Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-45588

Add support for staged deployment for security updates

XMLWordPrintable

    • Icon: Improvement Improvement
    • Resolution: Fixed
    • Icon: Major Major
    • gradle-jpi-plugin
    • None

      For the previous plugin security release, the security team had a great experience with the "new" process described in this wiki page (releasing to a staging repo, not pushing commits):

      https://wiki.jenkins-ci.org/display/SECURITY/SECURITY+issues+in+plugins

      A similar process needs to be possible (and documented) with Gradle JPI plugin based plugins.

          [JENKINS-45588] Add support for staged deployment for security updates

          SCM/JIRA link daemon added a comment -

          Code changed in jenkins
          User: Daniel Spilker
          Path:
          CHANGELOG.md
          README.md
          src/main/groovy/org/jenkinsci/gradle/plugins/jpi/JpiExtension.groovy
          src/test/groovy/org/jenkinsci/gradle/plugins/jpi/JpiExtensionSpec.groovy
          http://jenkins-ci.org/commit/gradle-jpi-plugin/a0d660aeb3da2016877b64f2a7f536cde702871c
          Log:
          allow to override `repoUrl` and `snapshotRepoUrl` settings from the command line

          [FIXES JENKINS-45588]

          SCM/JIRA link daemon added a comment - Code changed in jenkins User: Daniel Spilker Path: CHANGELOG.md README.md src/main/groovy/org/jenkinsci/gradle/plugins/jpi/JpiExtension.groovy src/test/groovy/org/jenkinsci/gradle/plugins/jpi/JpiExtensionSpec.groovy http://jenkins-ci.org/commit/gradle-jpi-plugin/a0d660aeb3da2016877b64f2a7f536cde702871c Log: allow to override `repoUrl` and `snapshotRepoUrl` settings from the command line [FIXES JENKINS-45588]

          SCM/JIRA link daemon added a comment -

          Code changed in jenkins
          User: Daniel Spilker
          Path:
          CHANGELOG.md
          README.md
          src/main/groovy/org/jenkinsci/gradle/plugins/jpi/JpiExtension.groovy
          src/test/groovy/org/jenkinsci/gradle/plugins/jpi/JpiExtensionSpec.groovy
          http://jenkins-ci.org/commit/gradle-jpi-plugin/43197fd11bb80649d31a64b86a889ff8b42c2e6f
          Log:
          Merge pull request #98 from jenkinsci/JENKINS-45588

          JENKINS-45588 allow to override repoUrl and snapshotRepoUrl settings from the command line

          Compare: https://github.com/jenkinsci/gradle-jpi-plugin/compare/caadc7624097...43197fd11bb8

          SCM/JIRA link daemon added a comment - Code changed in jenkins User: Daniel Spilker Path: CHANGELOG.md README.md src/main/groovy/org/jenkinsci/gradle/plugins/jpi/JpiExtension.groovy src/test/groovy/org/jenkinsci/gradle/plugins/jpi/JpiExtensionSpec.groovy http://jenkins-ci.org/commit/gradle-jpi-plugin/43197fd11bb80649d31a64b86a889ff8b42c2e6f Log: Merge pull request #98 from jenkinsci/ JENKINS-45588 JENKINS-45588 allow to override repoUrl and snapshotRepoUrl settings from the command line Compare: https://github.com/jenkinsci/gradle-jpi-plugin/compare/caadc7624097...43197fd11bb8

          Daniel Beck added a comment -

          daspilker Thanks. What specifically do plugin maintainers have to do to get this? Does it have side effects like updating the parent pom has (which might enable FindBugs etc.)?

          Daniel Beck added a comment - daspilker Thanks. What specifically do plugin maintainers have to do to get this? Does it have side effects like updating the parent pom has (which might enable FindBugs etc.)?

          Daniel Spilker added a comment -

          danielbeck There should be no side effects if maintainers are updating from a recent version. Most likely the need to update their Gradle wrapper to the latest version supported by the Gradle JPI Plugin, currently 3.5.1. Refer to the change log for details.

          Daniel Spilker added a comment - danielbeck There should be no side effects if maintainers are updating from a recent version. Most likely the need to update their Gradle wrapper to the latest version supported by the Gradle JPI Plugin, currently 3.5.1. Refer to the change log for details.

            daspilker Daniel Spilker
            danielbeck Daniel Beck
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated:
              Resolved: