Tracy Miranda, Director of Open Source Community at CloudBees, has been elected as chair of the CD Foundation Governing Board. CloudBees is a Premier Member of the CD Foundation, and Tracy has been deeply involved in CD Foundation activities over the past year, serving on the Governing Board, helping craft the 9 Strategic Goals of the foundation, and participating in CD Foundation events around the globe.
“I’m excited and honoured to be elected chair of the CD Foundation governing board. I join all CDF members in expressing sincere thanks to Kim Lewandowski for great progress in our first 12 months. Recent global events highlight how continuous software delivery is critical to every industry. The CDF will increasingly drive many key initiatives in this space, and I am excited to work with CDF members and the broader CI/CD community to pursue the CDF’s 9 Strategic Goals and move the CDF forward.”
The CD Foundation Governing Board raises, budgets and spends funds in support of CI/CD open source and standards projects. According to the CD Foundation, the Chair is responsible for the overall management of the foundation’s budget, and “will preside over meetings of the Governing Board, manage any day-to-day operational decisions, and will submit minutes for Governing Board approval.” The full charter is available here.
Tracy succeeds Kim Lewandowski, Product Manager at Google, who served as the CD Foundation’s first Governing Board chair.
Tracy Miranda Bio
Tracy is director of open source community at CloudBees, where she works closely with the Jenkins and Jenkins X communities. A developer and open source veteran, besides her work with the CD Foundation, Tracy is on the board of directors for the Eclipse Foundation. Tracy has a background in electronics system design and holds patents for her work on processor architectures. She writes for JAXenter.com and Opensource.com on tech, open source, and diversity.
More CD Foundation Resources
To keep up-to-date, sign up for our newsletter and join us in 2020 as we continue to grow and advance CI/CD in the industry!
If you are interested to know more about Jenkins features introduced in 2019, stay tuned for a separate blog post about it (coming soon!).
Project updates
Highlights above do not cover all advancements we had in the project. Below you can find slides from the Jenkins contributor summit in Lisbon. There we had project updates by officers, SIG and sub-project leaders. See the slide deck to know about: Jenkins Core, Pipeline, Configuration-as-Code, Security, UX Overhaul, Jenkins Infrastructure, platform support and documentation.
Some stats and numbers
If this section seems to be too long for you, here is some infographic prepared by Tracy Miranda. As you may see, Jenkins is pretty big 🙂
Community. Over the past year we had 5433 contributors in GitHub repositories (committers, reviewers, issue submitters, etc.). We had 1892 unique committers who created 7122 pull requests and 45484 commits, bots excluded. Contributors represent 273 companies and 111 countries, 8% of contributors are recognized as independent. The most active repositories were Jenkins Core and jenkins.io. The most active month was October 2019 when we reached the record high number of contributions: 915 unique contributors, 124 of them were first-timers, thanks to Hacktoberfest!.
Jenkins core. In 2019 Jenkins core had 54 weekly and 13 LTS releases with several hundreds of notable fixes/enhancements. There was a login screen extensibility rework, many update manager and administrative monitors improvements. We also introduced support for user timezones, not speaking of emojis support 🥳. There was also a lot of housekeeping work: better APIs, codebase refresh, cleaning up static analysis warnings and removing deprecated features like Remoting CLI. The core’s components also got major updates. Only Jenkins Remoting got 11 releases with stability improvements and new features like support of inbound connections to headless Jenkins masters. There are also major incoming features like JEP-222: WebSocket Services support, UI look&feel updates, JENKINS-12548: Readonly system configuration support, Docker images for new platforms like Arm. To facilitate further changes we created a new Core pull request reviewers team and added 9 contributors there.
Plugins. There were 2654 plugin releases, and 157 NEW plugins have been hosted in the Update Center. Jenkins ecosystem got a lot of new integrations with Development and DevOps tools. Also, warm welcome back to the Scriptler Plugin which was depublished in 2017 due to security issues. If you are afraid about such plugin numbers and dependency management, there is a new Plugin Installation Manager CLI Tool which should help Jenkins users to manage plugins more efficiently.
Security. It was a hot year for the Jenkins Security Team. There were 5security advisories for the core and 20 – for plugins. In total we disclosed 288 vulnerabilities across the project, including some backlog cleaning for unmaintained plugins. Script Security Plugin was the hottest plugin with 10 critical fixes addressing various sandbox bypass vulnerabilities. Plain text storage and unprotected credentials were the most popular vulnerability type 120 disclosures in 2019. It was made possible by hundreds of reports submitted by contributors after code surveys, special thanks to Viktor Gazdag who reported the most of the issues and became the Jenkins 2019 Security MVP (check out his story here).
Infrastructure. Got Jenkins? If so, you rely on Jenkins update centers, website and issue tracker. All these and many other services are maintained by the Jenkins Infrastructure Team. This year the team handled more than 400 requests in the bugtracker, and many other informal requests. In total, more than 30 people contributed to Jenkins infrastructure this year (website content is excluded). We also deployed 4 new services, migrated 7 services from Azure Container Service to Azure Kubernetes Service and updated many other services. More changes will happen in the next months, and we are looking for new INFRA team members!
Documentation. Only last quarter we had 178 contributors to Jenkins documentation. It includes jenkins.io and other documentation hosted on GitHub, Wiki is not included. There is also ongoing migration plugin documentation from Jenkins Wiki to GitHub (announcement). Since the beginning of the project in Sep 2019, more than 150 plugin were migrated, and they got significant documentation revamp during the migration. You can see the current status https://jenkins-wiki-exporter.jenkins.io/progress. We also work on introducing changelog automation in the project. 123 plugins have already adopted the new changelog tools, powered by Release Drafter. Also, we had more than 60 technical blog posts published on jenkins.io.
Configuration as Code was one of the most popular areas this year. Jenkins Configuration as Code Plugin had more than 30 releases with new features and bug fixes. More than 50 plugins have been also updated in order to offer better configuration-as-code support. As a result, the JCasC Plugin got massive adoption this year (from 2000 to almost 8000 installations), and now it becomes a de-facto standard for managing Jenkins as code. This year we also ran our very first CommunityBridge project devoted to JCasC Schema validation and developer tools.
Events and outreach programs. In 2019 we participated in multiple conferences, including FOSDEM, DevOps World | Jenkins World, SCALE. More than 40 Jenkins Area Meetups were organized across the world, and there were many other meetups devoted to Jenkins. We also kept expanding our outreach programs. In total we had 12 students who participated in Google Summer of Code, Outreachy and newly introduced Community Bridge. We also had the biggest ever Hacktoberfest with 664 pull requests and 102 participants. These outreach programs help us to deliver new features in Jenkins. For example, this year we added Multi-branch Pipeline support for Gitlab and a new Plugin Installation Manager Tool during GSoC, and Outreachy resulted in a new Audit Log Plugin.
Year 2020 will be pretty busy for the Jenkins project. There are many long-overdue changes in the project, which need to happen if we want the project to succeed. As it was written Board elections blogpost, there are many areas to consider: UX revamp, cloud native Jenkins, pluggable storage, etc. In the coming months there will be a lot of discussions in mailing lists and special interest groups, and we invite all teams to work on their roadmaps and to communicate them in the community.
Next month we will participate in FOSDEM, and there will be a Jenkins stand there. On January 31st we will also host a traditional contributor summit in Brussels, where we will talk about next steps for the project, in terms of technical roadmaps and the project governance. If you are interested in Jenkins, stop by at our community booths and join us at the summit! See this thread for more information.
We also plan to continue all outreach programs. At the moment we are looking for Google Summer of Code 2020 mentors and project ideas (announcement), and we will be also interested to consider non-coding projects as a part of other programs like CommunityBridge. We also work on improving contribution guidelines for newcomers and expert contributors. If you are interested, please contact the Advocacy and Outreach SIG.
And even more
This blog post does not provide a full overview of what changed in the project. The Jenkins project consists of more than 2000 plugins and components which are developed by thousands of contributors. Thanks to them, a lot of changes happen in the project every day. We are cordially grateful to everybody who participates in the project, regardless of contribution size. Everything matters: new features, bug fixes, documentation, blog posts, well reported issues, Stackoverflow responses, etc. THANKS A LOT FOR ALL YOUR CONTRIBUTIONS!
So, keep updating Jenkins and exploring new features. And stay tuned, there is much more to come next year!
Jenkins core maintainer and board member. Oleg started using Hudson for Hardware/Embedded projects in 2008 and became an active Jenkins contributor in 2012. Nowadays he leads several Jenkins SIGs, outreach programs (Google Summer of Code, Hacktoberfest) and Jenkins meetups in Switzerland and Russia. Oleg works for CloudBees and focuses on key projects in the community. GitHub Twitter Blog
DevOps perspective provided by CD Foundation Premier Member CloudBees CEO Sacha Labourey – In section on “DevOps Competition Among Software Stocks”:
Many companies focus on making new apps available for customers in the internet cloud. That way they can be updated frequently.
CloudBees provides an assembly line type of platform that speeds up software releases. Customers include Hyatt Hotels (H), Capital One Financial (COF) and HSBC Holdings (HSBC).
Sacha Labourey, chief executive of CloudBees, says online competitors are disrupting the banking industry. These rivals focus on niches, like home loans.
“We don’t see any business shielded from software innovation,” he said. “It’s a new way to compete and it’s redefining many industries.”
Jenkins contributors have decided that our project should join this new foundation. This discussion happened over the time span of years, actually, but a relatively succinct summary of the motivations are here.
Now, as an user, what does this mean?
First, there will be no big disruption/discontinuity. The same people are still here, no URL is changing, releases will come out like they’ve always been. We make the decisions the same way we’ve been making, and pull requests land the same way. Changes will happen continuously over the period of time.
This is yet another testament to the maturity and the importance of the Jenkins project in this space. With a quarter million Jenkins running around the globe, it’s truly rocking the world of software development from IoT to games, cloud native webapps to machine learning projects. It makes Jenkins such an obvious, safe choice for anyone seeking open heterogeneous DevOps strategy.
The CDF creates a level playing field that is well-understood to organized contributors, which translate into more contributors, which results in a better Jenkins, faster. Over the past years, the Jenkins project has been steadily growing morestructures that provide this clarity, and this is the newest step on this trajectory.
Any serious dev teams are combining multiple tools and services to cover the whole software development spectrum. A lot of work gets reinvented in those teams to integrate those tools together. Jenkins will be working more closely with other projects under the umbrella of the CDF, which should result in better aligned software with less overlap.
Our users are practitioners trying to improve the software development process in their organizations. They get that CI/CD/automation unlocks the productivity that their organizations need, but that’s not always obvious to their organizations as a whole. So our users often struggle to get the necessary support. The CDF will advocate for the practice of Continuous Delivery, and because it’s not coming from a vendor or a project, it will reach the people who can lend that support.
So I hope you can see why we are so excited about this!
In fact, for us, this is an idea that we’ve been cooking for close to two years. I don’t think I’m exaggerating much to say the whole idea of the CDF started from the Jenkins project.
A lot of people have done a lot of work behind the scene to make this happen. But a few people played such instrumental roles that I have to personally thank them. Chris Aniszczyk for his patience and persistence, Tyler Croy for cooking and evolving the idea, and Tracy Miranda for making an idea into a reality.