18:02:07 <kohsuke> #startmeeting
18:02:07 <robobutler> Let the Jenkins meeting commence!
18:02:15 <kohsuke> #chair rtyler hare_brain  danielbeck
18:02:15 <robobutler> Current chairs: danielbeck hare_brain kohsuke rtyler
18:02:32 <kohsuke> #topic recap of actions
18:02:47 <danielbeck> there were none from last time
18:02:59 <danielbeck> from earlier:
18:03:38 <kohsuke> Should we move to the next one?
18:03:40 <danielbeck> KK granted me LDAP admin access to I could add myself to the admins group to build the list of Artifactory admins, but it looks like that group does not govern Artifactory admin access, so he'll need to be more involved there
18:03:58 <kohsuke> hmm
18:04:16 <kohsuke> That's odd, but let's work on that
18:04:21 <danielbeck> #jenkins-meeting is pending the bot joining the channel, I think something's wrong with jenkins-infra or my understanding of it. Will dig deeper.
18:04:43 <kohsuke> docker containers won't auto restart I. Is that it?
18:04:51 <danielbeck> probably
18:05:03 <danielbeck> only saw 5 minutes ago that rtyler merged my PR into prod
18:05:56 <kohsuke> Should we move on to the next topic?
18:06:01 <danielbeck> sec
18:06:26 <danielbeck> We blessed the travel grant program last time, but KK was overly specific as to which revision and it was an outdated one
18:06:36 <kohsuke> oops
18:07:05 <danielbeck> I just put the page up to link to the one that was current during the meeting
18:07:26 <danielbeck> just FYI in case someone stumbles upon this, I don't think this matters too much
18:07:32 <kohsuke> yeah
18:07:52 <danielbeck> not trying to get my evil changes in there without review :-)
18:07:56 <danielbeck> that's it from me
18:08:31 <kohsuke> #topic LTS backporting status check
18:08:38 <kohsuke> ogondza: all yours
18:08:42 <ogondza> only 3 backports this time
18:08:57 <danielbeck> ogondza Thanks for the expedited backport of the stephenc fix
18:08:57 <ogondza> including the deadlock Stephen and Daniel wanted
18:09:08 <ogondza> we are ready
18:09:22 <kohsuke> Yay
18:09:25 <danielbeck> https://github.com/jenkinsci/jenkins/pull/1825
18:09:27 <danielbeck> for context
18:09:33 <ogondza> danielbeck: it would be greate if some of you can give it some extra testing during the rc period
18:09:52 <danielbeck> ogondza Yep I already pinged stephenc about this
18:09:54 <kohsuke> #agreed release is ready
18:10:01 <ogondza> danielbeck: thanks
18:10:05 <kohsuke> #action kohsuke needs to give means for danielbeck  to annotate release notes
18:10:19 <kohsuke> ... for this is the LTS that requires Java7 dependency
18:10:53 <kohsuke> #topic Protect master branches of repositories
18:11:02 <danielbeck> and the unannounced config.xml/home layout changes in 1.609.x were already a mess. We don't have a real LTS changelog, and that needs to change. With Java 7 being required now it's especially important.
18:11:34 <ogondza> I intended to protect core's master agains deletion andforce pushes
18:11:42 <kohsuke> ogondza: yeah, seems like a no brainer
18:11:50 <ogondza> are any other branches we want to protect?
18:11:53 <danielbeck> only core?
18:12:02 <ogondza> can we sugges this for all plugin maintainers?
18:12:03 <kohsuke> why just limit ourselves to core?
18:12:44 <ogondza> I do not think appling this everywhere is a good idea
18:12:49 <danielbeck> ogondza stable-xxx?
18:12:59 <kohsuke> This calls for creating a maintenance script to groom our repositories.
18:13:13 <kohsuke> Also useful for disabling issue trackers and fixing team/repo assignments
18:13:18 <ogondza> danielbeck: it would require to add those every 12 weeks
18:13:29 <ogondza> and I always have the updated copy :P
18:13:59 <danielbeck> kohsuke GitHub is rolling out a new permissions model where users can be granted privileges individually. So we could get rid of groups. I have a few ideas here, but not today
18:14:07 <kohsuke> ok
18:14:32 <ogondza> so, do we want to protect master in every repo?
18:14:55 <kohsuke> IMO yes, otherwise it won't prevent the accident that happened before
18:15:17 <ogondza> well, it wont. I do not feel strongly
18:15:18 <kohsuke> That's the stated goal, right?
18:15:29 <kohsuke> Any reasons not to?
18:15:36 <ogondza> lets go with that
18:15:52 <kohsuke> danielbeck: is that OK?
18:16:07 <danielbeck> have we discussed this on the dev list?
18:16:21 <ogondza> danielbeck: no relevant comments
18:16:38 <ogondza> https://groups.google.com/forum/#!topic/jenkinsci-dev/0ciUju7raOA
18:17:12 <ogondza> perhaps we should announce this and wait for people to complain while we prepare the automation
18:17:23 <kohsuke> sounds good
18:17:30 <danielbeck> sounds good. Plus let's be open to people who want it removed
18:17:37 <kohsuke> let's record the agreement and we'd naturally  take some time before we can execute it
18:17:49 <kohsuke> if we hear back in the mean time we'll reconsider
18:18:14 <ogondza> how to opt out? whitelist in infra repo with the script?
18:18:48 <danielbeck> BTW I have an idea rattling around in my head that would allow removing Everyone and its the default-write permission without impacting contributors. More on the dev list soon.
18:19:10 <ogondza> danielbeck: should we postpone this?
18:19:10 <danielbeck> still, protecting master is a good idea.
18:19:17 <ogondza> ah, ok
18:19:17 <kohsuke> opt out is probably a white list for the script
18:19:46 <danielbeck> for now we could add it to the jenkins-admin bot and run the script only once
18:19:55 <kohsuke> #agreed we will start protecting the master branch of all repos in the jenkinsci org from force push, as well as additional key branches in the core repo.
18:20:18 <kohsuke> #agreed if anyone disagrees, please let us know sooner than later.
18:20:43 <kohsuke> should we move on?
18:20:51 <ogondza> right
18:21:14 <kohsuke> #topic next meeting
18:21:25 <kohsuke> Next meeting is Sep 30th the same time
18:21:40 <kohsuke> #endmeeting