Jenkins

This wiki page shows progress of packaging Jenkins in Fedora.

Tasks

• create packaging guidelines for Java web applications

• package all necessary dependencies
  • useful link: list of all Jenkins related GitHub repositories
• [done] port jenkins-core to jnr-posix 2.x (msrb)
  • upstream switched to jnr-posix, but jna-posix is still around, see: [pull request]
• port maven-hpi-plugin to jetty 9
  • currently uses jetty 6
  • low priority, only "run" mojo requires jetty
• [done] port maven-hpi-plugin to maven-archiver 2.5 (msrb)
  • currently uses 2.0 (+plexus-archiver 1.0-alpha4) it's 7 years old
  • done, testing needed [1]
• [[done]] stapler requires forked/slightly modified version of dom4j library (msrb)
• [[done]] jenkins-remoting bundles Base64 implementation (msrb)
  • replace with JDK implementation
  • testing needed, possibly upstreamable
• [[done]] jenkins-remoting bundles class (TeeOutputStream) from apache-commons-io (msrb)
  • replace with proper dependency on commons-io
• [[done]] jenkins-commons-jelly, update dependencies (msrb)
  • uses very old libraries, it doesn't build in Fedora without hacking pom file
• j-interop, probably needed to enslave Windows machines
  • bundles several other projects in j-interopdeps/
  • namely: jarapac, gnu crypto, jtds, iwombat
• [done] jenkins uses acegisecurity, port it to spring-security
  • related: [2],[3]
    • subtask: spring-security is not in Fedora, but gil prepared package(s) long time ago -> do the reviews:
    • [done] 882477, 882475, 882476, 882474
• [done] maven-stapler-plugin relies on com.sun.mirror.apt API which is no longer available in Java 7
  • looks like we can safely remove affected files
• maven-stapler-plugin bundles several classes from maven, unknown reason - investigate more
• [done] Jenkins uses forked xstream
• jBCrypt in Fedora doesn't install pom.xml and depmap
  • reported, patch attached: https://bugzilla.redhat.com/show_bug.cgi?id=1020651
• [done] antlr-maven-plugin: NPE
  • upstream: https://jira.codehaus.org/browse/MANTLR-34
  • Fedora: https://bugzilla.redhat.com/show_bug.cgi?id=1020312
• [done] port to apache-commons-io 2.x
• [done] port to apache-commons-fileupload 1.3
• [done] Jenkins uses forked trilead-ssh2
• [done] Jenkins uses forked jmdns
  • patch needs some testing
• [done] update to current version of args4j
• [done] update json-lib to current master branch in Fedora
  • update prepared, gooddata-cl package will need to be fixed in order to work with this latest version of json-lib
• what else?

Packaging

#	Package	Version	Review request	Packager	Comments	URL
1	jenkins-ci-pom	1.30	fail skip	msrb	unknown license, reported upstream by mizdebsk [4] not really needed	parent POM URL: [5]
2	localizer	1.15	[6] pass	msrb		URL: [7]
3	stapler	1.207	[8] pass	msrb		URL: [9]
4	maven-hpi-plugin	1.95	[10] pass	msrb	requires jetty 6 from some reason	Maven plugin for building Jenkins plugins URL: [11]
5	tiger-types	1.4	[12] pass	msrb	packaged by gil long time ago	URL: [13]
6	annotation-indexer	1.4	[14] pass	msrb		URL: [15]
7	metainf-services	1.4	[16] pass	msrb		URL: [17]
8	jinterop-proxy	1.1		msrb		URL: [18]
9	memory-monitor	1.7	[19] pass	msrb		URL: [20]
10	commons-jelly:commons-jelly-tags-xml					URL: ?
11	access-modifier-annotation	1.4	[21] pass	msrb		URL: [22]
12	org.springframework:spring-dao	2.5			probably our springframework-tx package, but Jenkins uses older version (2.5, we have 3.1)	URL: ?
13	libpam4j	1.7	[23] pass	msrb		URL: [24]
14	woodstox	3.2.9	pass		already in fedora, package woodstock-core (we have newer version, req.:3.2.9, we have:4.1.2	URL: [25]
15	jbcrypt	0.3m	pass		already in fedora (bug: [26])	URL: [27]
16	org.jvnet.hudson:xstream	1.4.4-jenkins-2	pass		we already have xstream in fedora Jenkins uses forked version	URL: [28]
17	org.jvnet.libzfs:libzfs	0.5			solaris specific, we won't need this	URL: [29]
18	org.jenkins-ci:trilead-ssh2	build214-jenkins-1	pass		we already have trilead-ssh2, Jenkins uses patched version	URL: [30]
19	windows-remote-command	1.3			looks windows specific, we won't probably need this	URL: [31]
20	jfree:jcommon	1.0.12	pass		already in fedora under different namespace (org.jfree:jcommon:1.0.18)	URL: ?
21	org.kohsuke:trilead-putty-extension	1.2	[32] pass	msrb	not 100% sure if needed, but debian guys have this and it's really simple package	URL: [33]
22	akuma	1.9	[34] pass	msrb		URL: [35]
23	commons-jelly:commons-jelly-tags-fmt					URL: ?
24	net.java.sezpoz:sezpoz	1.9	[36] pass	msrb	needed	URL: [37]
25	org.jvnet.hudson:jtidy	1.0	pass		jtidy package is already in fedora, jenkins uses patched version	URL: [38]
26	org.kohsuke:asm3	3.3.1	pass		this should be only renamed asm3, see [39]	URL: ?
27	org.jruby.ext.posix:jna-posix	1.0.3	fail replace	msrb	needed, but jna-posix upstream is dead replacement is called jnr-posix, we already have this package in Fedora, but patching Jenkins will be needed (this might be upstreamable)	URL: [40]
28	org.jenkins-ci:crypto-util	1.1	[41] pass	msrb		URL: [42]
29	xmlpull:xmlpull	1.1.3.8	pass		xpp3 package in fedora	URL: [43]
30	org.jenkins-ci:commons-jelly	1.1-jenkins-20120928	[44] pass	msrb		URL: [45]
31	org.kohsuke.jinterop:j-interop			msrb		URL: [46]
32	com.sun.solaris:embedded_su4j	1.1			sounds solaris specific, probably not needed	URL: [47]
33	org.jenkins-ci:jmdns	3.4.0	[48] pass	msrb	needed, Jenkins uses patched version (update: forked on github, but no changes have been made so far)	URL: [49] [50]
34	org.jvnet.winp:winp	1.6			sounds windows specific, not needed	URL: ?
35	org.jenkins-ci:commons-jexl	2.1.1	pass		looks like our version works just fine	URL: ?
36	org.jvnet.robust-http-client:robust-http-client	1.2	[51] pass	msrb	needed	URL: [52]
37	jfree:jfreechart	1.0.9	pass		already in fedora under different namespace (org.jfree:jfreechart:1.0.14)	URL: ?
38	org.jvnet.hudson.dom4j:dom4j	1.6.1	pass		patched dom4j used in Jenkins, required by stapler-jelly, our dom4j doesn't work with it	URL: [53]
39	org.jvnet.hudson:commons-jelly-tags-define					URL: ?
40	org.jenkins-ci.main:cli				this is artifact from jenkins tarball	URL: ?
41	org.kohsuke:windows-package-checker	1.1			probably not needed it looks out for windows reserved words in package names	URL: [54]
42	org.kohsuke:owasp-html-sanitizer	r88	[55] pass	msrb	project uses Makefile... review request: [56]	URL: [57] [58]
43	org.codehaus.groovy:groovy-all	1.8.8	pass		needed, already in fedora	URL: ?
44	org.kohsuke.jinterop:j-interopdeps			msrb	part of the j-interop package	URL: ?
45	org.acegisecurity:acegi-security		fail replace		needed, now called spring-security [[59]]	URL: ?
46	org.jenkins-ci.main:remoting	2.23	[60] pass	msrb	packaged	URL: [61]
47	org.jenkins-ci:jinterop-wmi				windows related, not needed	URL: [62]
48	org.jenkins-ci:version-number	1.1	[63] pass	msrb	needed	URL: [64]
49	org.kohsuke.stapler:json-lib					URL: [65]
50	com.infradna.tool:bridge-method-annotation	1.4	[66] pass	msrb	needed it's an artifact from bridge-method-injector	URL: [67] [68]
51	org.jvnet.hudson:activation					URL: ?
52	org.kohsuke.stapler:stapler-adjunct-zeroclipboard	1.0.7-2			javascript + .swf files (:/)	URL: [69]
53	org.jvnet.hudson:task-reactor	1.2	[70] pass	msrb	needed, we can safely use latest version 1.3	URL: [71]
54	findbugs:annotations	1.3.9	pass		already in fedora	URL: ?
55	org.jenkins-ci:core-annotation-processors			msrb		URL: [72]
56	com.sun.winsw:winsw	1.10			windows specific, not needed (scope is 'provided' anyway)	URL: [73]
57	maven-jellydoc-plugin	1.5		msrb	not needed	URL: [74]
58	maven-stapler-plugin	1.16		msrb	needed	URL: [75]
59	stapler-adjunct-timeline	1.4				URL: [76]
60	stapler-adjunct-codemirror	1.2				URL: [77]
61	org.zeroturnaround:jr-sdk	2.1.1		msrb	needed by stapler-jrebel update: but it looks like stapler-jrebel is not actually needed	URL: ?
62	kohsuke-pom	5	[78] pass	msrb	needed by many projects	URL: [79]
63	maven-jellydoc-plugin	1.4		msrb		URL: [80]
64	net.java.dev.textile-j:textile-j	2.2.864		msrb		URL: [81]
65	org.jenkins-ci:constant-pool-scanner	1.2	[82] pass	msrb	needed by jenkins-remoting 2.32	URL: [83]
66	org.jenkins-ci:bytecode-compatibility-transformer	1.3	[84] pass	msrb		URL: [85]