JEP-224 and ExtendedRead - Time to graduate to GA?

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

JEP-224 and ExtendedRead - Time to graduate to GA?

Tim Jacomb
Hi all

Thoughts on graduating to GA:
  • Agent/ExtendedRead
  • Job/ExtendedRead
  • Overall/SystemRead
GA would mean:
  • Enabled by default
  • Beta API restriction removed from Overall/SystemRead
  • Only weekly line affected for now, wouldn't be GA in LTS until the line after 2.249
Note: enabling by default doesn't make a huge practical difference as the extended-read-permission plugin is depended on by role strategy and matrix-auth and installing that plugin enabled the permission, which means that any updated instance has had this automatically enabled, as can be seen in this graph:

image.png

Background:

Job/ExtendedRead was introduced into Jenkins in 2009, and has seen many plugins adopt it over the years, but was disabled by default to gather feedback and because of a concern over the permissions matrix getting too wide.

Agent/ExtendedRead was introduced in 2013, but didn't see much adoption as it was only added for the REST API in core, undocumented and the extended-read-permission plugin didn't enable it like it did for jobs. This was fixed in 2.238, with access being extended to all agent views.

Overall/SystemRead was introduced in 2.222 as part of JEP-224, it added onto the initial Job/ExtendedRead by extending the jelly controls to have a read only appearance, replacing text boxes with text, and disabling controls like radio buttons and checkboxes. Initially it was just used on the System configuration page, but many patches were landed up till 2.239 to cover most of Jenkins core. Additionally Cloud Stats, JCasC, Simple Disk Usage, Matrix Auth and Role Strategy plugins have been updated.

I've created draft PRs for updating the status of the JEP and Jenkins core pending feedback.

Thoughts +1, -1, ±0?

Thanks
Tim


--
You received this message because you are subscribed to the Google Groups "Jenkins Developers" group.
To unsubscribe from this group and stop receiving emails from it, send an email to [hidden email].
To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-dev/CAH-3Bif0szBQPcRiaQWNweMaPgBvhA9BbhBDEwbd35XxB2hyQA%40mail.gmail.com.
Reply | Threaded
Open this post in threaded view
|

Re: JEP-224 and ExtendedRead - Time to graduate to GA?

Tim Jacomb
Minor correction matrix auth doesn't depend on the plugin and role strategy will no longer depend on it after https://github.com/jenkinsci/role-strategy-plugin/pull/139 is merged
(Both have a minimum core of 2.222.x)

On Thu, 13 Aug 2020 at 21:46, Tim Jacomb <[hidden email]> wrote:
Hi all

Thoughts on graduating to GA:
  • Agent/ExtendedRead
  • Job/ExtendedRead
  • Overall/SystemRead
GA would mean:
  • Enabled by default
  • Beta API restriction removed from Overall/SystemRead
  • Only weekly line affected for now, wouldn't be GA in LTS until the line after 2.249
Note: enabling by default doesn't make a huge practical difference as the extended-read-permission plugin is depended on by role strategy and matrix-auth and installing that plugin enabled the permission, which means that any updated instance has had this automatically enabled, as can be seen in this graph:

image.png

Background:

Job/ExtendedRead was introduced into Jenkins in 2009, and has seen many plugins adopt it over the years, but was disabled by default to gather feedback and because of a concern over the permissions matrix getting too wide.

Agent/ExtendedRead was introduced in 2013, but didn't see much adoption as it was only added for the REST API in core, undocumented and the extended-read-permission plugin didn't enable it like it did for jobs. This was fixed in 2.238, with access being extended to all agent views.

Overall/SystemRead was introduced in 2.222 as part of JEP-224, it added onto the initial Job/ExtendedRead by extending the jelly controls to have a read only appearance, replacing text boxes with text, and disabling controls like radio buttons and checkboxes. Initially it was just used on the System configuration page, but many patches were landed up till 2.239 to cover most of Jenkins core. Additionally Cloud Stats, JCasC, Simple Disk Usage, Matrix Auth and Role Strategy plugins have been updated.

I've created draft PRs for updating the status of the JEP and Jenkins core pending feedback.

Thoughts +1, -1, ±0?

Thanks
Tim


--
You received this message because you are subscribed to the Google Groups "Jenkins Developers" group.
To unsubscribe from this group and stop receiving emails from it, send an email to [hidden email].
To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-dev/CAH-3BicOv%2BBkYtxFsoGyyE%2Bsiz6esxppp9_A%3DDdr-%3DejFzCnZw%40mail.gmail.com.
Reply | Threaded
Open this post in threaded view
|

Re: JEP-224 and ExtendedRead - Time to graduate to GA?

Antonio Muñiz
+1

On Thu, 13 Aug 2020 at 22:59, Tim Jacomb <[hidden email]> wrote:
Minor correction matrix auth doesn't depend on the plugin and role strategy will no longer depend on it after https://github.com/jenkinsci/role-strategy-plugin/pull/139 is merged
(Both have a minimum core of 2.222.x)

On Thu, 13 Aug 2020 at 21:46, Tim Jacomb <[hidden email]> wrote:
Hi all

Thoughts on graduating to GA:
  • Agent/ExtendedRead
  • Job/ExtendedRead
  • Overall/SystemRead
GA would mean:
  • Enabled by default
  • Beta API restriction removed from Overall/SystemRead
  • Only weekly line affected for now, wouldn't be GA in LTS until the line after 2.249
Note: enabling by default doesn't make a huge practical difference as the extended-read-permission plugin is depended on by role strategy and matrix-auth and installing that plugin enabled the permission, which means that any updated instance has had this automatically enabled, as can be seen in this graph:

image.png

Background:

Job/ExtendedRead was introduced into Jenkins in 2009, and has seen many plugins adopt it over the years, but was disabled by default to gather feedback and because of a concern over the permissions matrix getting too wide.

Agent/ExtendedRead was introduced in 2013, but didn't see much adoption as it was only added for the REST API in core, undocumented and the extended-read-permission plugin didn't enable it like it did for jobs. This was fixed in 2.238, with access being extended to all agent views.

Overall/SystemRead was introduced in 2.222 as part of JEP-224, it added onto the initial Job/ExtendedRead by extending the jelly controls to have a read only appearance, replacing text boxes with text, and disabling controls like radio buttons and checkboxes. Initially it was just used on the System configuration page, but many patches were landed up till 2.239 to cover most of Jenkins core. Additionally Cloud Stats, JCasC, Simple Disk Usage, Matrix Auth and Role Strategy plugins have been updated.

I've created draft PRs for updating the status of the JEP and Jenkins core pending feedback.

Thoughts +1, -1, ±0?

Thanks
Tim


--
You received this message because you are subscribed to the Google Groups "Jenkins Developers" group.
To unsubscribe from this group and stop receiving emails from it, send an email to [hidden email].
To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-dev/CAH-3BicOv%2BBkYtxFsoGyyE%2Bsiz6esxppp9_A%3DDdr-%3DejFzCnZw%40mail.gmail.com.


--
Antonio Muñiz
Human, Engineer
CloudBees, Inc.

--
You received this message because you are subscribed to the Google Groups "Jenkins Developers" group.
To unsubscribe from this group and stop receiving emails from it, send an email to [hidden email].
To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-dev/CAJc7kzRHYeHA-sATKMfOZv8YWO8%3D%3De90wO0FUys5J6S75x3ffQ%40mail.gmail.com.
Reply | Threaded
Open this post in threaded view
|

Re: JEP-224 and ExtendedRead - Time to graduate to GA?

Oleg Nenashev
+1 from me as a BDFL delegate in this story.
I believe that the community process has been followed, and that all necessary quality gates have been passed.
If there is no negative feedback, I plan to merge the pull request and mark the pull request as accepted

Best regards,
Oleg

On Friday, August 14, 2020 at 1:24:22 PM UTC+2, Antonio Muñiz wrote:
+1

On Thu, 13 Aug 2020 at 22:59, Tim Jacomb <<a href="javascript:" target="_blank" gdf-obfuscated-mailto="astO_8_5AgAJ" rel="nofollow" onmousedown="this.href=&#39;javascript:&#39;;return true;" onclick="this.href=&#39;javascript:&#39;;return true;">timja...@...> wrote:
Minor correction matrix auth doesn't depend on the plugin and role strategy will no longer depend on it after <a href="https://github.com/jenkinsci/role-strategy-plugin/pull/139" target="_blank" rel="nofollow" onmousedown="this.href=&#39;https://www.google.com/url?q\x3dhttps%3A%2F%2Fgithub.com%2Fjenkinsci%2Frole-strategy-plugin%2Fpull%2F139\x26sa\x3dD\x26sntz\x3d1\x26usg\x3dAFQjCNEfCh2CuYV4wjaHF5vY9nzEoT5Nmw&#39;;return true;" onclick="this.href=&#39;https://www.google.com/url?q\x3dhttps%3A%2F%2Fgithub.com%2Fjenkinsci%2Frole-strategy-plugin%2Fpull%2F139\x26sa\x3dD\x26sntz\x3d1\x26usg\x3dAFQjCNEfCh2CuYV4wjaHF5vY9nzEoT5Nmw&#39;;return true;">https://github.com/jenkinsci/role-strategy-plugin/pull/139 is merged
(Both have a minimum core of 2.222.x)

On Thu, 13 Aug 2020 at 21:46, Tim Jacomb <<a href="javascript:" target="_blank" gdf-obfuscated-mailto="astO_8_5AgAJ" rel="nofollow" onmousedown="this.href=&#39;javascript:&#39;;return true;" onclick="this.href=&#39;javascript:&#39;;return true;">timja...@...> wrote:
Hi all

Thoughts on graduating to GA:
  • Agent/ExtendedRead
  • Job/ExtendedRead
  • Overall/SystemRead
GA would mean:
  • Enabled by default
  • Beta API restriction removed from Overall/SystemRead
  • Only weekly line affected for now, wouldn't be GA in LTS until the line after 2.249
Note: enabling by default doesn't make a huge practical difference as the extended-read-permission plugin is depended on by role strategy and matrix-auth and installing that plugin enabled the permission, which means that any updated instance has had this automatically enabled, as can be seen in this <a href="https://plugins.jenkins.io/extended-read-permission/" target="_blank" rel="nofollow" onmousedown="this.href=&#39;https://www.google.com/url?q\x3dhttps%3A%2F%2Fplugins.jenkins.io%2Fextended-read-permission%2F\x26sa\x3dD\x26sntz\x3d1\x26usg\x3dAFQjCNE5tT8qEZn8Uq-FdDYVQVZPk9fCBg&#39;;return true;" onclick="this.href=&#39;https://www.google.com/url?q\x3dhttps%3A%2F%2Fplugins.jenkins.io%2Fextended-read-permission%2F\x26sa\x3dD\x26sntz\x3d1\x26usg\x3dAFQjCNE5tT8qEZn8Uq-FdDYVQVZPk9fCBg&#39;;return true;">graph:

image.png

Background:

Job/ExtendedRead was introduced into <a href="http://jenkins-ci.361315.n4.nabble.com/Allowing-read-only-access-to-config-xml-td393245.html" target="_blank" rel="nofollow" onmousedown="this.href=&#39;http://www.google.com/url?q\x3dhttp%3A%2F%2Fjenkins-ci.361315.n4.nabble.com%2FAllowing-read-only-access-to-config-xml-td393245.html\x26sa\x3dD\x26sntz\x3d1\x26usg\x3dAFQjCNGhjkoV7K6YgWoutZW-DwMCGkz3JA&#39;;return true;" onclick="this.href=&#39;http://www.google.com/url?q\x3dhttp%3A%2F%2Fjenkins-ci.361315.n4.nabble.com%2FAllowing-read-only-access-to-config-xml-td393245.html\x26sa\x3dD\x26sntz\x3d1\x26usg\x3dAFQjCNGhjkoV7K6YgWoutZW-DwMCGkz3JA&#39;;return true;">Jenkins in 2009, and has seen many plugins adopt it over the years, but was disabled by default to gather feedback and because of a concern over the permissions matrix getting too wide.

Agent/ExtendedRead was introduced in <a href="https://github.com/jenkinsci/jenkins/commit/5db147e85802c75bac19320383dcaeed88bc77ba" target="_blank" rel="nofollow" onmousedown="this.href=&#39;https://www.google.com/url?q\x3dhttps%3A%2F%2Fgithub.com%2Fjenkinsci%2Fjenkins%2Fcommit%2F5db147e85802c75bac19320383dcaeed88bc77ba\x26sa\x3dD\x26sntz\x3d1\x26usg\x3dAFQjCNH2AFnoj2YCh1ZtWFlkquVg7T4jnA&#39;;return true;" onclick="this.href=&#39;https://www.google.com/url?q\x3dhttps%3A%2F%2Fgithub.com%2Fjenkinsci%2Fjenkins%2Fcommit%2F5db147e85802c75bac19320383dcaeed88bc77ba\x26sa\x3dD\x26sntz\x3d1\x26usg\x3dAFQjCNH2AFnoj2YCh1ZtWFlkquVg7T4jnA&#39;;return true;">2013, but didn't see much adoption as it was only added for the REST API in core, undocumented and the extended-read-permission plugin didn't enable it like it did for jobs. This was fixed in <a href="https://www.jenkins.io/changelog/#v2.238" target="_blank" rel="nofollow" onmousedown="this.href=&#39;https://www.google.com/url?q\x3dhttps%3A%2F%2Fwww.jenkins.io%2Fchangelog%2F%23v2.238\x26sa\x3dD\x26sntz\x3d1\x26usg\x3dAFQjCNHVdyfpxaTeEc3h3xP5za90t-1GGw&#39;;return true;" onclick="this.href=&#39;https://www.google.com/url?q\x3dhttps%3A%2F%2Fwww.jenkins.io%2Fchangelog%2F%23v2.238\x26sa\x3dD\x26sntz\x3d1\x26usg\x3dAFQjCNHVdyfpxaTeEc3h3xP5za90t-1GGw&#39;;return true;">2.238, with access being extended to all agent views.

Overall/SystemRead was introduced in <a href="https://www.jenkins.io/changelog-old/#v2.222" target="_blank" rel="nofollow" onmousedown="this.href=&#39;https://www.google.com/url?q\x3dhttps%3A%2F%2Fwww.jenkins.io%2Fchangelog-old%2F%23v2.222\x26sa\x3dD\x26sntz\x3d1\x26usg\x3dAFQjCNGm8iU4NJgZOvvFwulZw_DlYhySBQ&#39;;return true;" onclick="this.href=&#39;https://www.google.com/url?q\x3dhttps%3A%2F%2Fwww.jenkins.io%2Fchangelog-old%2F%23v2.222\x26sa\x3dD\x26sntz\x3d1\x26usg\x3dAFQjCNGm8iU4NJgZOvvFwulZw_DlYhySBQ&#39;;return true;">2.222 as part of <a href="https://www.jenkins.io/jep/224" target="_blank" rel="nofollow" onmousedown="this.href=&#39;https://www.google.com/url?q\x3dhttps%3A%2F%2Fwww.jenkins.io%2Fjep%2F224\x26sa\x3dD\x26sntz\x3d1\x26usg\x3dAFQjCNESdfUj12JDAITKfSq2_2vBmpBHCg&#39;;return true;" onclick="this.href=&#39;https://www.google.com/url?q\x3dhttps%3A%2F%2Fwww.jenkins.io%2Fjep%2F224\x26sa\x3dD\x26sntz\x3d1\x26usg\x3dAFQjCNESdfUj12JDAITKfSq2_2vBmpBHCg&#39;;return true;">JEP-224, it added onto the initial Job/ExtendedRead by extending the jelly controls to have a read only appearance, replacing text boxes with text, and disabling controls like radio buttons and checkboxes. Initially it was just used on the System configuration page, but many <a href="https://github.com/orgs/jenkinsci/projects/4" target="_blank" rel="nofollow" onmousedown="this.href=&#39;https://www.google.com/url?q\x3dhttps%3A%2F%2Fgithub.com%2Forgs%2Fjenkinsci%2Fprojects%2F4\x26sa\x3dD\x26sntz\x3d1\x26usg\x3dAFQjCNGtnwt5NJf39rOhUzjpxd7-sk3qig&#39;;return true;" onclick="this.href=&#39;https://www.google.com/url?q\x3dhttps%3A%2F%2Fgithub.com%2Forgs%2Fjenkinsci%2Fprojects%2F4\x26sa\x3dD\x26sntz\x3d1\x26usg\x3dAFQjCNGtnwt5NJf39rOhUzjpxd7-sk3qig&#39;;return true;">patches were landed up till <a href="https://www.jenkins.io/changelog/#v2.239" target="_blank" rel="nofollow" onmousedown="this.href=&#39;https://www.google.com/url?q\x3dhttps%3A%2F%2Fwww.jenkins.io%2Fchangelog%2F%23v2.239\x26sa\x3dD\x26sntz\x3d1\x26usg\x3dAFQjCNF3pTT6wbZEe4bSlsNok3JbpdRGuw&#39;;return true;" onclick="this.href=&#39;https://www.google.com/url?q\x3dhttps%3A%2F%2Fwww.jenkins.io%2Fchangelog%2F%23v2.239\x26sa\x3dD\x26sntz\x3d1\x26usg\x3dAFQjCNF3pTT6wbZEe4bSlsNok3JbpdRGuw&#39;;return true;">2.239 to cover most of Jenkins core. Additionally Cloud Stats, JCasC, Simple Disk Usage, Matrix Auth and Role Strategy plugins have been updated.

I've created draft PRs for updating the status of the <a href="https://github.com/jenkinsci/jep/pull/297" target="_blank" rel="nofollow" onmousedown="this.href=&#39;https://www.google.com/url?q\x3dhttps%3A%2F%2Fgithub.com%2Fjenkinsci%2Fjep%2Fpull%2F297\x26sa\x3dD\x26sntz\x3d1\x26usg\x3dAFQjCNE4BFomRIB4iNUjLQnAPh6u_kNEfg&#39;;return true;" onclick="this.href=&#39;https://www.google.com/url?q\x3dhttps%3A%2F%2Fgithub.com%2Fjenkinsci%2Fjep%2Fpull%2F297\x26sa\x3dD\x26sntz\x3d1\x26usg\x3dAFQjCNE4BFomRIB4iNUjLQnAPh6u_kNEfg&#39;;return true;">JEP and <a href="https://github.com/jenkinsci/jenkins/pull/4909" target="_blank" rel="nofollow" onmousedown="this.href=&#39;https://www.google.com/url?q\x3dhttps%3A%2F%2Fgithub.com%2Fjenkinsci%2Fjenkins%2Fpull%2F4909\x26sa\x3dD\x26sntz\x3d1\x26usg\x3dAFQjCNH0ZKFSGKS5y2JOGQ6svPL8DFxV2Q&#39;;return true;" onclick="this.href=&#39;https://www.google.com/url?q\x3dhttps%3A%2F%2Fgithub.com%2Fjenkinsci%2Fjenkins%2Fpull%2F4909\x26sa\x3dD\x26sntz\x3d1\x26usg\x3dAFQjCNH0ZKFSGKS5y2JOGQ6svPL8DFxV2Q&#39;;return true;">Jenkins core pending feedback.

Thoughts +1, -1, ±0?

Thanks
Tim


--
You received this message because you are subscribed to the Google Groups "Jenkins Developers" group.
To unsubscribe from this group and stop receiving emails from it, send an email to <a href="javascript:" target="_blank" gdf-obfuscated-mailto="astO_8_5AgAJ" rel="nofollow" onmousedown="this.href=&#39;javascript:&#39;;return true;" onclick="this.href=&#39;javascript:&#39;;return true;">jenkin...@googlegroups.com.
To view this discussion on the web visit <a href="https://groups.google.com/d/msgid/jenkinsci-dev/CAH-3BicOv%2BBkYtxFsoGyyE%2Bsiz6esxppp9_A%3DDdr-%3DejFzCnZw%40mail.gmail.com?utm_medium=email&amp;utm_source=footer" target="_blank" rel="nofollow" onmousedown="this.href=&#39;https://groups.google.com/d/msgid/jenkinsci-dev/CAH-3BicOv%2BBkYtxFsoGyyE%2Bsiz6esxppp9_A%3DDdr-%3DejFzCnZw%40mail.gmail.com?utm_medium\x3demail\x26utm_source\x3dfooter&#39;;return true;" onclick="this.href=&#39;https://groups.google.com/d/msgid/jenkinsci-dev/CAH-3BicOv%2BBkYtxFsoGyyE%2Bsiz6esxppp9_A%3DDdr-%3DejFzCnZw%40mail.gmail.com?utm_medium\x3demail\x26utm_source\x3dfooter&#39;;return true;">https://groups.google.com/d/msgid/jenkinsci-dev/CAH-3BicOv%2BBkYtxFsoGyyE%2Bsiz6esxppp9_A%3DDdr-%3DejFzCnZw%40mail.gmail.com.


--
Antonio Muñiz
Human, Engineer
CloudBees, Inc.

--
You received this message because you are subscribed to the Google Groups "Jenkins Developers" group.
To unsubscribe from this group and stop receiving emails from it, send an email to [hidden email].
To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-dev/2ab1b041-728b-4a11-82ae-5a3427583f90o%40googlegroups.com.