Hi all,
The Jenkins trademark is now transferred to the CDF, and Software in Public Interest has officially removed the Jenkins project from its listing of the projects. It means that the transition is [almost] over. One remaining thing is Contributor and Company License agreements. We use this CLA process only for contributors with advanced permissions (like Jenkins core merge, access to the infrastructure, security team membership, etc.). Our current process (https://github.com/jenkinsci/infra-cla) is quite tedious, and it would be great to replace it by EasyCLA provided by the Linux Foundation: https://easycla.lfx.linuxfoundation.org/#/ . It would allow to automate signing and storage of the contributor license agreements, and it would be a big relief for the Jenkins Governance Board. I propose to:
Open questions for a discussion:
Any feedback would be appreciated! Best regards, Oleg Nenashev
-- You received this message because you are subscribed to the Google Groups "Jenkins Developers" group. To unsubscribe from this group and stop receiving emails from it, send an email to [hidden email]. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-dev/052ac23d-f3f9-4b60-8e34-945bc282e51en%40googlegroups.com. |
+1 from to support moving CLA process to EasyCLA It’s not necessary to let all contributors across all the projects to adapt this process. But it’s necessary for Jenkins core and some important projects. Best, Rick On 03/23/2021 17:23,[hidden email] wrote:
Hi all, You received this message because you are subscribed to the Google Groups "Jenkins Developers" group. To unsubscribe from this group and stop receiving emails from it, send an email to [hidden email]. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-dev/1d80d2fc.41da.1785e7783db.Coremail.zxjlwt%40126.com. |
I reviewed the lists in https://github.com/jenkinsci/infra-cla , and it looks like we will need about 25 individuals and 2 companies to resign their CLAs. Maybe more if we count former maintainers who still have permissions but no longer active. Anyway, with EasyCLA automation it won't be a problem to handle this migration.
Best regards,. Oleg On Tuesday, March 23, 2021 at 10:43:25 AM UTC+1 Xiaojie Zhao wrote:
You received this message because you are subscribed to the Google Groups "Jenkins Developers" group. To unsubscribe from this group and stop receiving emails from it, send an email to [hidden email]. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-dev/1e3e0782-fd1d-4fc4-9dc2-827c0c5db6b0n%40googlegroups.com. |
> Do we want to change the policy and to require all contributors to sign CLA? It might be reasonable for the Jenkins core components, with assumption that we have an easy process and bots assisting with verification. I am not a huge fan of that, but this is how many projects operate. Please no, that's just a barrier to entry that makes it a lot harder for a number of people to contribute On Tue, 23 Mar 2021 at 10:57, Oleg Nenashev <[hidden email]> wrote: I reviewed the lists in https://github.com/jenkinsci/infra-cla , and it looks like we will need about 25 individuals and 2 companies to resign their CLAs. Maybe more if we count former maintainers who still have permissions but no longer active. Anyway, with EasyCLA automation it won't be a problem to handle this migration. You received this message because you are subscribed to the Google Groups "Jenkins Developers" group. To unsubscribe from this group and stop receiving emails from it, send an email to [hidden email]. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-dev/CAH-3Bickdh1Kd4f84nTuJwyhXJ3F6_O45X5m2X0yyD3UOLefTQ%40mail.gmail.com. |
In reply to this post by Oleg Nenashev
+1 I think that makes sense and should be not a complicated process for the small number of people. I don’t think that we should go this way. Kohsuke always tried to keep the barrier for contributions very low and I think we should continue this way. I think that we would not have so many plugins (or PRs for plugins) if we make the contribution process more complex. You received this message because you are subscribed to the Google Groups "Jenkins Developers" group. To unsubscribe from this group and stop receiving emails from it, send an email to [hidden email]. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-dev/BED89653-649A-4259-9589-2184B4D62A40%40gmail.com. |
> I don’t think that we should go this way. Kohsuke always tried to keep the barrier for contributions very low and I think we should continue this way. I think that we would not have so many plugins (or PRs for plugins) if we make the contribution process more complex I would prefer to avoid setting extra boundaries as well. At the same time, it makes sense to review the current model with the LF legal team. Right now we indeed avoid the contribution obstacles, but effectively common code contributors and plugin maintainers do not sign CLA. It may cause some legal loopholes, especially in the terms of the patent right which is not covered by the MIT License used in Jenkins. Not that I expect any real issues with that, but maybe there is a way to be on the safe side with minimum impact on contributors. On Tue, Mar 23, 2021 at 10:29 PM Ullrich Hafner <[hidden email]> wrote:
You received this message because you are subscribed to the Google Groups "Jenkins Developers" group. To unsubscribe from this group and stop receiving emails from it, send an email to [hidden email]. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-dev/CAPfivLCK9c0igJwHgxsiB5wGheM1jE8RdwtBs%2BS%3DS_uSbQ-%2BOw%40mail.gmail.com. |
On 3/23/21 2:54 PM, Oleg Nenashev wrote:
>> I don’t think that we should go this way. Kohsuke always tried to keep > the barrier for contributions very low and I think we should continue > this way. I think that we would not have so many plugins (or PRs for > plugins) if we make the contribution process more complex > > I would prefer to avoid setting extra boundaries as well. At the same > time, it makes sense to review the current model with the LF legal team. > Right now we indeed avoid the contribution obstacles, but effectively > common code contributors and plugin maintainers do not sign CLA. It may > cause some legal loopholes, especially in the terms of the patent right > which is not covered by the MIT License used in Jenkins. Not that I > expect any real issues with that, but maybe there is a way to be on the > safe side with minimum impact on contributors. projects at LF I can give you some perspective. That being said, talking with legal is still a good idea! There's one hard and fast thing that I can recommend and that's to require DCO (Signed-off-by) on all changes coming in. If the DCO Probot is not setup on the GitHub org, it should be and enabled as a required check on all repositories. That's the lowest bar that legal is going to tell you that you really need to do. After that, CLAs are a thing that some of our projects use and others don't. Those that don't, just stick with DCO. Since you already have CLAs in play on some repos, legal is likely to push for you to go all out and make it a blanket thing. That being said, EasyCLA can be configured to only be required on some repos and not all, so that really is going to come down to what you as a project want. -Andy- -- Andrew J Grimberg Manager Release Engineering The Linux Foundation -- You received this message because you are subscribed to the Google Groups "Jenkins Developers" group. To unsubscribe from this group and stop receiving emails from it, send an email to [hidden email]. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-dev/3824c8de-c2f8-ed85-641c-54b27b538939%40linuxfoundation.org. ![]() ![]() |
Thanks for the insights Andrew! I agree that DCO could be a good compromise for the Jenkins core and related repositories. I am not sure about plugin repositories, I'd guess we should make it optional though recommended for the repositories. Best regards, Oleg Nenashev On Tue, Mar 23, 2021, 23:10 Andrew Grimberg <[hidden email]> wrote: On 3/23/21 2:54 PM, Oleg Nenashev wrote: You received this message because you are subscribed to the Google Groups "Jenkins Developers" group. To unsubscribe from this group and stop receiving emails from it, send an email to [hidden email]. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-dev/CAPfivLChWJy-Yk_U%2B%3DD54J7vcF3SAS2Hf%3D7x_LjG1M4cOWbVrQ%40mail.gmail.com. |
Hi all,
Quick progress update:
For your information, there will be also a webinar about EasyCLA on April 8th: https://linuxfoundation.org/webinars/lfx-easycla-streamline-your-development-workflow/ . It could be a good venue to ask any questions or to share our feedback. Best regards, Oleg Nenashev On Wednesday, March 24, 2021 at 8:11:05 AM UTC+1 Oleg Nenashev wrote:
You received this message because you are subscribed to the Google Groups "Jenkins Developers" group. To unsubscribe from this group and stop receiving emails from it, send an email to [hidden email]. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-dev/4a67e60b-3906-4546-a845-1712121f0bdbn%40googlegroups.com. |
Hi all,
Just in case, you can find some notes from the EasyCLA webinar and Jenkins-specific questions from the webinar here. Slides and the Video will be published soon by the Linux Foundation. Best regards, Oleg On Friday, April 2, 2021 at 4:12:31 PM UTC+2 Oleg Nenashev wrote: Hi all, You received this message because you are subscribed to the Google Groups "Jenkins Developers" group. To unsubscribe from this group and stop receiving emails from it, send an email to [hidden email]. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-dev/fed406a1-87e9-47f7-9026-64196fc0b60en%40googlegroups.com. |
Free forum by Nabble | Edit this page |