Shibboleth Developer's Meeting, 2021-02-05
Call Administrivia
09:00 Central US / 10:00 Eastern US / 15:00 UK / 17:00 FI
Calls are normally the 1st and 3rd Fridays of each month. Next call would be Friday 2021-02-19. Any reason to deviate from this?
60 to 90 minute call window.
This week's call will use the Zoom system at GU, see ZoomGU for access info.
AGENDA
- AWS permissions
- New Duo plugin release for testing?
- 4.1 schedule
- when do we need all the JDKs and AMIs in CI ? (Tom)
- when do we freeze Jetty ? (Tom)
Attendees:
Brent
Jira Legacy server Shibboleth JIRA columns key,summary,type,created,updated,due,assignee,reporter,priority,status,resolution serverId 180d847f-bce4-36b2-9964-771bff586829 key OSJ-75 - This turned out to be very easy
Jira Legacy server Shibboleth JIRA columns key,summary,type,created,updated,due,assignee,reporter,priority,status,resolution serverId 180d847f-bce4-36b2-9964-771bff586829 key OSJ-118 - Done, although still chewing over whether should by default support 30 legacy curves that SunEC currently supports, but which are deprecated and require a system prop in Java 15+.
Jira Legacy server Shibboleth JIRA columns key,summary,type,created,updated,due,assignee,reporter,priority,status,resolution serverId 180d847f-bce4-36b2-9964-771bff586829 key OSJ-82 - Not quite done on this yet, sidetracked on other things. All that remains is EncryptionParametersResolver.
Jira Legacy server Shibboleth JIRA columns key,summary,type,created,updated,due,assignee,reporter,priority,status,resolution serverId 180d847f-bce4-36b2-9964-771bff586829 key OSJ-328 - Pretty sure Scott is right about race condition. Actually more worried about the related conditions in LazyList, etc.
...
- automation
- trying to work through task backlog by scripting
- takes longer now, hopefully pays off later
- for example :
- linux : shell script to install Java, OpenJDK, and Coretto of various versions
- don't really want to commit scripts to parent because that triggers a stack rebuild
- windows : PoC running commands on Windows via a Jenkins Pipeline
Example :
Code Block language groovy title Jenkins declarative Pipeline collapse true agent { label 'Windows' } stages { stage('Hello') { steps { echo 'Hello World' } } stage('Display Java version') { steps { bat "c:\\opt\\java\\jdk-11\\bin\\java.exe -version" } } } }- would like to try the Windows Installer from the command line
- need the command line with all the args
(RDW) This should do it (I don't want to document this since it then becomes API):
Code Block language bash title Runinstallandtest.cmd collapse true start /wait msiexec /q /lv* log.log /i IDP-4.0.1.1-x64.msi INSTALL_JETTY=TRUE DNSNAME=idp.example.com IDP_SCOPE=example.scope cd "c:\program files (x86)\shibboleth\ :loop timeout /t 11 if not exist idp\logs\idp-process.log goto loop timeout /t 10 idp\bin\status.bat echo %ERRORLEVEL%
- working with AWS CLI to start / stop instances and create images
- should be possible to automate AMI updates via a Pipeline
- seems easy enough to run Jenkins locally for testing / development of test themselves
- only takes a few minutes to add and set up the Amazon EC2 Plugin
- linux : shell script to install Java, OpenJDK, and Coretto of various versions
- trying to work through task backlog by scripting
- backlog :
- consent tests
- update AMIs (CentOS, RHEL, and Windows)
- kernel update
- document how to change your password
- troubleshoot Henri's Nexus access permissions
- experiment with --Dsurefire.useFile=false in CI to log errors to console
- Not real happy about IDP-1660, the consent sort-before-hash issue, dropped the ball on that one
...