Re: GitHub issues option in HOSTING

2020-06-09 Thread 'Gavin Mogan' via Jenkins Developers
So re surfacing this old topic now that we've merged and deployed the updated plugin site with GitHub releases and jira issues My next steps is start supporting GitHub issues for plugins that uses them. But this topic never came to a conclusion. If we are officially supporting GitHub issues,

Re: ANN: Jenkins release artifacts uploads blockage on June 09, and a temporary downloads issue

2020-06-09 Thread Dmitry Sotnikov
Thank you, Oleg and the Security Team! Dmitry On Tuesday, June 9, 2020 at 8:00:25 AM UTC-7, Oleg Nenashev wrote: > > Dear all, > > As you may have noticed, the release artifact uploads are currently > blocked in the Jenkins Artifactory instances (https://repo.jenkins-ci.org/). > We are doing a

ANN: Jenkins release artifacts uploads blockage on June 09, and a temporary downloads issue

2020-06-09 Thread Oleg Nenashev
Dear all, As you may have noticed, the release artifact uploads are currently blocked in the Jenkins Artifactory instances (https://repo.jenkins-ci.org/). We are doing a security investigation due to a partial user database loss on June 02. Today we blocked releases to the Jenkins artifactory,

Re: accounts.jenkins.io can't login or use password reset

2020-06-09 Thread Oleg Nenashev
Downloads are restored. Another workaround has been applied by Daniel in https://github.com/jenkins-infra/repository-permissions-updater/pull/1569 , so no user downloads are no longer broken. Thanks a lot to Daniel Beck for the quick fix! Uploads are still blocked for everyone except a few

Re: accounts.jenkins.io can't login or use password reset

2020-06-09 Thread Oleg Nenashev
We are also experiencing issues with artifact downloads, likely a collateral damage after the change On Tuesday, June 9, 2020 at 11:15:03 AM UTC+2, Oleg Nenashev wrote: > > Hi all, > > An official update w.r.t this topic is coming soon. I confirm the > assessment by Dmitry, it is a potential

Re: accounts.jenkins.io can't login or use password reset

2020-06-09 Thread Oleg Nenashev
Hi all, An official update w.r.t this topic is coming soon. I confirm the assessment by Dmitry, it is a potential security risk which was reported on multiple occasions. SECURITY-1895 is a report for this incident, and it is currently being investigated by the security team. Just to provide

External Fingerprint Storage for Jenkins

2020-06-09 Thread Sumit Sarin
Hi all, It brings me great joy in introducing the Jenkins community to one of the ongoing Google Summer of Code (GSoC) projects: *External Fingerprint Storage for Jenkins*. File fingerprinting is a way to track which version of a file is being used by a job/build, making dependency tracking

Re: RCA of memory conditions on Ubuntu EC2 agents on ci.jenkins.io causing test instability

2020-06-09 Thread Tim Jacomb
Hi all, I've done the following: * linux docker - was t3.small, now t3a.large (2 core 8gb) * arm64 - was a1.medium, now t3a.large (2 core 8gb) ref: https://aws.amazon.com/ec2/pricing/on-demand/ (region is US East) Let's monitor and see how we go (pricing and performance wise) High mem could