Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add changelog 2.222 #2899

Merged
merged 7 commits into from
Feb 24, 2020
Merged

Add changelog 2.222 #2899

merged 7 commits into from
Feb 24, 2020

Conversation

MarkEWaite
Copy link
Contributor

@MarkEWaite MarkEWaite commented Feb 24, 2020
edited
Loading

image

I need help on the phrasing of the changelog entry for PR-4365. The proposed changelog entry says:

The permissions Overall/RunScripts, Overall/UploadPlugins, and Overall/ConfigureUpdateCenter permissions are now deprecated. Custom authorization strategy implementations that grant Overall/Administer without implying one or more of these three permissions and as configurations that grant any of these permissions to users without Overall/Administer will will no longer work as expected.

I don't understand the last sentence in that proposed changelog entry. I rephrased it as:

The permissions Overall/RunScripts, Overall/UploadPlugins, and Overall/ConfigureUpdateCenter are now deprecated. Custom authorization strategy implementations that grant Overall/Administer without implying one or more of these three permissions will no longer work as expected. Configurations that grant any of these permissions to users without Overall/Administer will no longer work as expected.

I'm not confident that my rephrasing is accurate. @mikecirioli can you help me with it?

@MarkEWaite MarkEWaite requested a review from a team as a code owner February 24, 2020 04:21
oleg-nenashev
oleg-nenashev reviewed Feb 24, 2020
View reviewed changes
content/_data/changelogs/weekly.yml Outdated Show resolved Hide resolved
content/_data/changelogs/weekly.yml Show resolved Hide resolved
content/_data/changelogs/weekly.yml Outdated Show resolved Hide resolved
content/_data/changelogs/weekly.yml Outdated Show resolved Hide resolved
@oleg-nenashev
Copy link
Contributor

Also, developer changelog entries could be ordered to the bottom

@daniel-beck
Copy link
Contributor

I'm not confident that my rephrasing is accurate.

The rephrasing is correct (I wrote that part of the changelog entry).

@oleg-nenashev oleg-nenashev mentioned this pull request Feb 24, 2020
Merged
@oleg-nenashev
Copy link
Contributor

@MarkEWaite I updated the pull request directly in order to address the comments above and to explicitly mark the JEP-223/224 features as experimental. I also added security advisory links for dangerous permissions. CC @timja

image

@oleg-nenashev
Copy link
Contributor 

[2020-02-24T09:01:18.744Z] Digest: sha256:8e48946c13029aebf1988d0f39507a69bc8264435d9c3b0e8258d6be333606fd

[2020-02-24T09:01:18.744Z] Status: Downloaded newer image for groovy:jre-alpine

[2020-02-24T09:01:18.744Z] docker.io/library/groovy:jre-alpine

[2020-02-24T09:01:18.744Z] ./scripts/groovy scripts/release.rss.groovy 'https://updates.jenkins.io/release-history.json' > build/_site/releases.rss

[2020-02-24T09:01:57.854Z] Caught: groovy.json.JsonException: Unable to process url: https://updates.jenkins.io/release-history.json

[2020-02-24T09:01:57.854Z] groovy.json.JsonException: Unable to process url: https://updates.jenkins.io/release-history.json

[2020-02-24T09:01:57.854Z] 	at release_rss.run(release.rss.groovy:18)

[2020-02-24T09:01:57.854Z] Caused by: java.net.ConnectException: Operation timed out (Connection timed out)

[2020-02-24T09:01:57.854Z] 	... 1 more

I will retrigger it once UC stabilizes

aHenryJard
aHenryJard reviewed Feb 24, 2020
View reviewed changes
content/_data/changelogs/weekly.yml
title: JEP-223
message: |-
Add a new experimental <code>Overall/Manage</code> permission which allows a user to configure parts of the global Jenkins configuration without having the <code>Overall/Administer</code> permission.
This is an experimental feature, disabled by default, that can be enabled by setting the <code>jenkins.security.ManagePermission</code> system property to <code>true</code>.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do we need to add that it's Beta restricted also ? Or is it enough to say experimental for the release note ?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think so. Beta is for developers, it has no user frontend

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

yes, we will include that @Beta in our developer docs

This was referenced Feb 24, 2020
Open
Open
@oleg-nenashev
Copy link
Contributor

Since the release is already in the wild, I will merge it to get the changelog published. Will be happy to address any comments in follow-ups.

@oleg-nenashev oleg-nenashev merged commit 63c5a6e into jenkins-infra:master Feb 24, 2020
@MarkEWaite MarkEWaite deleted the changelog-2.222 branch February 24, 2020 17:58
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@timja timja timja left review comments

@mikecirioli mikecirioli mikecirioli left review comments

@EstherAF EstherAF EstherAF left review comments

@aHenryJard aHenryJard aHenryJard left review comments

@oleg-nenashev oleg-nenashev oleg-nenashev left review comments

@markjacksonfishing markjacksonfishing markjacksonfishing approved these changes

@daniel-beck daniel-beck Awaiting requested review from daniel-beck

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
8 participants
@MarkEWaite @oleg-nenashev @daniel-beck @aHenryJard @EstherAF @mikecirioli @markjacksonfishing @timja