Project Updates H2 2023

[afrittoli]

trafficstars

This issue is about collecting project updates from all projects hosted at the CFD, learning what's happened in the project roughly in the past 6 months, and what's planned for the next 6 months.

This template can be used to structure the update:

• Features and release
• Adoption updates (if any)
• Contribution trends (going up, down or steady)
• Roadmap for 2024
• Community updates (new contributors or maintainers, new companies involved, people leaving the project, etc)
• Governance updates (high profile changes in policies, newly elected individuals)
• Security updates (if any)
• Fun facts
• Any other news the project would like to share

Project List and Representatives:

• [x] CDEvents - @e-backmark-ericsson - CDEvents Update
• [x] Jenkins - @MarkEWaite - Jenkins contributor summit presentation by Mark Waite and others
• [ ] JenkinsX - @ankitm123
• [ ] Ortelius - @sbtaylor15
• [x] Screwdriver - @adong - Screwdriver Update
• [x] Shipwright - @qu1queee Shipwright Update
• [x] Spinnaker - @link108 - Spinnaker Update
• [x] Tekton - @afrittoli - Tekton Update

Please either share the project updates as a comment, or provide a link to slides, google doc, hackmd or other shared document that includes the updates.

[MarkEWaite]

@e-backmark-ericsson the Jenkins project has a CDEvents project idea for Google Summer of Code but we would really benefit from one or more lead mentors from organizations that use CDEvents. Kris Stern is in the CDF slack channel if you're interested in discussing it further.

[qu1queee]

Here the updates for Project Shipwright:

Features and release:

Our latest release v0.12.0 marks a significant milestone with the introduction of the Shipwright Beta API. This is the result of accumulated experience operating the alpha API in Production environments, coupled with valuable user feedback.

Adoption updates:

Within RedHat OpenShift, starting with OpenShift version 4.14.

Contribution trends:

While contributions have shown an increase since the second quarter of 2023, we acknowledge that the overall quantity remains modest.

Security updates

In our commitment to ensure the security of Project Shipwright, we've made significant improvements in CVEs handling. Additionally, the adoption of PodSecurity Policies aligns our components with Security Best Practices. We've also implemented a SHIP on release branching backports to address security concerns promptly.

Any other news the project would like to share

We opened a proposal to transition Project Shipwright to CNCF Sandbox.

[e-backmark-ericsson]

@e-backmark-ericsson the Jenkins project has a CDEvents project idea for Google Summer of Code but we would really benefit from one or more lead mentors from organizations that use CDEvents. Kris Stern is in the CDF slack channel if you're interested in discussing it further.

Thanks for that update @MarkEWaite ! I'm wondering how that would relate to the existing CDEvents plugin contributed by Fidelity: https://plugins.jenkins.io/cdevents/. I'll reach out to Kris to dig deeper into the GSoC proposal.

[link108]

Spinnaker project update: https://docs.google.com/document/d/135hMyMH4F7NPdCqEWnubZQR-g4uBgHWlxPidenWWNak/edit

[adong]

Screwdriver H2 2023

Features and release:

• Features:

  • Display Pipeline Usage metrics in the Job Template page. Link
  • Enable Template owners to delete a specific Template version. Link
  • Enable easy switching of Pipelines under the same SCM repo.Link
  • Display SCM repo branch a build event belongs to. Link
  • Slack notifications can now be sent to multiple workspaces. Link
  • Add an exhaustive health check API. Link
  • Added badges for various tool integrations, added Sonarqube badge for a Pipeline.Link
  • Ability to prevent private pipeline Sonarqube analysis from happening.Link
  • Kubernetes Builds added pipelineName, jobName, prNum, and template info to pod labels for enhancing build metrics tracking. Link
  • Enhance ARM64 compatibility, Link

• Bug Fixes:

  • Allow special characters in branch names. Link
  • Sonarqube project name to include Source Directory Link
  • Fix for sd-local display in certain containers. Link

• Adoption updates

  • No new adoptions that we are aware of

• Contribution trends

  • 218 PRs closed

• Security updates

  • Library and dependencies package updates.

    • Update hapi-swagger package to version 17.x.x Link

    • Update sd-cmd to use golang.org/x/crypto v0.17.0 Link

    • Update SD meta-cli to use golang.org/x/net v0.17.0 Link

    • Update babel/traverse to version 7.23.2, Link

• Any other news the project would like to share:

  • We have bi-weekly meeting with the community for anyone interested here