Updating sshd-core to 1.4.0 #10
Conversation
I have a PR in flight that upgrades this to 1.2.0 |
|
This pull request originates from a CloudBees employee. At CloudBees, we require that all pull requests be reviewed by other CloudBees employees before we seek to have the change accepted. If you want to learn more about our process please see this explanation. |
… of sshd-core for client & server.
|
Manually tested |
|
Some other research according to the compatibility change in 1.0 https://git-w%69p-us.apache.org/repos/asf?p=mina-sshd.git;a=commitdiff;h=6824d759a9f89940c7deccc710a2f6071ce93dba:
So no explicit risk in the jenkinci GitHub organization if we do not care about the unreleased SSH CLI plugin.
I am working on further review |
|
Other dependencies:
No explicit issues in transient dependencies from what I see, but my Maven kung-fu does not seem to be strong enough to reliably check all libs being used in Jenkins plugins |
|
Might be worth going to 1.4.0; would pick up apache/mina-sshd#29, for starters. |
|
Since we are not limited by Java anymore, +1 for the latest version. Still
requires a community decision on the compat change. How do we proceed here,
@jenkinsci/code-reviewers?
…On Apr 11, 2017 23:43, "Jesse Glick" ***@***.***> wrote:
Might be worth going to 1.4.0; would pick up apache/mina-sshd#29
<apache/mina-sshd#29>, for starters.
—
You are receiving this because your review was requested.
Reply to this email directly, view it on GitHub
<#10 (comment)>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/AC3IoKJsYXQ29OjCfRXOlka1H1LbSA6Kks5ru_PsgaJpZM4MeHmE>
.
|
|
@jenkinsci/code-reviewers and maybe @daniel-beck How do we proceed here? Is the analysis above enough to justify the compat change? |
pom.xml
Outdated
| @@ -4,6 +4,7 @@ | |||
| <groupId>org.jenkins-ci.plugins</groupId> | |||
| <artifactId>plugin</artifactId> | |||
| <version>2.24</version> | |||
| <relativePath /> | |||
| </parent> | |||
|
|
|||
| <groupId>org.jenkins-ci.modules</groupId> | |||
There was a problem hiding this comment.
The release version should be 2.0 just in case
|
I need to at least prepare an update to 1.4.0, and a matching core integration PR (which can also update |
I did the line-by-line review of changes (see above) and also discovered nothing really risky. Just one unreleased plugin + likely some issues with PCT after the merge. So 🐝 from me and @reviewbybees done |
|
Nope I doint think there will be any conflicts :) I believe there is a problem with sshd 1.4.0 though, see https://bugs.chromium.org/p/gerrit/issues/detail?id=5905 and https://issues.apache.org/jira/plugins/servlet/mobile#issue/SSHD-736 1.2.0 works fine. |
What makes you think SSHD-736 will have any effect on Jenkins? Looks offhand like a fairly technical issue limited to another environment. |
|
Just was warning just in case. Anyways it may not affect jenkins. |
|
@oleg-nenashev there should be no interference that I'm aware of: Trilead isn't used in core for making any connection, and the version of Trilead in CLI has been left as-is so there shouldn't be a change in how it tries to connect to SSHD. |
|
Will merge it tomorrow once I figure out an issue number for it |
|
I would like to bump up to 1.4.0 first, and set up an integration PR. |
|
I will try to check it today |
|
Additionally integrated changes:
All changes there look fine, hence I am going to merge this version and maybe give a try with new Jenkins core and SSH stuff early on the next week |
Helpful, if not strictly required, for jenkinsci/jenkins#2795. Cf. #8.
Note that
sshd-coreis not compatible across the 1.0 boundary (hence thesrc/main/java/changes), butSshCommandFactory, which is only referring toCommand, which does not seem to have changed in interface (including its transitive dependencies) since 0.x.cloudbees-ssh-slavesuses 0.13.0 and would not compile against 1.x, but it declares an explicit dependency and usespluginFirstClassLoader.ssh-agentuses 1.0 andpluginFirstClassLoader.remote-terminal-accessuses Jenkins’ version and will not work with 1.x, but only in the commands that would be broken by [JENKINS-41745] Non-Remoting-based CLI jenkins#2795 anyway (at least without using deprecated Remoting mode); it could probably be fixed up to work in Remoting mode by using thepluginFirstClassLoadertrick.plugin-compat-tester, but this is not a user issue and is easily solved by declaring an explicittest-scoped dependency on 1.x.@reviewbybees