=12346650
> >>
> >> Please VOTE:
> >>
> >> [+1] Yes, release it
> >> [+0] Not fussed
> >> [-1] Don't release, there's a showstopper (please specify what
> the
> >> showstopper is)
> >>
> >> Vote will be open for 72 hours or as needed.
> >>
> >> Thanks
> >>
> >> Jon
> >>
> >
>
>
>
>
>

Re: [RESULT] [VOTE] Release TomEE 8.0.2

[Jenkins, Rodney J (Rod)]

I have built the new images.  I am testing this as I send this email.

There will be a pull request to docker-tomee within the hour.  When that is 
approved, I will updated Dockerhub.

Thanks,
Rod.


On 6/1/20, 8:30 AM, "Jenkins, Rodney J (Rod)"  wrote:

Nationwide Information Security Warning: This is an external email. Do not 
click on links or open attachments unless you trust the sender.

--

Hello All,

I see this is available for download, along with 7.1.3 and 7.0.8.  I will 
get the docker images updated later today or tomorrow.

Thanks,
Rod.


On 5/27/20, 10:01 AM, "Jonathan Gallimore"  
wrote:

Nationwide Information Security Warning: This is an external email. Do 
not click on links or open attachments unless you trust the sender.

--

Just an FYI, something has gone badly wrong in the promotion of the 
Nexus
staging repo. Some of the artifacts made it to the release repository, 
and
others didn't. I've filed a ticket with Infra to see if we can get it
resolved. Looking through the JIRAs for INFRA, it looks like there are 
sync
issues with Maven central as well. So if you're trying to get new 
artifacts
from Maven, please bear with us.

Jon

On Tue, May 26, 2020 at 12:28 PM Jonathan Gallimore <
jonathan.gallim...@gmail.com> wrote:

> Hi All,
>
> The following votes were cast:
>
> +1: (* binding)
>
> Richard Zowalla
> Martin Wiesner
> Daniel Dias Dos Santos
> Nishant Raut
> Stéphane Kay
> Cesar Hernandez
> Vincente Rossello
> Alexandre Vermeerbergen
> Emerson Castañeda
> Daniel Cunha
> Jean-Louis Monteiro *
> Jonathan Gallimore *
> Thiago Henrique Hupner
> Mark Struberg *
>
> With 14 +1's and no other votes, this vote passes. I'll promote these
> artifacts and continue with the next steps of the release.
>
> Many thanks
>
> Jon
>
> On Thu, May 14, 2020 at 2:27 PM Jonathan Gallimore <
> jonathan.gallim...@gmail.com> wrote:
>
>> Hi All,
>>
>> Here's a third attempt at releasing of TomEE 8.0.2. Please can you 
take a
>> careful look, review, test and provide feedback.
>>
>> Maven Repo:
>> 
https://repository.apache.org/content/repositories/orgapachetomee-1168
>>
>> Binaries & Source:
>> https://dist.apache.org/repos/dist/dev/tomee/staging-1168/tomee-8.0.2
>>
>> Tag:
>>
>>
>> 
https://gitbox.apache.org/repos/asf?p=tomee.git;a=tag;h=refs/tags/tomee-8.0.2
>>
>> Release notes:
>>
>>
>> 
https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12312320&version=12346650
>>
>> Please VOTE:
>>
>> [+1] Yes, release it
>> [+0] Not fussed
>> [-1] Don't release, there's a showstopper (please specify what the
>> showstopper is)
>>
>> Vote will be open for 72 hours or as needed.
>>
>> Thanks
>>
>> Jon
>>
>

Re: [RESULT] [VOTE] Release TomEE 8.0.2

[Jenkins, Rodney J (Rod)]

Hello All,

I see this is available for download, along with 7.1.3 and 7.0.8.  I will get 
the docker images updated later today or tomorrow.

Thanks,
Rod.


On 5/27/20, 10:01 AM, "Jonathan Gallimore"  
wrote:

Nationwide Information Security Warning: This is an external email. Do not 
click on links or open attachments unless you trust the sender.

--

Just an FYI, something has gone badly wrong in the promotion of the Nexus
staging repo. Some of the artifacts made it to the release repository, and
others didn't. I've filed a ticket with Infra to see if we can get it
resolved. Looking through the JIRAs for INFRA, it looks like there are sync
issues with Maven central as well. So if you're trying to get new artifacts
from Maven, please bear with us.

Jon

On Tue, May 26, 2020 at 12:28 PM Jonathan Gallimore <
jonathan.gallim...@gmail.com> wrote:

> Hi All,
>
> The following votes were cast:
>
> +1: (* binding)
>
> Richard Zowalla
> Martin Wiesner
> Daniel Dias Dos Santos
> Nishant Raut
> Stéphane Kay
> Cesar Hernandez
> Vincente Rossello
> Alexandre Vermeerbergen
> Emerson Castañeda
> Daniel Cunha
> Jean-Louis Monteiro *
> Jonathan Gallimore *
> Thiago Henrique Hupner
> Mark Struberg *
>
> With 14 +1's and no other votes, this vote passes. I'll promote these
> artifacts and continue with the next steps of the release.
>
> Many thanks
>
> Jon
>
> On Thu, May 14, 2020 at 2:27 PM Jonathan Gallimore <
> jonathan.gallim...@gmail.com> wrote:
>
>> Hi All,
>>
>> Here's a third attempt at releasing of TomEE 8.0.2. Please can you take a
>> careful look, review, test and provide feedback.
>>
>> Maven Repo:
>> https://repository.apache.org/content/repositories/orgapachetomee-1168
>>
>> Binaries & Source:
>> https://dist.apache.org/repos/dist/dev/tomee/staging-1168/tomee-8.0.2
>>
>> Tag:
>>
>>
>> 
https://gitbox.apache.org/repos/asf?p=tomee.git;a=tag;h=refs/tags/tomee-8.0.2
>>
>> Release notes:
>>
>>
>> 
https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12312320&version=12346650
>>
>> Please VOTE:
>>
>> [+1] Yes, release it
>> [+0] Not fussed
>> [-1] Don't release, there's a showstopper (please specify what the
>> showstopper is)
>>
>> Vote will be open for 72 hours or as needed.
>>
>> Thanks
>>
>> Jon
>>
>

Re: [VOTE] Release TomEE 8.0.2

[Jenkins, Rodney J (Rod)]

All,

I am ready to update docker when these are ready.

Rod.


On 5/6/20, 5:11 AM, "Jonathan Gallimore"  wrote:

Nationwide Information Security Warning: This is an external email. Do not 
click on links or open attachments unless you trust the sender.

--

Hi All,

Here's a first attempt at releasing of TomEE 8.0.2. Please can you take a
careful look, review, test and provide feedback.

Maven Repo:
https://repository.apache.org/content/repositories/orgapachetomee-1166

Binaries & Source:
https://dist.apache.org/repos/dist/dev/tomee/staging-1166/tomee-8.0.2

Tag:


https://gitbox.apache.org/repos/asf?p=tomee.git;a=tag;h=refs/tags/tomee-8.0.2

Release notes:


https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12312320&version=12346650

Please VOTE:

[+1] Yes, release it
[+0] Not fussed
[-1] Don't release, there's a showstopper (please specify what the
showstopper is)

Vote will be open for 72 hours or as needed.

Thanks

Jon

Re: Issue with Docker images

[Jenkins, Rodney J (Rod)]

All,

The Docker Hub folks have merged my Pull Request.  All of our Docker images 
should be pointed to the latest version of tomitribe/docker-tomee.

If anyone has any questions, you know the drill.

Thanks,
Rod.


On 4/2/20, 5:47 PM, "Jenkins, Rodney J (Rod)"  wrote:

Nationwide Information Security Warning: This is an external email. Do not 
click on links or open attachments unless you trust the sender.

--

Hello all,

I have issued a pull request to docker-library/official-images to get the 
correct commit in the Docker Library.

If you have any questions, please feel free to reach out.

Thanks,
Rod.


On 4/2/20, 3:24 PM, "Jenkins, Rodney J (Rod)"  
wrote:

Nationwide Information Security Warning: This is an external email. Do 
not click on links or open attachments unless you trust the sender.

--

Hello all,

I hope all of you are well during the COVID issues….


The current DockerHub images for TomEE are pointed to an older commit 
of our GitHub repo.  I will have a fix up later this evening.

If you have any questions, please feel free to reach out.

Thanks,
Rod.

Re: Issue with Docker images

[Jenkins, Rodney J (Rod)]

Hello all,

I have issued a pull request to docker-library/official-images to get the 
correct commit in the Docker Library.

If you have any questions, please feel free to reach out.

Thanks,
Rod.


On 4/2/20, 3:24 PM, "Jenkins, Rodney J (Rod)"  wrote:

Nationwide Information Security Warning: This is an external email. Do not 
click on links or open attachments unless you trust the sender.

--

Hello all,

I hope all of you are well during the COVID issues….


The current DockerHub images for TomEE are pointed to an older commit of 
our GitHub repo.  I will have a fix up later this evening.

If you have any questions, please feel free to reach out.

Thanks,
Rod.

Issue with Docker images

[Jenkins, Rodney J (Rod)]

Hello all,

I hope all of you are well during the COVID issues….


The current DockerHub images for TomEE are pointed to an older commit of our 
GitHub repo.  I will have a fix up later this evening.

If you have any questions, please feel free to reach out.

Thanks,
Rod.

Tomcat 10 discussion

[Jenkins, Rodney J (Rod)]

Hello all,

Have we had a Tomcat 10 discussion or planning on starting one?  I know the 
move to Tomcat 10 will be bumpy ( but not for our fine developers ).

Wondering what the current thought is….

Thanks,
Rod.

Re: [VOTE] Release javaee-api 8.0-4

[Jenkins, Rodney J (Rod)]

>>>
With mod_proxy_ajp you should be able to add
secret=jonssupersecretpassphrase to ProxyPass etc, but this only made it to
the 2.4.x branch of httpd two days ago:
https://github.com/apache/httpd/commit/d8b6d798c177dfdb90cef1a29395afcc043f3c86.
<<<

Find this interesting as I did not update apache recently.  I am wondering if 
that change is already made its way in to the CentOS rpm.  That was the syntax 
I used to solve.

I think I need to do some more research.

Rod.


On 2/26/20, 11:05 AM, "Jonathan Gallimore"  
wrote:

Nationwide Information Security Warning: This is an external email. Do not 
click on links or open attachments unless you trust the sender.

--

> I am not sure that I am a voting member

Everyone is encouraged to vote. Release votes require 3 binding +1 votes.
"Binding" means from a PMC member. You should not let that discourage you
from voting, however. Your feedback is as important as anyone else's, and
if you find a functional or legal issue, then a -1 vote with an explanation
is appreciated.

> but moving to Tomcat .31 and .51 mayb be bumpy if using the AJP protocol.

This vote is only for the Java EE API jar itself, and won't impact the AJP
side of things. When it comes to the actual TomEE release itself - you are
correct - we will need to call out the config changes needed for AJP. There
isn't a way around it - the AJP changes address a recent CVE. It'll likely
be me putting out the TomEE releases after this API jar release, and I'll
provide the details with the settings. I've already run into the AJP
changes here.

> One requires quotes, the other does not.  As far as I know there is not
any good examples/sample I could find in google.

Right. The server.xml config in Tomcat requires quotes, as its an XML
attribute. Mod_jk's config is like this:

worker..secret=

for example:

worker.list=worker1
worker.worker1.type=ajp13
worker.worker1.host=localhost
worker.worker1.port=8009
worker.worker1.secret=jonssupersecretpassphrase

With mod_proxy_ajp you should be able to add
secret=jonssupersecretpassphrase to ProxyPass etc, but this only made it to
the 2.4.x branch of httpd two days ago:

https://github.com/apache/httpd/commit/d8b6d798c177dfdb90cef1a29395afcc043f3c86.
(here's
the commit for master / 2.5:

https://github.com/apache/httpd/commit/b6f596343827f7184b884de2fc3921368744e2e0).
Looks like there might be a new 2.4.x httpd release soon.

Jon

On Wed, Feb 26, 2020 at 4:37 PM Jenkins, Rodney J (Rod) <
jenki...@nationwide.com> wrote:

> I am not sure that I am a voting member and probably does not apply to
> this release, but moving to Tomcat .31 and .51 mayb be bumpy if using the
> AJP protocol.
>
> Tomcat changed the default secretRequired to be true.  However, what they
> do not tell you is you need to add a secret to the server xml AND the 
httpd
> config.
>
> One note I learned the hard way on syntax:
> Tomcat server.xml looks like:   secret="some_string"
> http config looks like:  secret=some_string.
>
> One requires quotes, the other does not.  As far as I know there is not
> any good examples/sample I could find in google.
>
> Thanks,
> Rod.
>
>
> On 2/25/20, 2:10 PM, "Jonathan Gallimore" 
> wrote:
>
> Nationwide Information Security Warning: This is an external email. Do
> not click on links or open attachments unless you trust the sender.
>
> 
--
>
> Hi
>
> This is a vote for an updated Java EE spec jar, with one single change
> over
> javaee-api:8.0-3, which is to use the Tomcat API libraries from 9.0.31
> as
> opposed to 9.0.22.
>
> This is required to fix an issue in the TomEE builds
> where javax.el.ExpressionFactory#getClassNameServices was returning 
the
> first line of the ASF license header as opposed to a class name, and
> this
> being released is a pre-requisite for any further TomEE releases.
>
> *SVN TAG*
>
> https://svn.apache.org/repos/asf/tomee/javaee-api/tags/javaee-api-8.0-4/
>
> *Sources*
>
> 
https://repository.apache.org/service/local/repositories/orgapachetomee-1162/content/org/apache/tomee/javaee-api/8.0-4/javaee-api-8.0-4-source-release.zip
>
> *Binaries*
>
&

Re: [VOTE] Release javaee-api 8.0-4

[Jenkins, Rodney J (Rod)]

I am not sure that I am a voting member and probably does not apply to this 
release, but moving to Tomcat .31 and .51 mayb be bumpy if using the AJP 
protocol.

Tomcat changed the default secretRequired to be true.  However, what they do 
not tell you is you need to add a secret to the server xml AND the httpd config.

One note I learned the hard way on syntax:  
Tomcat server.xml looks like:   secret="some_string"
http config looks like:  secret=some_string.

One requires quotes, the other does not.  As far as I know there is not any 
good examples/sample I could find in google.

Thanks,
Rod.


On 2/25/20, 2:10 PM, "Jonathan Gallimore"  wrote:

Nationwide Information Security Warning: This is an external email. Do not 
click on links or open attachments unless you trust the sender.

--

Hi

This is a vote for an updated Java EE spec jar, with one single change over
javaee-api:8.0-3, which is to use the Tomcat API libraries from 9.0.31 as
opposed to 9.0.22.

This is required to fix an issue in the TomEE builds
where javax.el.ExpressionFactory#getClassNameServices was returning the
first line of the ASF license header as opposed to a class name, and this
being released is a pre-requisite for any further TomEE releases.

*SVN TAG*
https://svn.apache.org/repos/asf/tomee/javaee-api/tags/javaee-api-8.0-4/

*Sources*

https://repository.apache.org/service/local/repositories/orgapachetomee-1162/content/org/apache/tomee/javaee-api/8.0-4/javaee-api-8.0-4-source-release.zip

*Binaries*

https://repository.apache.org/service/local/repositories/orgapachetomee-1162/content/org/apache/tomee/javaee-api/8.0-4/javaee-api-8.0-4.zip

please VOTE
[+1] all fine, ship it
[+0] don't care
[-1] stop, because ${reason}

The VOTE is open for 72h. Here's my +1.

Many thanks

Jon

Re: Docker images for 8.0.0

[Jenkins, Rodney J (Rod)]

I think one thing that is needed is sample Dockerfile for the community to 
reference.  If you learn how to deploy an app in Docker, please add those 
examples to the TomEE examples pages.  I had started this late last year, but 
lost my focus.  It was next on my plate.

Thanks,
Rod.


On 2/25/20, 3:19 PM, "Cesar Hernandez"  wrote:

Nationwide Information Security Warning: This is an external email. Do not 
click on links or open attachments unless you trust the sender.

--

Thanks much Rod, Jonathan and all in the community who made possible
TomEE 8.0.1 available on docker hub.

I checked the commits to understand the changes a new release will require
for the docker files [1] but I wonder if there is some part of the Process
that I can learn first and then contribute add in the documentation?

[1] https://github.com/tomitribe/docker-tomee

El vie., 21 feb. 2020 a las 16:10, Jenkins, Rodney J (Rod) (<
jenki...@nationwide.com>) escribió:

> This is finally done.
>
> Rod.
>
>
> On 2/20/20, 8:49 AM, "Jenkins, Rodney J (Rod)" 
> wrote:
>
> Nationwide Information Security Warning: This is an external email. Do
> not click on links or open attachments unless you trust the sender.
>
> 
--
>
> I saw that and it is fixed.  One day, I will be experienced, lol.
>
> Rod.
>
>
> On 2/20/20, 4:22 AM, "Jonathan Gallimore" <
> jonathan.gallim...@gmail.com> wrote:
>
> Nationwide Information Security Warning: This is an external
> email. Do not click on links or open attachments unless you trust the
> sender.
>
> 
--
>
> Hi Rod
>
> Sent you a PR:
> https://github.com/scriptmonkey/official-images/pull/1 -
> hopefully that has the change needed for the official images repo.
>
> Jon
>
> On Tue, Feb 18, 2020 at 10:16 PM Jenkins, Rodney J (Rod) <
> jenki...@nationwide.com> wrote:
>
> > Pull request created.
> >
> > May be another example of something to include on automated
> testing.
> >
> > Thanks,
> > Rod.
> >
> >
> > On 2/18/20, 2:25 PM, "Jonathan Gallimore" <
> jonathan.gallim...@gmail.com>
> > wrote:
> >
> > Nationwide Information Security Warning: This is an external
> email. Do
> > not click on links or open attachments unless you trust the
> sender.
> >
> >
> 
--
> >
> > > Being I am newer to the project,  I am assuming that
> microprofile was
> >     introduced in 7.1.  Can someone confirm that?  If so, I need
> to remove
> > it
> > from the images.
> >
> > That's correct. Thanks Rod.
> >
> > Jon
> >
> > On Tue, Feb 18, 2020 at 8:21 PM Jenkins, Rodney J (Rod) <
> > jenki...@nationwide.com> wrote:
> >
> > > While working with the Docker-hub folks, they pointed out
> that I
> > have a
> > > Dockerfile for microprofile for 7.0.7.  However, I do not
> see
> > microprofile
> > > files listed here:
> > >
> https://dist.apache.org/repos/dist/release/tomee/tomee-7.0.7/
>     >     >
> > > Being I am newer to the project,  I am assuming that
> microprofile was
> > > introduced in 7.1.  Can someone confirm that?  If so, I
> need to
> > remove it
> > > from the images.
> > >
> > > Thanks,
> > > Rod.
> > >
> > >
> > > On 2/14/20, 11:06 AM, "Jenkins, Rodney J (Rod)" <
> > jenki...@nationwide.com>
> >   

Re: Docker images for 8.0.0

[Jenkins, Rodney J (Rod)]

This is finally done.

Rod.


On 2/20/20, 8:49 AM, "Jenkins, Rodney J (Rod)"  wrote:

Nationwide Information Security Warning: This is an external email. Do not 
click on links or open attachments unless you trust the sender.

--

I saw that and it is fixed.  One day, I will be experienced, lol.

Rod.


On 2/20/20, 4:22 AM, "Jonathan Gallimore"  
wrote:

Nationwide Information Security Warning: This is an external email. Do 
not click on links or open attachments unless you trust the sender.

--

Hi Rod

Sent you a PR: https://github.com/scriptmonkey/official-images/pull/1 -
hopefully that has the change needed for the official images repo.

Jon

On Tue, Feb 18, 2020 at 10:16 PM Jenkins, Rodney J (Rod) <
jenki...@nationwide.com> wrote:

> Pull request created.
>
> May be another example of something to include on automated testing.
>
> Thanks,
> Rod.
>
>
> On 2/18/20, 2:25 PM, "Jonathan Gallimore" 

> wrote:
>
> Nationwide Information Security Warning: This is an external 
email. Do
> not click on links or open attachments unless you trust the sender.
>
> 
--
>
> > Being I am newer to the project,  I am assuming that 
microprofile was
> introduced in 7.1.  Can someone confirm that?  If so, I need to 
remove
> it
> from the images.
>
> That's correct. Thanks Rod.
>
> Jon
>
> On Tue, Feb 18, 2020 at 8:21 PM Jenkins, Rodney J (Rod) <
> jenki...@nationwide.com> wrote:
>
> > While working with the Docker-hub folks, they pointed out that I
> have a
> > Dockerfile for microprofile for 7.0.7.  However, I do not see
> microprofile
> > files listed here:
> > https://dist.apache.org/repos/dist/release/tomee/tomee-7.0.7/
> >
> > Being I am newer to the project,  I am assuming that 
microprofile was
> > introduced in 7.1.  Can someone confirm that?  If so, I need to
    > remove it
    > > from the images.
> >
> > Thanks,
> > Rod.
> >
> >
> > On 2/14/20, 11:06 AM, "Jenkins, Rodney J (Rod)" <
> jenki...@nationwide.com>
> > wrote:
> >
> > Nationwide Information Security Warning: This is an external
> email. Do
> > not click on links or open attachments unless you trust the 
sender.
> >
> >
> 
--
> >
> > Agree with the comments and fixed.
> >
> > Thank you for approving me as a contributor.
> >
> > Rod.
> >
> >
> > On 2/14/20, 5:34 AM, "Jonathan Gallimore" <
> > jonathan.gallim...@gmail.com> wrote:
> >
> > Nationwide Information Security Warning: This is an 
external
> > email. Do not click on links or open attachments unless you 
trust the
> > sender.
> >
> >
> 
--
> >
> > Rod
> >
> > Are you able to handle the feedback on this PR, 
specifically
> > around image
> > tags?
> https://github.com/docker-library/official-images/pull/7471
> >
> > Thanks
> >
> > Jon
> >
> > On Thu, Feb 13, 2020 at 8:48 PM Jonathan Gallimore <
> > jonathan.gallim...@gmail.com> wrote:
> >
> > > Thanks Rod!
> > >
> > > On Thu, Feb 13, 2020 at 8:06 PM Jenkins, Rodney J 
(Rod) <

Re: Docker images for 8.0.0

[Jenkins, Rodney J (Rod)]

I saw that and it is fixed.  One day, I will be experienced, lol.

Rod.


On 2/20/20, 4:22 AM, "Jonathan Gallimore"  wrote:

Nationwide Information Security Warning: This is an external email. Do not 
click on links or open attachments unless you trust the sender.

--

Hi Rod

Sent you a PR: https://github.com/scriptmonkey/official-images/pull/1 -
hopefully that has the change needed for the official images repo.

Jon

On Tue, Feb 18, 2020 at 10:16 PM Jenkins, Rodney J (Rod) <
jenki...@nationwide.com> wrote:

> Pull request created.
>
> May be another example of something to include on automated testing.
>
> Thanks,
> Rod.
>
>
> On 2/18/20, 2:25 PM, "Jonathan Gallimore" 
> wrote:
>
> Nationwide Information Security Warning: This is an external email. Do
> not click on links or open attachments unless you trust the sender.
>
> 
--
>
> > Being I am newer to the project,  I am assuming that microprofile 
was
> introduced in 7.1.  Can someone confirm that?  If so, I need to remove
> it
> from the images.
>
> That's correct. Thanks Rod.
>
> Jon
>
> On Tue, Feb 18, 2020 at 8:21 PM Jenkins, Rodney J (Rod) <
> jenki...@nationwide.com> wrote:
>
> > While working with the Docker-hub folks, they pointed out that I
> have a
> > Dockerfile for microprofile for 7.0.7.  However, I do not see
> microprofile
> > files listed here:
> > https://dist.apache.org/repos/dist/release/tomee/tomee-7.0.7/
> >
> > Being I am newer to the project,  I am assuming that microprofile 
was
> > introduced in 7.1.  Can someone confirm that?  If so, I need to
    > remove it
> > from the images.
> >
> > Thanks,
> > Rod.
> >
> >
> > On 2/14/20, 11:06 AM, "Jenkins, Rodney J (Rod)" <
> jenki...@nationwide.com>
> > wrote:
> >
> > Nationwide Information Security Warning: This is an external
> email. Do
> > not click on links or open attachments unless you trust the sender.
> >
> >
> 
--
> >
> > Agree with the comments and fixed.
> >
> > Thank you for approving me as a contributor.
> >
> > Rod.
> >
> >
> > On 2/14/20, 5:34 AM, "Jonathan Gallimore" <
> > jonathan.gallim...@gmail.com> wrote:
> >
> > Nationwide Information Security Warning: This is an external
> > email. Do not click on links or open attachments unless you trust 
the
> > sender.
> >
> >
> 
--
> >
> > Rod
> >
> > Are you able to handle the feedback on this PR, specifically
> > around image
> >     tags?
> https://github.com/docker-library/official-images/pull/7471
> >
> > Thanks
> >
> > Jon
> >
> > On Thu, Feb 13, 2020 at 8:48 PM Jonathan Gallimore <
> > jonathan.gallim...@gmail.com> wrote:
> >
> > > Thanks Rod!
> > >
> > > On Thu, Feb 13, 2020 at 8:06 PM Jenkins, Rodney J (Rod) <
> > > jenki...@nationwide.com> wrote:
> > >
> > >> FYI to all
> > >>
> > >> Jon merged the pull request this morning.  I created a
> Pull
> > Request to
> > >> the official images.  It can be found here:
> > >>
> https://github.com/docker-library/official-images/pull/7471
> > >>
> > >> I should note that the new versions are:  7.0.6, 7.1.2,
> 8.0.1
> > (I am not
> > >> s

Re: Docker images for 8.0.0

[Jenkins, Rodney J (Rod)]

Pull request created.

May be another example of something to include on automated testing.

Thanks,
Rod.


On 2/18/20, 2:25 PM, "Jonathan Gallimore"  wrote:

Nationwide Information Security Warning: This is an external email. Do not 
click on links or open attachments unless you trust the sender.

--

> Being I am newer to the project,  I am assuming that microprofile was
introduced in 7.1.  Can someone confirm that?  If so, I need to remove it
from the images.

That's correct. Thanks Rod.

Jon

On Tue, Feb 18, 2020 at 8:21 PM Jenkins, Rodney J (Rod) <
jenki...@nationwide.com> wrote:

> While working with the Docker-hub folks, they pointed out that I have a
> Dockerfile for microprofile for 7.0.7.  However, I do not see microprofile
> files listed here:
> https://dist.apache.org/repos/dist/release/tomee/tomee-7.0.7/
>
> Being I am newer to the project,  I am assuming that microprofile was
> introduced in 7.1.  Can someone confirm that?  If so, I need to remove it
> from the images.
>
> Thanks,
> Rod.
    >
>
> On 2/14/20, 11:06 AM, "Jenkins, Rodney J (Rod)" 
> wrote:
>
> Nationwide Information Security Warning: This is an external email. Do
> not click on links or open attachments unless you trust the sender.
>
> 
--
>
> Agree with the comments and fixed.
>
> Thank you for approving me as a contributor.
>
> Rod.
>
>
> On 2/14/20, 5:34 AM, "Jonathan Gallimore" <
> jonathan.gallim...@gmail.com> wrote:
>
> Nationwide Information Security Warning: This is an external
> email. Do not click on links or open attachments unless you trust the
> sender.
>
> 
--
>
> Rod
>
> Are you able to handle the feedback on this PR, specifically
> around image
> tags? https://github.com/docker-library/official-images/pull/7471
>
> Thanks
>
> Jon
>
> On Thu, Feb 13, 2020 at 8:48 PM Jonathan Gallimore <
> jonathan.gallim...@gmail.com> wrote:
>
> > Thanks Rod!
> >
> > On Thu, Feb 13, 2020 at 8:06 PM Jenkins, Rodney J (Rod) <
> > jenki...@nationwide.com> wrote:
> >
> >> FYI to all
> >>
> >> Jon merged the pull request this morning.  I created a Pull
> Request to
> >> the official images.  It can be found here:
> >> https://github.com/docker-library/official-images/pull/7471
> >>
> >> I should note that the new versions are:  7.0.6, 7.1.2, 8.0.1
    > (I am not
> >> sure why this thread says 8.0.0)
> >>
> >> I would expect the new versions to be live in a couple of days.
> >>
> >> Thanks,
> >> Rod.
> >>
> >>
> >> On 2/5/20, 3:24 PM, "Jenkins, Rodney J (Rod)" <
> jenki...@nationwide.com>
> >> wrote:
> >>
> >> Nationwide Information Security Warning: This is an
> external email.
> >> Do not click on links or open attachments unless you trust the
    > sender.
> >>
> >>
> 
--
> >>
> >> Jon,
> >>
> >> Is there anything I need to do to get the Docker images
> released?
> >>
> >> Thanks,
> >> Rod.
> >>
> >>
> >> On 1/23/20, 12:58 PM, "Jenkins, Rodney J (Rod)" <
> >> jenki...@nationwide.com> wrote:
> >>
> >> Nationwide Information Security Warning: This is an
> external
> >> email. Do not click on links or open attachments unless you
> trust the
> >> sender.
> >>
> >>
> 
--

Re: Docker images for 8.0.0

[Jenkins, Rodney J (Rod)]

While working with the Docker-hub folks, they pointed out that I have a 
Dockerfile for microprofile for 7.0.7.  However, I do not see microprofile 
files listed here:  
https://dist.apache.org/repos/dist/release/tomee/tomee-7.0.7/

Being I am newer to the project,  I am assuming that microprofile was 
introduced in 7.1.  Can someone confirm that?  If so, I need to remove it from 
the images.

Thanks,
Rod.


On 2/14/20, 11:06 AM, "Jenkins, Rodney J (Rod)"  
wrote:

Nationwide Information Security Warning: This is an external email. Do not 
click on links or open attachments unless you trust the sender.

--

Agree with the comments and fixed.

Thank you for approving me as a contributor.

Rod.


On 2/14/20, 5:34 AM, "Jonathan Gallimore"  
wrote:

Nationwide Information Security Warning: This is an external email. Do 
not click on links or open attachments unless you trust the sender.

--

Rod

Are you able to handle the feedback on this PR, specifically around 
image
tags? https://github.com/docker-library/official-images/pull/7471

Thanks

Jon

On Thu, Feb 13, 2020 at 8:48 PM Jonathan Gallimore <
jonathan.gallim...@gmail.com> wrote:

> Thanks Rod!
>
> On Thu, Feb 13, 2020 at 8:06 PM Jenkins, Rodney J (Rod) <
> jenki...@nationwide.com> wrote:
>
>> FYI to all
>>
>> Jon merged the pull request this morning.  I created a Pull Request 
to
>> the official images.  It can be found here:
>> https://github.com/docker-library/official-images/pull/7471
>>
>> I should note that the new versions are:  7.0.6, 7.1.2, 8.0.1 (I am 
not
>> sure why this thread says 8.0.0)
>>
>> I would expect the new versions to be live in a couple of days.
    >>
>> Thanks,
>> Rod.
>>
>>
>> On 2/5/20, 3:24 PM, "Jenkins, Rodney J (Rod)" 

>> wrote:
>>
>> Nationwide Information Security Warning: This is an external 
email.
>> Do not click on links or open attachments unless you trust the 
sender.
>>
>> 
--
>>
>> Jon,
    >>
        >> Is there anything I need to do to get the Docker images released?
>>
>> Thanks,
>> Rod.
>>
>>
>> On 1/23/20, 12:58 PM, "Jenkins, Rodney J (Rod)" <
>> jenki...@nationwide.com> wrote:
>>
>> Nationwide Information Security Warning: This is an external
>> email. Do not click on links or open attachments unless you trust the
>> sender.
>>
>> 
--
>>
>> For now, I just made sure they all built successfully.  They 
did
>> and you can see my latest on the pull request.
>>
>> For the future, I am undecided.  Maybe that it is just enough
>> that TomEE is well tested before we get to Docker.
>>
>> Thanks,
>> Rod.
>>
>>
>> On 1/22/20, 3:05 PM, "Jonathan Gallimore" <
>> jonathan.gallim...@gmail.com> wrote:
>>
>> Nationwide Information Security Warning: This is an 
external
>> email. Do not click on links or open attachments unless you trust the
>> sender.
>>
>> 
--
>>
>> How far do you want to go with testing? Personally I 
think a
>> quick
>> automated smoke test would be perfect. The distributions 
are
>> already tested
>> in quite a lot of depth in the build, so I'm not sure we 
need
>> to repeat
>> that in Docker. That's a development view on the 
problem, I'm
>> quite
>> interested in what consumers of the Dockers would expect.
>>
>> Jo

Re: Re: Docker images for 8.0.0

[Jenkins, Rodney J (Rod)]

Agree with the comments and fixed.

Thank you for approving me as a contributor.

Rod.


On 2/14/20, 5:34 AM, "Jonathan Gallimore"  wrote:

Nationwide Information Security Warning: This is an external email. Do not 
click on links or open attachments unless you trust the sender.

--

Rod

Are you able to handle the feedback on this PR, specifically around image
tags? https://github.com/docker-library/official-images/pull/7471

Thanks

Jon

On Thu, Feb 13, 2020 at 8:48 PM Jonathan Gallimore <
jonathan.gallim...@gmail.com> wrote:

> Thanks Rod!
>
> On Thu, Feb 13, 2020 at 8:06 PM Jenkins, Rodney J (Rod) <
> jenki...@nationwide.com> wrote:
>
>> FYI to all
>>
>> Jon merged the pull request this morning.  I created a Pull Request to
>> the official images.  It can be found here:
>> https://github.com/docker-library/official-images/pull/7471
>>
>> I should note that the new versions are:  7.0.6, 7.1.2, 8.0.1 (I am not
>> sure why this thread says 8.0.0)
>>
>> I would expect the new versions to be live in a couple of days.
    >>
>> Thanks,
>> Rod.
>>
>>
>> On 2/5/20, 3:24 PM, "Jenkins, Rodney J (Rod)" 
>> wrote:
>>
>> Nationwide Information Security Warning: This is an external email.
>> Do not click on links or open attachments unless you trust the sender.
>>
>> 
--
>>
>>     Jon,
    >>
>> Is there anything I need to do to get the Docker images released?
>>
>> Thanks,
>> Rod.
>>
>>
>> On 1/23/20, 12:58 PM, "Jenkins, Rodney J (Rod)" <
>> jenki...@nationwide.com> wrote:
>>
>> Nationwide Information Security Warning: This is an external
>> email. Do not click on links or open attachments unless you trust the
>> sender.
>>
>> 
--
>>
>> For now, I just made sure they all built successfully.  They did
>> and you can see my latest on the pull request.
>>
>> For the future, I am undecided.  Maybe that it is just enough
>> that TomEE is well tested before we get to Docker.
>>
>> Thanks,
>> Rod.
>>
>>
>> On 1/22/20, 3:05 PM, "Jonathan Gallimore" <
>> jonathan.gallim...@gmail.com> wrote:
>>
>> Nationwide Information Security Warning: This is an external
>> email. Do not click on links or open attachments unless you trust the
>> sender.
>>
>> 
--
>>
>> How far do you want to go with testing? Personally I think a
>> quick
>>         automated smoke test would be perfect. The distributions are
>> already tested
>> in quite a lot of depth in the build, so I'm not sure we need
>> to repeat
>> that in Docker. That's a development view on the problem, I'm
>> quite
>> interested in what consumers of the Dockers would expect.
>>
>> Jon
>>
>> On Wed, Jan 22, 2020 at 6:22 PM Jenkins, Rodney J (Rod) <
>> jenki...@nationwide.com> wrote:
>>
>> > Jon,
>> >
>> > I was able to get it to build, thank you!!!
>> >
>> > This leads me to a larger concern:  Testing of the docker
>> images.   I am
>> > open to ideas on how to test these images I create.
>> Currently, I spot
>> > check just to see if they build, which is pretty weak.
>> >
>> > Anyone have ideas for some additional testing?
>> >
>> > Thanks,
>> > Rod.
>> >
>> >
>> > On 1/21/20, 4:21 PM, "Jonathan Gallimore" <
>> jonathan.gallim...@gmail.com>
>> > wrote:
>> 

Re: Docker images for 8.0.0

[Jenkins, Rodney J (Rod)]

FYI to all

Jon merged the pull request this morning.  I created a Pull Request to the 
official images.  It can be found here: 
https://github.com/docker-library/official-images/pull/7471

I should note that the new versions are:  7.0.6, 7.1.2, 8.0.1 (I am not sure 
why this thread says 8.0.0)

I would expect the new versions to be live in a couple of days.

Thanks,
Rod.


On 2/5/20, 3:24 PM, "Jenkins, Rodney J (Rod)"  wrote:

Nationwide Information Security Warning: This is an external email. Do not 
click on links or open attachments unless you trust the sender.

--

Jon,

Is there anything I need to do to get the Docker images released?

Thanks,
Rod.


On 1/23/20, 12:58 PM, "Jenkins, Rodney J (Rod)"  
wrote:

Nationwide Information Security Warning: This is an external email. Do 
not click on links or open attachments unless you trust the sender.

--

For now, I just made sure they all built successfully.  They did and 
you can see my latest on the pull request.

For the future, I am undecided.  Maybe that it is just enough that 
TomEE is well tested before we get to Docker.

Thanks,
Rod.


On 1/22/20, 3:05 PM, "Jonathan Gallimore" 
 wrote:

Nationwide Information Security Warning: This is an external email. 
Do not click on links or open attachments unless you trust the sender.

--

How far do you want to go with testing? Personally I think a quick
automated smoke test would be perfect. The distributions are 
already tested
in quite a lot of depth in the build, so I'm not sure we need to 
repeat
that in Docker. That's a development view on the problem, I'm quite
interested in what consumers of the Dockers would expect.

Jon

    On Wed, Jan 22, 2020 at 6:22 PM Jenkins, Rodney J (Rod) <
jenki...@nationwide.com> wrote:

> Jon,
>
> I was able to get it to build, thank you!!!
>
> This leads me to a larger concern:  Testing of the docker images. 
  I am
> open to ideas on how to test these images I create.  Currently, I 
spot
> check just to see if they build, which is pretty weak.
>
> Anyone have ideas for some additional testing?
>
> Thanks,
> Rod.
>
>
> On 1/21/20, 4:21 PM, "Jonathan Gallimore" 

> wrote:
>
> Nationwide Information Security Warning: This is an external 
email. Do
> not click on links or open attachments unless you trust the 
sender.
>
> 
--
>
> These should be there now - my sincere apologies for that.
>
> Jon
>
> On Tue, Jan 21, 2020 at 5:30 PM Jonathan Gallimore <
> jonathan.gallim...@gmail.com> wrote:
            >
> > I'll get that fixed. Thanks Rod.
> >
> > On Tue, Jan 21, 2020 at 5:04 PM Jenkins, Rodney J (Rod) <
> > jenki...@nationwide.com> wrote:
> >
> >> Jonathan,
> >>
> >> The docker build are failing due to:
> >>
> >>
> 
https://dist.apache.org/repos/dist/release/tomee/tomee-8.0.1/apache-tomee-8.0.1-plus.tar.gz.asc
    > >>
> >> File is not available.  I see it there for 8.0.0.
> >>
> >> Rod.
> >>
> >>
> >> On 1/21/20, 10:51 AM, "Jenkins, Rodney J (Rod)" <
> jenki...@nationwide.com>
> >> wrote:
> >>
> >> Nationwide Information Security Warning: This is an 
external
> email.
> >> Do not click on links or open attachments unless you trust 
the
> sender.
> >>
> >>
> 
--

Re: Docker images for 8.0.0

[Jenkins, Rodney J (Rod)]

Jon,

Is there anything I need to do to get the Docker images released?

Thanks,
Rod.


On 1/23/20, 12:58 PM, "Jenkins, Rodney J (Rod)"  
wrote:

Nationwide Information Security Warning: This is an external email. Do not 
click on links or open attachments unless you trust the sender.

--

For now, I just made sure they all built successfully.  They did and you 
can see my latest on the pull request.

For the future, I am undecided.  Maybe that it is just enough that TomEE is 
well tested before we get to Docker.

Thanks,
Rod.


On 1/22/20, 3:05 PM, "Jonathan Gallimore"  
wrote:

Nationwide Information Security Warning: This is an external email. Do 
not click on links or open attachments unless you trust the sender.

--

How far do you want to go with testing? Personally I think a quick
automated smoke test would be perfect. The distributions are already 
tested
in quite a lot of depth in the build, so I'm not sure we need to repeat
that in Docker. That's a development view on the problem, I'm quite
interested in what consumers of the Dockers would expect.

Jon

    On Wed, Jan 22, 2020 at 6:22 PM Jenkins, Rodney J (Rod) <
jenki...@nationwide.com> wrote:

> Jon,
>
> I was able to get it to build, thank you!!!
>
> This leads me to a larger concern:  Testing of the docker images.   I 
am
> open to ideas on how to test these images I create.  Currently, I spot
> check just to see if they build, which is pretty weak.
>
> Anyone have ideas for some additional testing?
>
> Thanks,
> Rod.
>
>
> On 1/21/20, 4:21 PM, "Jonathan Gallimore" 

> wrote:
>
> Nationwide Information Security Warning: This is an external 
email. Do
> not click on links or open attachments unless you trust the sender.
>
> 
--
>
> These should be there now - my sincere apologies for that.
>
> Jon
>
> On Tue, Jan 21, 2020 at 5:30 PM Jonathan Gallimore <
> jonathan.gallim...@gmail.com> wrote:
    >
> > I'll get that fixed. Thanks Rod.
> >
> > On Tue, Jan 21, 2020 at 5:04 PM Jenkins, Rodney J (Rod) <
> > jenki...@nationwide.com> wrote:
> >
> >> Jonathan,
> >>
> >> The docker build are failing due to:
> >>
> >>
> 
https://dist.apache.org/repos/dist/release/tomee/tomee-8.0.1/apache-tomee-8.0.1-plus.tar.gz.asc
> >>
> >> File is not available.  I see it there for 8.0.0.
> >>
> >> Rod.
> >>
> >>
> >> On 1/21/20, 10:51 AM, "Jenkins, Rodney J (Rod)" <
> jenki...@nationwide.com>
> >> wrote:
> >>
> >> Nationwide Information Security Warning: This is an 
external
> email.
> >> Do not click on links or open attachments unless you trust the
> sender.
> >>
> >>
> 
--
> >>
> >> I will get new Docker images out in the next 24 hours.
> >>
> >> Rod.
> >>
> >>
> >> On 1/20/20, 5:59 AM, "Jonathan Gallimore" <
> >> jonathan.gallim...@gmail.com> wrote:
> >>
> >> Nationwide Information Security Warning: This is an 
external
> >> email. Do not click on links or open attachments unless you 
trust
> the
> >> sender.
> >>
> >>
> 
--
> >>
> >> On Mon, Jan 20, 2020 at 11:54 AM COURTAULT Francois <
> >> francois.courta...@thalesgroup.com> wrote:
> >