2021-08-06

Shibboleth Developer's Meeting, 2021-08-06

Call Administrivia

  • 09:00 Central US / 10:00 Eastern US / 15:00 UK / 17:00 FI

Calls are normally the 1st and 3rd Fridays of each month. Next call would be Friday 2021-08-20. Any reason to deviate from this?

60 to 90 minute call window.

Call Details

This week's call will use the Zoom system at GU, see ZoomGU for access info.

AGENDA

  • Schedule for rest of Jira migrations

  • Handling support issues

  • @Ian Young : probably time to start thinking about

    GEN-290 - Getting issue details... STATUS

    • Confirmed CentOS 8.5 will (briefly) be a thing, for perhaps a month, around the end of the year.

    • Makes sense to migrate in advance of that mess.

Add items for discussion here

Attendees:

Brent

  • Java socket server: Have a very simple telnet echo server using Spring Integration. It’s very slick, everything is declarative using custom Spring XML. Now working on evaluating for overall appropriateness, e.g. performance. Not sure yet on things like the threading model and throughput.

  • My “fix” for the Bouncy Castle FIPS didn’t pan out b/c it’s actually missing even more classes.

Daniel

 

Henri

Ian

  • Initial Java 17 release candidate expected any day now.

  • Debian 11 (Bullseye) expected 2021-08-14 or thereabouts.

    • See

      GEN-281 - Getting issue details... STATUS

    • I’m assuming we want to treat it the same as Debian 10 (smoke test, then add to https://shibboleth.atlassian.net/wiki/spaces/DEV/pages/1177321655 as “partially supported” for the Java 11 platform).

    • I plan to pick it up when released to make sure there are no surprises (last time, interesting random source behaviour broke things).

  • Observation: Debian has a peculiar support lifecycle, in which there’s an initial end-of-support date on which responsibility for security patches passes to another team. For Debian 9 this was on 2020-07-18. That “long term support team” supports Debian 9 until 2022-06-30. Which date do we want to use to remove it from our list? NB: as Debian 9 only shipped with Java 8, this isn’t relevant for IdP V4 so it’s really mostly a question about policy for the future.

John

  • Managed to get Fargate wired up to EFS to run a test build, and not much else. Coordinating with Tom Z. to discuss options for a Jenkins DEV instance, and pipeline approaches.

Marvin

 

Phil

  • Rebased our patched maven-javadoc-plugin on V3.3.0 of the official plugin.

    • Probably not a good long-term solution. I might have to get into the weeds again to try and get them to incorporate a proper fix.

  • Added a unit and flow test for loading classpath* resources to the IdP.

  • JDUO-50 - Getting issue details... STATUS
    They fixed an NPE, but it is not likely to occur in practice. So I do not think there is a rush to release a new version - although I guess there is no harm in doing so.

    • Will wait for them to do their dependency updates before deciding what to do.

  • More in-depth work on:

    • JCOMOIDC-22 - Getting issue details... STATUS
      Discussed with Henri, made the transition, now needs looking at - have asked Henri for a sanity check.

    • JCOMOIDC-23 - Getting issue details... STATUS
      Pretty much a FunctionDrivenDynamicHTTPMetadataResolver but tied to an OIDCProviderMetadata result. Is pretty involved, I seem to be mostly copying the HTTPMetadataResolver stuff over to OIDC objects in JSON. If that makes sense I will keep going, but maybe that is not a good idea.

  • Also Out on Vacation and AFI 9-Aug to 13-Aug - but not with Rod.

 

Rod

  • Stalled on POM/WAR checking…

  • Odds and ends.

    • Wiki conversion

    • Windows build & RC files

    • &c &c

  • Out on Vacation and AFI 9-Aug to 13-Aug

 

Scott

  • Migration obviously

    • Wiki “style guide” TBD to capture all the bugs and problems we have to step around

  • IdP regression

  • SSPCPP-939 - Getting issue details... STATUS

  • SSPCPP-941 - Getting issue details... STATUS

Tom

  • Looking at deploying Nexus 3 via ECS

Other