Shibboleth Developer's Meeting, 2023-08-04

Call Administrivia

09:00 Central US / 10:00 Eastern US / 15:00 UK / 17:00 FI

Calls are normally the 1st and 3rd Fridays of each month. Next call would be Friday 2023-08-18. Any reason to deviate from this?

60 to 90 minute call window.

Call Details

This week's call will use the Zoom system at GU, see ZoomGU for access info.

AGENDA

1. Beta schedule

   1. Shoot for later next week, via a set of nightlies rather than any formal release, but we could tag that morning.

2. Signing snapshots

Attendees:

Brent

• OSJ-372: Add support for newer signing and/or encryption algorithmsClosed

  • turns out these don’t work on Oracle Java, contrary to the docs

Daniel

• https://shibboleth.atlassian.net/jira/software/c/projects/IDP/issues/IDP-2149

Henri

• JOIDC-163: Update into the IdP V5 codebaseClosed

  • OIDC conformance tests were successful with the 20230804-snapshots

• Next up: Logout and support for unregistered clients for V4

Ian

• Jenkins. Shoot me now.

John

• Continuing to seek RPMs required at build-time inside UBI containers for cpp-linbuild

Marvin

Phil

Vacation

Rod

Kafka-esque Windows nightmare

• IDP-2150: Add batch script to "lock down" a windows installationClosed Still debugging

• IDP-2136: Consider Splitting the Windows Installer into IdP and Jetty+ProcrunClosed Mostly done. (Much) more testing & rework needed

• Very much behind on Documentation

• Also need to do some retest and final tidying for plugins (e.g. JJDBC-19: Re-introduction of https://shibboleth.atlassian.net/browse/IDP-1020 ?Closed

Scott

• GEN-269: Replace code headerOpen – Thank god for Visual Studio Code. Microsoft should stick to implementing Replace in Files software.

• IdP testing

• IdP backlog

  • IDP-1972: Revisit deferred classnames for solving layering conflictsClosed

    • Implemented a static/shared property file hook in our bean parser base class, most of the custom parsers inherit from it

    • Property file in idp-schemas holds properties specific to various parsers

  • IDP-1473: Review and possibly remove CAS ticket dependency on IdPSessionClosed

    • Patch was done a while ago by Marvin, I think we should apply it

  • IDP-2047: Get list of locked accountsClosed

    • Finally went ahead and exposed a storage op to enumerate the keys in a context, used an extension interface

• JOIDC-164: Eliminate custom filter in favor of IdP's response header supportClosed

  • Needs testing

Tom

• Signing Maven snapshots :

  • generate a new GPG key pair (Scott)

    • name ? TBD@shibboleth.net should be mail routable

    • expiration ? 1 year

    • comment : TBD

  • configure /home/jenkins/.m2/settings.xml

  • add /home/jenkins/.gnupg to AMI

  • add encrypted secret key to Jenkins Credential Manager

  • add passphrase to Jenkins Credential Manager

  • add credential injection to Jenkins nightly jobs

  • add -Psign to Jenkins nightly jobs

    • every job that deploys an artifact or just IdP v5 and plugins for now ?

  • add mvn clean to Jenkins nightly jobs to clean the build instance - if that works

  • documentation (Scott)

Other