From jerry at opendnssec.org Sat Mar 1 13:57:31 2014 From: jerry at opendnssec.org (=?ISO-8859-1?Q?Jerry_Lundstr=F6m?=) Date: Sat, 1 Mar 2014 14:57:31 +0100 Subject: [Opendnssec-develop] About the 2.0 ORM layer Message-ID: Hi all, I would like to take a stab at this ORM thingy and to do that I would need a bit of feedback. - Are we happy with the database schema? This will require extracting the database schema and maybe create an issue where we can discuss it with the people most suited. - Can someone point to a good example where they think the ORM works nicely? - Can someone point to a good example where they think the ORM behaves badly? -- Jerry Lundstr?m - OpenDNSSEC Developer http://www.opendnssec.org/ -------------- next part -------------- An HTML attachment was scrubbed... URL: From yuri at nlnetlabs.nl Sat Mar 1 14:11:59 2014 From: yuri at nlnetlabs.nl (Yuri Schaeffer) Date: Sat, 01 Mar 2014 15:11:59 +0100 Subject: [Opendnssec-develop] Re: New TeamSpeak server for meetings In-Reply-To: References: <5BE9B4B9-AD69-41FC-AD2B-8AEB3AD47D3C@opendnssec.org> Message-ID: <5311EAAF.4040008@nlnetlabs.nl> > The firewall has now been patted on and is very happy, if you have time > please test it out. I'm allowed access but I have not tried voice. Could you enable encryption on the meeting channel? It was requested for and enabled on my setup and it seemed to cause no problems whatsoever. //Yuri From yuri at nlnetlabs.nl Sun Mar 2 22:20:59 2014 From: yuri at nlnetlabs.nl (Yuri Schaeffer) Date: Sun, 02 Mar 2014 23:20:59 +0100 Subject: [Opendnssec-develop] Re: About the 2.0 ORM layer In-Reply-To: References: Message-ID: <5313AECB.90207@nlnetlabs.nl> > - Are we happy with the database schema? yes, I see no problems with it. > - Can someone point to a good example where they think the ORM works nicely? > - Can someone point to a good example where they think the ORM behaves > badly? Well, an example would be the code to generate the key list (keystate/keystate_list_task.cpp) and then for example perform_keystate_list_compat(). First you would need to fetch the (database-)keys to all zones. OrmMessageEnum(conn, zone.descriptor(), rows) Then you can loop over rows to fill the zone data structure doing: OrmGetMessage(rows, zone, true) The 3th param indicates that not only the EnforcerZone table is queried but also recursively all the subtables. This is needed because the key states are in a different table of course. So as a result this is what I believe happens when for example having a thousand zones, 2 keys each (see keystate.proto for schema): 1 + 1000 + 2*1000 + 4*2*1000 = 11,001 queries. this might be a low estimation really, depending on the implementation details. - I'd have to test. Bottom line is: it is more than 1 by several orders of magnitude. //Yuri From jerry at opendnssec.org Mon Mar 3 08:44:32 2014 From: jerry at opendnssec.org (=?ISO-8859-1?Q?Jerry_Lundstr=F6m?=) Date: Mon, 3 Mar 2014 09:44:32 +0100 Subject: [Opendnssec-develop] Working on the build bot, might be unresponsive or will fail Message-ID: Will send an email when I'm done. -- Jerry Lundstr?m - OpenDNSSEC Developer http://www.opendnssec.org/ -------------- next part -------------- An HTML attachment was scrubbed... URL: From jerry at opendnssec.org Mon Mar 3 12:26:11 2014 From: jerry at opendnssec.org (=?ISO-8859-1?Q?Jerry_Lundstr=F6m?=) Date: Mon, 3 Mar 2014 13:26:11 +0100 Subject: [Opendnssec-develop] Build users feature branch without pull request Message-ID: Please comment/vote on https://issues.opendnssec.org/browse/OPENDNSSEC-570 . -- Jerry Lundstr?m - OpenDNSSEC Developer http://www.opendnssec.org/ -------------- next part -------------- An HTML attachment was scrubbed... URL: From sara at sinodun.com Mon Mar 3 13:10:49 2014 From: sara at sinodun.com (Sara Dickinson) Date: Mon, 3 Mar 2014 13:10:49 +0000 Subject: [Opendnssec-develop] Re: About the 2.0 ORM layer In-Reply-To: References: Message-ID: On 1 Mar 2014, at 13:57, Jerry Lundstr?m wrote: > Hi all, > > I would like to take a stab at this ORM thingy and to do that I would need a bit of feedback. > > - Are we happy with the database schema? > This will require extracting the database schema and maybe create an issue where we can discuss it with the people most suited. > - Can someone point to a good example where they think the ORM works nicely? > - Can someone point to a good example where they think the ORM behaves badly? > Hi Jerry, As we all agreed at the workshop on Friday the next step is that I will work with Yuri to continue with the profiling work we have already started. I don?t think you need to be involved at this point - I think it makes much more sense for you to continue with all the work you are doing on the git workflow, the build bot, etc. Thanks Sara. From jerry at opendnssec.org Mon Mar 3 14:45:30 2014 From: jerry at opendnssec.org (=?ISO-8859-1?Q?Jerry_Lundstr=F6m?=) Date: Mon, 3 Mar 2014 15:45:30 +0100 Subject: [Opendnssec-develop] Re: About the 2.0 ORM layer In-Reply-To: References: Message-ID: Hi, On Mon, Mar 3, 2014 at 2:10 PM, Sara Dickinson wrote: > > As we all agreed at the workshop on Friday the next step is that I will > work with Yuri to continue with the profiling work we have already started. > I don't think you need to be involved at this point - I think it makes much > more sense for you to continue with all the work you are doing on the git > workflow, the build bot, etc. > Thats fine, you and Yuri can continue on the profiling. What I was thinking of doing was for the short run see if I can figure out how we can use the ORM in a better way and for the long run see if we can find a replacement because the more I look at it the less protobuf fits into it all. And I was not about to stop working on the git workflow, the build bot etc. -- Jerry Lundstr?m - OpenDNSSEC Developer http://www.opendnssec.org/ -------------- next part -------------- An HTML attachment was scrubbed... URL: From jerry at opendnssec.org Mon Mar 3 14:47:25 2014 From: jerry at opendnssec.org (=?ISO-8859-1?Q?Jerry_Lundstr=F6m?=) Date: Mon, 3 Mar 2014 15:47:25 +0100 Subject: [Opendnssec-develop] Re: About the 2.0 ORM layer In-Reply-To: <5313AECB.90207@nlnetlabs.nl> References: <5313AECB.90207@nlnetlabs.nl> Message-ID: Hi, On Sun, Mar 2, 2014 at 11:20 PM, Yuri Schaeffer wrote: > > Well, an example would be the code to generate the key list > (keystate/keystate_list_task.cpp) and then for example > perform_keystate_list_compat(). > > So as a result this is what I believe happens when for example having a > thousand zones, 2 keys each (see keystate.proto for schema): > 1 + 1000 + 2*1000 + 4*2*1000 = 11,001 queries. > Thanks for the "bad" example, no "good" ones? -- Jerry Lundstr?m - OpenDNSSEC Developer http://www.opendnssec.org/ -------------- next part -------------- An HTML attachment was scrubbed... URL: From jerry at opendnssec.org Mon Mar 3 15:26:48 2014 From: jerry at opendnssec.org (=?ISO-8859-1?Q?Jerry_Lundstr=F6m?=) Date: Mon, 3 Mar 2014 16:26:48 +0100 Subject: [Opendnssec-develop] Git doc Message-ID: Hi, https://wiki.opendnssec.org/display/OpenDNSSEC/Git has been updated with regards to upstream usage. Please read and comment it on https://issues.opendnssec.org/browse/OPENDNSSEC-565 . -- Jerry Lundstr?m - OpenDNSSEC Developer http://www.opendnssec.org/ -------------- next part -------------- An HTML attachment was scrubbed... URL: From jerry at opendnssec.org Wed Mar 5 12:09:21 2014 From: jerry at opendnssec.org (=?iso-8859-1?Q?Jerry_Lundstr=F6m?=) Date: Wed, 5 Mar 2014 13:09:21 +0100 Subject: [Opendnssec-develop] Jenkins jobs disabled // Updating test platforms Message-ID: Hi, Turning of Jenkins for a while, updating test platforms and setting up so that bind tests can run on all platforms. -- Jerry Lundstr?m - OpenDNSSEC Developer http://www.opendnssec.org/ -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 625 bytes Desc: Message signed with OpenPGP using GPGMail URL: From jerry at opendnssec.org Wed Mar 5 12:25:57 2014 From: jerry at opendnssec.org (=?iso-8859-1?Q?Jerry_Lundstr=F6m?=) Date: Wed, 5 Mar 2014 13:25:57 +0100 Subject: [Opendnssec-develop] Re: Jenkins jobs disabled // Updating test platforms In-Reply-To: References: Message-ID: On 05 Mar 2014, at 13:09 , Jerry Lundstr?m wrote: > Turning of Jenkins for a while, updating test platforms and setting up so that bind tests can run on all platforms. Jenkins jobs are back online. -- Jerry Lundstr?m - OpenDNSSEC Developer http://www.opendnssec.org/ -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 625 bytes Desc: Message signed with OpenPGP using GPGMail URL: From sara at sinodun.com Thu Mar 6 18:02:28 2014 From: sara at sinodun.com (Sara Dickinson) Date: Thu, 6 Mar 2014 18:02:28 +0000 Subject: [Opendnssec-develop] Developer workshop In-Reply-To: <14159306-9BCC-462C-B59A-20FD525D4090@sinodun.com> References: <14159306-9BCC-462C-B59A-20FD525D4090@sinodun.com> Message-ID: Hi All, The minutes from the developer workshop are now available for review: https://wiki.opendnssec.org/display/OpenDNSSEC/Developer+workshop+-+London+Feb+2014+-+Minutes Corrections/clarifications/additions/comments welcome! Sara. On 26 Feb 2014, at 13:47, Sara Dickinson wrote: > Hi All, > > Just updated the wiki page below with times for the workshop. Plan is to start at 9am tomorrow. Also added a couple of options for dinner. > > See you tomorrow. > > Sara. > From rickard at opendnssec.org Tue Mar 11 12:21:49 2014 From: rickard at opendnssec.org (Rickard Bellgrim) Date: Tue, 11 Mar 2014 13:21:49 +0100 Subject: [Opendnssec-develop] Input on SOFTHSM-89 Message-ID: Hi I would like to have some input on issue SOFTHSM-89. https://issues.opendnssec.org/browse/SOFTHSM-89 Currently SoftHSMv2 uses strings to signal what algorithm to use in the crypto implementation. It is also supporting many algorithms/mechanisms which results in a lot of transformations and comparisons for each crypto operation. I am suggesting to change this into constants in order to gain performance. Please comment in the given issue ticket. // Rickard -------------- next part -------------- An HTML attachment was scrubbed... URL: From sara at sinodun.com Tue Mar 11 15:47:15 2014 From: sara at sinodun.com (Sara Dickinson) Date: Tue, 11 Mar 2014 15:47:15 +0000 Subject: [Opendnssec-develop] RE: 1.4.4 release candidate Message-ID: <1BA2BB37-78B8-49E2-87D4-AF62EACDA011@sinodun.com> Hi All, I?d like to try to target a 1.4.4 release candidate for Friday of this week: https://issues.opendnssec.org/secure/RapidBoard.jspa?rapidView=10&selected&sprint=7 I think we should have the outstanding issues completed by then. Let me know if you think this will be a problem. Regards Sara. From matthijs at nlnetlabs.nl Wed Mar 12 07:19:29 2014 From: matthijs at nlnetlabs.nl (Matthijs Mekking) Date: Wed, 12 Mar 2014 08:19:29 +0100 Subject: [Opendnssec-develop] RE: 1.4.4 release candidate In-Reply-To: <1BA2BB37-78B8-49E2-87D4-AF62EACDA011@sinodun.com> References: <1BA2BB37-78B8-49E2-87D4-AF62EACDA011@sinodun.com> Message-ID: <53200A81.6050802@nlnetlabs.nl> On 03/11/2014 04:47 PM, Sara Dickinson wrote: > Hi All, > > I?d like to try to target a 1.4.4 release candidate for Friday of this week: > > https://issues.opendnssec.org/secure/RapidBoard.jspa?rapidView=10&selected&sprint=7 > > I think we should have the outstanding issues completed by then. Let me know if you think this will be a problem. Jira is throwing me 500 and 503s... > > Regards > > Sara. > > _______________________________________________ > Opendnssec-develop mailing list > Opendnssec-develop at lists.opendnssec.org > https://lists.opendnssec.org/mailman/listinfo/opendnssec-develop > From sara at sinodun.com Wed Mar 12 09:03:12 2014 From: sara at sinodun.com (Sara Dickinson) Date: Wed, 12 Mar 2014 09:03:12 +0000 Subject: [Opendnssec-develop] 1.4.4 release candidate In-Reply-To: <53200A81.6050802@nlnetlabs.nl> References: <1BA2BB37-78B8-49E2-87D4-AF62EACDA011@sinodun.com> <53200A81.6050802@nlnetlabs.nl> Message-ID: <2C76846D-19AD-46EB-9A9B-4B4EE0AE888E@sinodun.com> On 12 Mar 2014, at 07:19, Matthijs Mekking wrote: > > Jira is throwing me 500 and 503s... Ah, yes. Me too. Jakob, I think you made a small change to JIRA yesterday - could this be related? Sara. From jerry at opendnssec.org Wed Mar 12 09:09:53 2014 From: jerry at opendnssec.org (=?iso-8859-1?Q?Jerry_Lundstr=F6m?=) Date: Wed, 12 Mar 2014 10:09:53 +0100 Subject: [Opendnssec-develop] 1.4.4 release candidate In-Reply-To: <2C76846D-19AD-46EB-9A9B-4B4EE0AE888E@sinodun.com> References: <1BA2BB37-78B8-49E2-87D4-AF62EACDA011@sinodun.com> <53200A81.6050802@nlnetlabs.nl> <2C76846D-19AD-46EB-9A9B-4B4EE0AE888E@sinodun.com> Message-ID: <68012228-173F-42CA-A958-195931DD49CF@opendnssec.org> On 12 Mar 2014, at 10:03 , Sara Dickinson wrote: > Jakob, I think you made a small change to JIRA yesterday - could this be related? No, I think Jira has been updated and it died after that. Roland, can you check? -- Jerry Lundstr?m - OpenDNSSEC Developer http://www.opendnssec.org/ -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 625 bytes Desc: Message signed with OpenPGP using GPGMail URL: From Roland.vanRijswijk at surfnet.nl Wed Mar 12 10:34:51 2014 From: Roland.vanRijswijk at surfnet.nl (Roland van Rijswijk - Deij) Date: Wed, 12 Mar 2014 11:34:51 +0100 Subject: [Opendnssec-develop] 1.4.4 release candidate In-Reply-To: <68012228-173F-42CA-A958-195931DD49CF@opendnssec.org> References: <1BA2BB37-78B8-49E2-87D4-AF62EACDA011@sinodun.com> <53200A81.6050802@nlnetlabs.nl> <2C76846D-19AD-46EB-9A9B-4B4EE0AE888E@sinodun.com> <68012228-173F-42CA-A958-195931DD49CF@opendnssec.org> Message-ID: <5320384B.90409@surfnet.nl> Hi, Jerry Lundstr?m wrote: > On 12 Mar 2014, at 10:03 , Sara Dickinson wrote: > >> Jakob, I think you made a small change to JIRA yesterday - could this be related? > > No, I think Jira has been updated and it died after that. > > Roland, can you check? It seems it wasn't very happy after the upgrade (some memory issues), they claim it should be fixed now. Please let me know if it glitches again. Bear with me for some time, the new sysadmins are working on an entirely new setup that should perform better... Cheers, Roland -- -- Roland M. van Rijswijk - Deij -- SURFnet bv -- w: http://www.surfnet.nl/en/ -- t: +31-30-2305388 -- e: roland.vanrijswijk at surfnet.nl From matthijs at nlnetlabs.nl Wed Mar 12 13:32:34 2014 From: matthijs at nlnetlabs.nl (Matthijs Mekking) Date: Wed, 12 Mar 2014 14:32:34 +0100 Subject: [Opendnssec-develop] SUPPORT-130 Message-ID: <532061F2.5080209@nlnetlabs.nl> Any thoughts on https://issues.opendnssec.org/browse/SUPPORT-130 ? Best regards, Matthijs From patrik.wallstrom at iis.se Wed Mar 12 13:40:59 2014 From: patrik.wallstrom at iis.se (=?Windows-1252?Q?Patrik_Wallstr=F6m?=) Date: Wed, 12 Mar 2014 14:40:59 +0100 Subject: [Opendnssec-develop] SUPPORT-130 In-Reply-To: <532061F2.5080209@nlnetlabs.nl> References: <532061F2.5080209@nlnetlabs.nl> Message-ID: <38AA7677-7300-49A9-804D-51EC67FB78A8@iis.se> On 12 Mar 2014, at 14:32, Matthijs Mekking wrote: > Any thoughts on https://issues.opendnssec.org/browse/SUPPORT-130 ? I think that changing the semantics of ?keep? would be problematic. Wouldn?t Egor be better off to choose some other serial number scheme than ?keep?? -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 841 bytes Desc: Message signed with OpenPGP using GPGMail URL: From jerry at opendnssec.org Wed Mar 12 13:51:34 2014 From: jerry at opendnssec.org (=?iso-8859-1?Q?Jerry_Lundstr=F6m?=) Date: Wed, 12 Mar 2014 14:51:34 +0100 Subject: [Opendnssec-develop] SUPPORT-130 In-Reply-To: <38AA7677-7300-49A9-804D-51EC67FB78A8@iis.se> References: <532061F2.5080209@nlnetlabs.nl> <38AA7677-7300-49A9-804D-51EC67FB78A8@iis.se> Message-ID: On 12 Mar 2014, at 14:40 , Patrik Wallstr?m wrote: > On 12 Mar 2014, at 14:32, Matthijs Mekking wrote: > >> Any thoughts on https://issues.opendnssec.org/browse/SUPPORT-130 ? > > I think that changing the semantics of ?keep? would be problematic. Wouldn?t Egor be better off to choose some other serial number scheme than ?keep?? We should not change how keep works and introducing something new that potentially breaks more then it help isn?t a good idea. /2c -- Jerry Lundstr?m - OpenDNSSEC Developer http://www.opendnssec.org/ -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 625 bytes Desc: Message signed with OpenPGP using GPGMail URL: From sion at nominet.org.uk Wed Mar 12 14:00:21 2014 From: sion at nominet.org.uk (=?windows-1252?Q?Si=F4n_Lloyd?=) Date: Wed, 12 Mar 2014 14:00:21 +0000 Subject: [Opendnssec-develop] SUPPORT-130 In-Reply-To: References: <532061F2.5080209@nlnetlabs.nl> <38AA7677-7300-49A9-804D-51EC67FB78A8@iis.se> Message-ID: <53206875.9050000@nominet.org.uk> On 12/03/14 13:51, Jerry Lundstr?m wrote: > On 12 Mar 2014, at 14:40 , Patrik Wallstr?m wrote: > >> On 12 Mar 2014, at 14:32, Matthijs Mekking wrote: >> >>> Any thoughts on https://issues.opendnssec.org/browse/SUPPORT-130 ? >> I think that changing the semantics of ?keep? would be problematic. Wouldn?t Egor be better off to choose some other serial number scheme than ?keep?? > We should not change how keep works and introducing something new that potentially breaks more then it help isn?t a good idea. > > /2c > "I have other means to ensure that my secondaries will get a proper zone file without relying too much on serial numbers"... Notify/AXFR/IXFR are not the only mechanism for zone file transfer; if you are not using those mechanisms you presumably shouldn't care about the serial so much... So I can see a use case for a scheme that turns that CRITICAL into a WARNING; however I'd worry about the accidental use of such a scheme. Sion From matthijs at nlnetlabs.nl Wed Mar 12 14:18:20 2014 From: matthijs at nlnetlabs.nl (Matthijs Mekking) Date: Wed, 12 Mar 2014 15:18:20 +0100 Subject: [Opendnssec-develop] SUPPORT-130 In-Reply-To: References: <532061F2.5080209@nlnetlabs.nl> <38AA7677-7300-49A9-804D-51EC67FB78A8@iis.se> Message-ID: <53206CAC.5080400@nlnetlabs.nl> On 03/12/2014 02:51 PM, Jerry Lundstr?m wrote: > On 12 Mar 2014, at 14:40 , Patrik Wallstr?m wrote: > >> On 12 Mar 2014, at 14:32, Matthijs Mekking wrote: >> >>> Any thoughts on https://issues.opendnssec.org/browse/SUPPORT-130 ? >> >> I think that changing the semantics of ?keep? would be problematic. Wouldn?t Egor be better off to choose some other serial number scheme than ?keep?? > > We should not change how keep works and introducing something new that potentially breaks more then it help isn?t a good idea. > > /2c Exactly my thought, but Egor identifies a need of a new serial value which we can call "keep_and_dont_check_increment" (and then we need to come up with a better name). > > -- > Jerry Lundstr?m - OpenDNSSEC Developer > http://www.opendnssec.org/ > From sara at sinodun.com Wed Mar 12 19:09:01 2014 From: sara at sinodun.com (Sara Dickinson) Date: Wed, 12 Mar 2014 19:09:01 +0000 Subject: [Opendnssec-develop] 1.4.4 release candidate In-Reply-To: <5320384B.90409@surfnet.nl> References: <1BA2BB37-78B8-49E2-87D4-AF62EACDA011@sinodun.com> <53200A81.6050802@nlnetlabs.nl> <2C76846D-19AD-46EB-9A9B-4B4EE0AE888E@sinodun.com> <68012228-173F-42CA-A958-195931DD49CF@opendnssec.org> <5320384B.90409@surfnet.nl> Message-ID: <93124187-3C52-4134-AFDF-A3C97EDF312E@sinodun.com> On 12 Mar 2014, at 10:34, Roland van Rijswijk - Deij wrote: > > It seems it wasn't very happy after the upgrade (some memory issues), > they claim it should be fixed now. Please let me know if it glitches > again. Bear with me for some time, the new sysadmins are working on an > entirely new setup that should perform better? > Thanks Roland, all seems ok now. And thanks Jakob, the commit links under the ?Source? tab look happy too :-) Sara. From Roland.vanRijswijk at surfnet.nl Thu Mar 13 14:02:34 2014 From: Roland.vanRijswijk at surfnet.nl (Roland van Rijswijk - Deij) Date: Thu, 13 Mar 2014 15:02:34 +0100 Subject: [Opendnssec-develop] Maintenance on wiki.opendnssec.org and issues.opendnssec.org March 14th at 14:00h CET Message-ID: <5321BA7A.6050309@surfnet.nl> L.S., This is an advance notice that there will be maintenance on wiki.opendnssec.org and issues.opendnssec.org tomorrow, Friday March 14th from 14:00h CET. Maintenance is expected to take approximately 1.5 hours and both sites may be unavailable during the maintenance window. Best regards, Roland -- -- Roland M. van Rijswijk - Deij -- SURFnet bv -- w: http://www.surfnet.nl/en/ -- t: +31-30-2305388 -- e: roland.vanrijswijk at surfnet.nl From jerry at opendnssec.org Fri Mar 14 10:25:32 2014 From: jerry at opendnssec.org (=?ISO-8859-1?Q?Jerry_Lundstr=F6m?=) Date: Fri, 14 Mar 2014 11:25:32 +0100 Subject: [Opendnssec-develop] FishEye and Crucible will be disabled today Message-ID: Hi, Both FishEye and Crucible will be disabled today, as we moved to GitHub we now link Jira directly to GitHub. We have removed the link between Jira and FishEye but you should still see your commits under the Commits tab in an issue if you tagged the commit correctly. If you see any problems in Jira with the link to GitHub please post about it. We will remove FishEye and Crucible later on when we are happy that nothing else broke or is missing in Jira. -- Jerry Lundstr?m - OpenDNSSEC Developer http://www.opendnssec.org/ -------------- next part -------------- An HTML attachment was scrubbed... URL: From sara at sinodun.com Fri Mar 14 11:33:35 2014 From: sara at sinodun.com (Sara Dickinson) Date: Fri, 14 Mar 2014 11:33:35 +0000 Subject: [Opendnssec-develop] 1.4.4 release candidate In-Reply-To: <1BA2BB37-78B8-49E2-87D4-AF62EACDA011@sinodun.com> References: <1BA2BB37-78B8-49E2-87D4-AF62EACDA011@sinodun.com> Message-ID: <3777B215-2BA8-4466-80BA-51B629024A77@sinodun.com> On 11 Mar 2014, at 15:47, Sara Dickinson wrote: > Hi All, > > I?d like to try to target a 1.4.4 release candidate for Friday of this week: > > https://issues.opendnssec.org/secure/RapidBoard.jspa?rapidView=10&selected&sprint=7 > All, I would still like to go ahead with the 1.4.4 release candidate today if possible. There are two minor enforcer issues outstanding but I think both of these can be finished (or postponed) today. Otherwise, I believe the release is ready. FYI - I am out of the office next Monday and probably Tuesday. We also have a team meeting scheduled for next Thursday 20th March at 14:00 CET. I plan to add an agenda item for that meeting to finalise together how the 2.0 development will move forward, who will be involved and who will co-ordinate this work. Sara. From jerry at opendnssec.org Fri Mar 14 11:38:42 2014 From: jerry at opendnssec.org (=?ISO-8859-1?Q?Jerry_Lundstr=F6m?=) Date: Fri, 14 Mar 2014 12:38:42 +0100 Subject: [Opendnssec-develop] 1.4.4 release candidate In-Reply-To: <3777B215-2BA8-4466-80BA-51B629024A77@sinodun.com> References: <1BA2BB37-78B8-49E2-87D4-AF62EACDA011@sinodun.com> <3777B215-2BA8-4466-80BA-51B629024A77@sinodun.com> Message-ID: Hi, On Fri, Mar 14, 2014 at 12:33 PM, Sara Dickinson wrote: > > We also have a team meeting scheduled for next Thursday 20th March at > 14:00 CET. I plan to add an agenda item for that meeting to finalise > together how the 2.0 development will move forward, who will be involved > and who will co-ordinate this work. > I can not make 14.00. Could we move it to 10.00 CET or 16.00 CET? -- Jerry Lundstr?m - OpenDNSSEC Developer http://www.opendnssec.org/ -------------- next part -------------- An HTML attachment was scrubbed... URL: From sara at sinodun.com Fri Mar 14 11:57:44 2014 From: sara at sinodun.com (Sara Dickinson) Date: Fri, 14 Mar 2014 11:57:44 +0000 Subject: [Opendnssec-develop] 1.4.4 release candidate In-Reply-To: References: <1BA2BB37-78B8-49E2-87D4-AF62EACDA011@sinodun.com> <3777B215-2BA8-4466-80BA-51B629024A77@sinodun.com> Message-ID: <5A079314-F866-4D5B-98E0-FB64A00DB73A@sinodun.com> On 14 Mar 2014, at 11:38, Jerry Lundstr?m wrote: > Hi, > > On Fri, Mar 14, 2014 at 12:33 PM, Sara Dickinson wrote: > > We also have a team meeting scheduled for next Thursday 20th March at 14:00 CET. I plan to add an agenda item for that meeting to finalise together how the 2.0 development will move forward, who will be involved and who will co-ordinate this work. > > I can not make 14.00. Could we move it to 10.00 CET or 16.00 CET? I can?t do 10:00, but 16:00 is OK. So new proposed time for team meeting is Thursday 20th March at 16:00 CET. Please let me know if this is a problem for anyone else. Sara. -------------- next part -------------- A non-text attachment was scrubbed... Name: OpenDNSSEC team meeting.ics Type: text/calendar Size: 715 bytes Desc: not available URL: -------------- next part -------------- From sara at sinodun.com Fri Mar 14 12:18:49 2014 From: sara at sinodun.com (Sara Dickinson) Date: Fri, 14 Mar 2014 12:18:49 +0000 Subject: [Opendnssec-develop] FishEye and Crucible will be disabled today In-Reply-To: References: Message-ID: Hi, I think I missed the decision that we were going to get rid of Fisheye? At the developer workshop we agreed to keep it. I find it a really useful tool, _much_ easier for code browsing than GitHub and with more features. It is really useful for reviewing release content prior to a release. Why was this decision made? Can we keep it? Sara. On 14 Mar 2014, at 10:25, Jerry Lundstr?m wrote: > Hi, > > Both FishEye and Crucible will be disabled today, as we moved to GitHub we now link Jira directly to GitHub. We have removed the link between Jira and FishEye but you should still see your commits under the Commits tab in an issue if you tagged the commit correctly. > > If you see any problems in Jira with the link to GitHub please post about it. > > We will remove FishEye and Crucible later on when we are happy that nothing else broke or is missing in Jira. > > -- > Jerry Lundstr?m - OpenDNSSEC Developer > http://www.opendnssec.org/ > _______________________________________________ > Opendnssec-develop mailing list > Opendnssec-develop at lists.opendnssec.org > https://lists.opendnssec.org/mailman/listinfo/opendnssec-develop From jerry at opendnssec.org Fri Mar 14 12:24:50 2014 From: jerry at opendnssec.org (=?ISO-8859-1?Q?Jerry_Lundstr=F6m?=) Date: Fri, 14 Mar 2014 13:24:50 +0100 Subject: [Opendnssec-develop] FishEye and Crucible will be disabled today In-Reply-To: References: Message-ID: On Fri, Mar 14, 2014 at 1:18 PM, Sara Dickinson wrote: > > I think I missed the decision that we were going to get rid of Fisheye? > You were included in the off-list discussion about this. We are not getting rid of it just yet, we are disabling it (will probably just be shutdown). -- Jerry Lundstr?m - OpenDNSSEC Developer http://www.opendnssec.org/ -------------- next part -------------- An HTML attachment was scrubbed... URL: From sion at nominet.org.uk Fri Mar 14 12:25:38 2014 From: sion at nominet.org.uk (=?ISO-8859-1?Q?Si=F4n_Lloyd?=) Date: Fri, 14 Mar 2014 12:25:38 +0000 Subject: [Opendnssec-develop] FishEye and Crucible will be disabled today In-Reply-To: References: Message-ID: <5322F542.7000906@nominet.org.uk> On 14/03/14 12:18, Sara Dickinson wrote: > Hi, > > I think I missed the decision that we were going to get rid of Fisheye? > > At the developer workshop we agreed to keep it. I find it a really useful tool, _much_ easier for code browsing than GitHub and with more features. It is really useful for reviewing release content prior to a release. > > Why was this decision made? Can we keep it? I agree. Can we at least keep it in parallel for a few months and then decide if it is still useful or not? Sion > Sara. > > On 14 Mar 2014, at 10:25, Jerry Lundstr?m wrote: > >> Hi, >> >> Both FishEye and Crucible will be disabled today, as we moved to GitHub we now link Jira directly to GitHub. We have removed the link between Jira and FishEye but you should still see your commits under the Commits tab in an issue if you tagged the commit correctly. >> >> If you see any problems in Jira with the link to GitHub please post about it. >> >> We will remove FishEye and Crucible later on when we are happy that nothing else broke or is missing in Jira. >> >> -- >> Jerry Lundstr?m - OpenDNSSEC Developer >> http://www.opendnssec.org/ >> _______________________________________________ >> Opendnssec-develop mailing list >> Opendnssec-develop at lists.opendnssec.org >> https://lists.opendnssec.org/mailman/listinfo/opendnssec-develop > _______________________________________________ > Opendnssec-develop mailing list > Opendnssec-develop at lists.opendnssec.org > https://lists.opendnssec.org/mailman/listinfo/opendnssec-develop From jerry at opendnssec.org Fri Mar 14 12:28:39 2014 From: jerry at opendnssec.org (=?ISO-8859-1?Q?Jerry_Lundstr=F6m?=) Date: Fri, 14 Mar 2014 13:28:39 +0100 Subject: [Opendnssec-develop] FishEye and Crucible will be disabled today In-Reply-To: <5322F542.7000906@nominet.org.uk> References: <5322F542.7000906@nominet.org.uk> Message-ID: On Fri, Mar 14, 2014 at 1:25 PM, Si?n Lloyd wrote: > > I agree. Can we at least keep it in parallel for a few months and then > decide if it is still useful or not? > If we are to keep it just to browse code it will be one VERY expensive code browser, I do not know how SURFnet feels about that since they are paying for it. -- Jerry Lundstr?m - OpenDNSSEC Developer http://www.opendnssec.org/ -------------- next part -------------- An HTML attachment was scrubbed... URL: From sion at nominet.org.uk Fri Mar 14 12:33:40 2014 From: sion at nominet.org.uk (=?ISO-8859-1?Q?Si=F4n_Lloyd?=) Date: Fri, 14 Mar 2014 12:33:40 +0000 Subject: [Opendnssec-develop] FishEye and Crucible will be disabled today In-Reply-To: References: <5322F542.7000906@nominet.org.uk> Message-ID: <5322F724.7050003@nominet.org.uk> On 14/03/14 12:28, Jerry Lundstr?m wrote: > On Fri, Mar 14, 2014 at 1:25 PM, Si?n Lloyd > wrote: > > > I agree. Can we at least keep it in parallel for a few months and then > decide if it is still useful or not? > > > If we are to keep it just to browse code it will be one VERY expensive > code browser, I do not know how SURFnet feels about that since they > are paying for it. > Okay, so there is more going on here than I was aware of. If our licence has expired and the cost of renewal is prohibitive then fair enough. -------------- next part -------------- An HTML attachment was scrubbed... URL: From sara at sinodun.com Fri Mar 14 17:14:56 2014 From: sara at sinodun.com (Sara Dickinson) Date: Fri, 14 Mar 2014 17:14:56 +0000 Subject: [Opendnssec-develop] 1.4.4 release candidate In-Reply-To: <1BA2BB37-78B8-49E2-87D4-AF62EACDA011@sinodun.com> References: <1BA2BB37-78B8-49E2-87D4-AF62EACDA011@sinodun.com> Message-ID: <71203EA4-FA09-4AEE-B1A0-4B292F30A919@sinodun.com> Hi All, Update: we have one pull request awaiting merge and then this release is ready. I should have time to do a release announce on Monday so the release should go out then. Sara. On 11 Mar 2014, at 15:47, Sara Dickinson wrote: > Hi All, > > I?d like to try to target a 1.4.4 release candidate for Friday of this week: > > https://issues.opendnssec.org/secure/RapidBoard.jspa?rapidView=10&selected&sprint=7 > > I think we should have the outstanding issues completed by then. Let me know if you think this will be a problem. > > Regards > > Sara. > > _______________________________________________ > Opendnssec-develop mailing list > Opendnssec-develop at lists.opendnssec.org > https://lists.opendnssec.org/mailman/listinfo/opendnssec-develop From Roland.vanRijswijk at surfnet.nl Sat Mar 15 15:07:09 2014 From: Roland.vanRijswijk at surfnet.nl (Roland van Rijswijk - Deij) Date: Sat, 15 Mar 2014 16:07:09 +0100 Subject: [Opendnssec-develop] FishEye and Crucible will be disabled today In-Reply-To: <5322F724.7050003@nominet.org.uk> References: <5322F542.7000906@nominet.org.uk> <5322F724.7050003@nominet.org.uk> Message-ID: <53246C9D.1040107@surfnet.nl> Hi Si?n, Si?n Lloyd wrote: > On 14/03/14 12:28, Jerry Lundstr?m wrote: >> On Fri, Mar 14, 2014 at 1:25 PM, Si?n Lloyd > > wrote: >> >> >> I agree. Can we at least keep it in parallel for a few months and then >> decide if it is still useful or not? >> >> >> If we are to keep it just to browse code it will be one VERY expensive >> code browser, I do not know how SURFnet feels about that since they >> are paying for it. >> > > Okay, so there is more going on here than I was aware of. > > If our licence has expired and the cost of renewal is prohibitive then > fair enough. It's not so much the cost of the licence, but more the cost of performing the upgrade. The licence is a free OSS one from Atlassian. Cheers, Roland -- -- Roland M. van Rijswijk - Deij -- SURFnet bv -- w: http://www.surfnet.nl/en/ -- t: +31-30-2305388 -- e: roland.vanrijswijk at surfnet.nl From jerry at opendnssec.org Mon Mar 17 09:47:46 2014 From: jerry at opendnssec.org (=?iso-8859-1?Q?Jerry_Lundstr=F6m?=) Date: Mon, 17 Mar 2014 10:47:46 +0100 Subject: [Opendnssec-develop] 1.4.4 release candidate In-Reply-To: <71203EA4-FA09-4AEE-B1A0-4B292F30A919@sinodun.com> References: <1BA2BB37-78B8-49E2-87D4-AF62EACDA011@sinodun.com> <71203EA4-FA09-4AEE-B1A0-4B292F30A919@sinodun.com> Message-ID: <251C0805-922D-4FBE-BBB6-D19BB4D94E6D@opendnssec.org> On 14 Mar 2014, at 18:14 , Sara Dickinson wrote: > Update: we have one pull request awaiting merge and then this release is ready. I should have time to do a release announce on Monday so the release should go out then. Tar-balls done: https://dist.opendnssec.org/source/testing/opendnssec-1.4.4rc1.tar.gz https://dist.opendnssec.org/source/testing/opendnssec-1.4.4rc1.tar.gz.sig SHA1 b0618c9101c05c910ec5fa51781d992e9810eab7 SHA256 4dea873ae6523f7ee3ef834ffd1709a21304de0837dc74b9d93236eba0429dd8 -- Jerry Lundstr?m - OpenDNSSEC Developer http://www.opendnssec.org/ -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 625 bytes Desc: Message signed with OpenPGP using GPGMail URL: From sara at sinodun.com Mon Mar 17 10:10:59 2014 From: sara at sinodun.com (Sara Dickinson) Date: Mon, 17 Mar 2014 10:10:59 +0000 Subject: [Opendnssec-develop] OpenDNSSEC 1.4.4rc1 release candidate Message-ID: <3F1B3601-0E4F-405D-87E3-7BD3C17DB3BB@sinodun.com> All, Version 1.4.4rc1 of OpenDNSSEC is now available. This is a release candidate for testing purposes: OpenDNSSEC 1.4.4rc1 -------------------------------- Updates: * SUPPORT-114: libhsm: Optimize storage in HSM by deleting the public key directly if SkipPublicKey is used [OPENDNSSEC-574]. * OPENDNSSEC-358: ods-ksmutil: Extend 'key list' command with options to filter on key type and state. This allows keys in the GENERATE and DEAD state to be output. * OPENDNSSEC-549: Signer Engine: Put NSEC3 records on empty non-terminals derived from unsigned delegations (be compatible with servers that are incompatible with RFC 5155 errata 3441). Bugfixes: * SUPPORT-86: Fixed build on OS X [OPENDNSSEC-512]. * SUPPORT-97: Signer Engine: Fix after restart signer thinks zone has expired [OPENDNSSEC-526]. * SUPPORT-101: Signer Engine: Fix multiple zone transfer to single file bug [OPENDNSSEC-529]. * SUPPORT-102: Signer Engine: Fix statistics (count can be negative)/ * SUPPORT-108: Signer Engine: Don't replace tabs in RRs with whitespace [OPENDNSSEC-520]. * SUPPORT-116: ods-ksmutil: 'key import' date validation fails on certain dates [OPENDNSSEC-553]. * SUPPORT-128: ods-ksmutil. Man page had incorrect formatting [OPENDNSSEC-576]. * SUPPORT-127: ods-signer: Fix manpage sections. * OPENDNSSEC-457: ods-ksmutil: Add a check on the 'zone add' input/output type parameter to allow only File or DNS. * OPENDNSSEC-481: libhsm: Fix an off-by-one length check error. * OPENDNSSEC-482: libhsm: Improved cleanup for C_FindObjects. * OPENDNSSEC-531: ods-ksmutil: Exported value of in 'policy export' output could be wrong on MySQL. * OPENDNSSEC-537: libhsm: Possible memory corruption in hsm_get_slot_id. * OPENDNSSEC-544: Signer Engine: Fix assertion error that happens on an IXFR request with EDNS. * OPENDNSSEC-546: enforcer & ods-ksmutil: Improve logging on key creation and alloctaion. * OPENDNSSEC-560: Signer Engine: Don't crash when unsigned zone has no SOA. * Signer Engine: Fix a race condition when stopping daemon. Download: * https://dist.opendnssec.org/source/testing/opendnssec-1.4.4rc1.tar.gz * https://dist.opendnssec.org/source/testing/opendnssec-1.4.4rc1.tar.gz.sig * Checksum sha1: b0618c9101c05c910ec5fa51781d992e9810eab7 * Checksum sha256: 4dea873ae6523f7ee3ef834ffd1709a21304de0837dc74b9d93236eba0429dd8 A full OpenDNSSEC 1.4.4 release is planned for Monday 24th March. //OpenDNSSEC team From jaap at NLnetLabs.nl Mon Mar 17 11:57:22 2014 From: jaap at NLnetLabs.nl (Jaap Akkerhuis) Date: Mon, 17 Mar 2014 12:57:22 +0100 Subject: [Opendnssec-develop] Re: [Opendnssec-maintainers] OpenDNSSEC 1.4.4rc1 release candidate In-Reply-To: <3F1B3601-0E4F-405D-87E3-7BD3C17DB3BB@sinodun.com> References: <3F1B3601-0E4F-405D-87E3-7BD3C17DB3BB@sinodun.com> Message-ID: <201403171157.s2HBvMhF051929@bela.nlnetlabs.nl> All, Version 1.4.4rc1 of OpenDNSSEC is now available. This is a release candidate for testing purposes: I notice that the README file in the top directory disappeared. Is this on purpose? jaap From jerry at opendnssec.org Mon Mar 17 12:05:09 2014 From: jerry at opendnssec.org (=?iso-8859-1?Q?Jerry_Lundstr=F6m?=) Date: Mon, 17 Mar 2014 13:05:09 +0100 Subject: [Opendnssec-develop] Re: [Opendnssec-maintainers] OpenDNSSEC 1.4.4rc1 release candidate In-Reply-To: <201403171157.s2HBvMhF051929@bela.nlnetlabs.nl> References: <3F1B3601-0E4F-405D-87E3-7BD3C17DB3BB@sinodun.com> <201403171157.s2HBvMhF051929@bela.nlnetlabs.nl> Message-ID: On 17 Mar 2014, at 12:57 , Jaap Akkerhuis wrote: > I notice that the README file in the top directory disappeared. Is > this on purpose? No, it has been renamed to README.md and was missed in the make dist. I will make a rc2 with it shortly. -- Jerry Lundstr?m - OpenDNSSEC Developer http://www.opendnssec.org/ -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 625 bytes Desc: Message signed with OpenPGP using GPGMail URL: From jerry at opendnssec.org Mon Mar 17 12:18:47 2014 From: jerry at opendnssec.org (=?iso-8859-1?Q?Jerry_Lundstr=F6m?=) Date: Mon, 17 Mar 2014 13:18:47 +0100 Subject: [Opendnssec-develop] Re: [Opendnssec-maintainers] OpenDNSSEC 1.4.4rc1 release candidate In-Reply-To: References: <3F1B3601-0E4F-405D-87E3-7BD3C17DB3BB@sinodun.com> <201403171157.s2HBvMhF051929@bela.nlnetlabs.nl> Message-ID: <8DC02275-1AD7-42BB-A660-34BAEE198BAD@opendnssec.org> On 17 Mar 2014, at 13:05 , Jerry Lundstr?m wrote: > I will make a rc2 with it shortly. 1.4.4rc2 is now available with the missing README.md . https://dist.opendnssec.org/source/testing/opendnssec-1.4.4rc2.tar.gz https://dist.opendnssec.org/source/testing/opendnssec-1.4.4rc2.tar.gz.sig SHA1 2606427bdb935ab9c8b5e5e75cf48b424e9ac4dc SHA256 7d38db5a098f76a460b1b7d01c275cfddc08880b83ccd723ffa4fa9824500aa2 -- Jerry Lundstr?m - OpenDNSSEC Developer http://www.opendnssec.org/ -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 625 bytes Desc: Message signed with OpenPGP using GPGMail URL: From jerry at opendnssec.org Wed Mar 19 16:27:20 2014 From: jerry at opendnssec.org (=?ISO-8859-1?Q?Jerry_Lundstr=F6m?=) Date: Wed, 19 Mar 2014 17:27:20 +0100 Subject: [Opendnssec-develop] Jenkins will be moved to .SE on Friday 21/3 Message-ID: <4662325519985652945@unknownmsgid> Hi, John needs the server for other stuff and we have been wanting to move it anyway so its going to happen on Friday. Expect a few hours downtime for it and the build bot. -- Jerry Lundstr?m - OpenDNSSEC Developer http://www.opendnssec.org/ -------------- next part -------------- An HTML attachment was scrubbed... URL: From sara at sinodun.com Wed Mar 19 16:29:24 2014 From: sara at sinodun.com (Sara Dickinson) Date: Wed, 19 Mar 2014 16:29:24 +0000 Subject: [Opendnssec-develop] RE: Team meeting - Thursday 20 Mar @ 16:00 CET Message-ID: <634DA39F-0AE7-4A52-AEB5-3DB6E1B1E87A@sinodun.com> Hi All, We have a team meeting tomorrow - Note the later time of 16:00 CET. For those in China, apologies, this is very late for you. Please do _not_ feel you must attend! If you have anything you would like to discuss then please just let me know separately. - Also note that we will use the _new_ teamspeak server hosted by .SE - details are on the wiki page below. Date: Thursday 20 Mar 2014 Time: 16:00-15:00 CET, 15:00-14:00 GMT, 23:00-24:00 CST, 15:00-16:00 UTC Method: Teamspeak (https://wiki.opendnssec.org/display/OpenDNSSEC/Conference+call+details) Agenda: https://wiki.opendnssec.org/display/OpenDNSSEC/2014-03-20+Agenda Regards Sara. From sara at sinodun.com Thu Mar 20 10:34:08 2014 From: sara at sinodun.com (Sara Dickinson) Date: Thu, 20 Mar 2014 10:34:08 +0000 Subject: Fwd: [Opendnssec-develop] Team meeting - Thursday 20 Mar @ 16:00 CET References: <634DA39F-0AE7-4A52-AEB5-3DB6E1B1E87A@sinodun.com> Message-ID: <3E6163DD-E6A3-4AA7-8B95-DB41AF4306D2@sinodun.com> Begin forwarded message: > From: Sara Dickinson > Subject: [Opendnssec-develop] RE: Team meeting - Thursday 20 Mar @ 16:00 CET > Date: 19 March 2014 16:29:24 GMT > To: Opd Dev > > Hi All, > > We have a team meeting tomorrow > > Time: 16:00-15:00 CET, 15:00-14:00 GMT, 23:00-24:00 CST, 15:00-16:00 UTC The eagle eyed among you will have spotted that time appears to be going backwards in Europe and the UK today? The meeting times are in fact: 16:00-17:00 CET, 15:00-16:00 GMT, 23:00-24:00 CST, 15:00-16:00 UTC Sara. From sara at sinodun.com Thu Mar 20 18:03:50 2014 From: sara at sinodun.com (Sara Dickinson) Date: Thu, 20 Mar 2014 18:03:50 +0000 Subject: Fwd: [Opendnssec-develop] Team meeting - Thursday 20 Mar @ 16:00 CET References: <3E6163DD-E6A3-4AA7-8B95-DB41AF4306D2@sinodun.com> Message-ID: <67F0E0C9-DF13-4C6D-A0F2-B6DADC5F519A@sinodun.com> Hi All, The minutes from the meeting today are available for review: https://wiki.opendnssec.org/display/OpenDNSSEC/2014-03-20+Minutes The next team meeting is scheduled for (note that the clocks change in both Europe and the UK between now and that meeting): Date: Tuesday 8 Apr 2014 Time: 14:00-15:00 CEST, 13:00-14:00 BST, 20:00-21:00 CST, 12:00-13:00 UTC Sara. -------------- next part -------------- A non-text attachment was scrubbed... Name: OpenDNSSEC meeting.ics Type: text/calendar Size: 710 bytes Desc: not available URL: -------------- next part -------------- Begin forwarded message: > From: Sara Dickinson > Subject: Fwd: [Opendnssec-develop] Team meeting - Thursday 20 Mar @ 16:00 CET > Date: 20 March 2014 10:34:08 GMT > To: Opd Dev > > > > Begin forwarded message: > >> From: Sara Dickinson >> Subject: [Opendnssec-develop] RE: Team meeting - Thursday 20 Mar @ 16:00 CET >> Date: 19 March 2014 16:29:24 GMT >> To: Opd Dev >> >> Hi All, >> >> We have a team meeting tomorrow >> >> Time: 16:00-15:00 CET, 15:00-14:00 GMT, 23:00-24:00 CST, 15:00-16:00 UTC > > The eagle eyed among you will have spotted that time appears to be going backwards in Europe and the UK today? The meeting times are in fact: > > 16:00-17:00 CET, 15:00-16:00 GMT, 23:00-24:00 CST, 15:00-16:00 UTC > > Sara. > > _______________________________________________ > Opendnssec-develop mailing list > Opendnssec-develop at lists.opendnssec.org > https://lists.opendnssec.org/mailman/listinfo/opendnssec-develop From rickard at opendnssec.org Fri Mar 21 06:58:28 2014 From: rickard at opendnssec.org (Rickard Bellgrim) Date: Fri, 21 Mar 2014 07:58:28 +0100 Subject: [Opendnssec-develop] Building SoftHSMv2 on sparc sun4v Message-ID: Hi I would like some help to test SOFTHSM-39 in a sun environment. Does anyone have this environment? I have some proposed patches here: https://github.com/bellgrim/SoftHSMv2/tree/SOFTHSM-39 // Rickard -------------- next part -------------- An HTML attachment was scrubbed... URL: From jerry at opendnssec.org Fri Mar 21 07:07:19 2014 From: jerry at opendnssec.org (=?ISO-8859-1?Q?Jerry_Lundstr=F6m?=) Date: Fri, 21 Mar 2014 08:07:19 +0100 Subject: [Opendnssec-develop] Building SoftHSMv2 on sparc sun4v In-Reply-To: References: Message-ID: On Fri, Mar 21, 2014 at 7:58 AM, Rickard Bellgrim wrote: > > I would like some help to test SOFTHSM-39 in a sun environment. Does > anyone have this environment? > I will set up an account for you on our sparc box. -- Jerry Lundstr?m - OpenDNSSEC Developer http://www.opendnssec.org/ -------------- next part -------------- An HTML attachment was scrubbed... URL: From rickard at opendnssec.org Fri Mar 21 07:33:13 2014 From: rickard at opendnssec.org (Rickard Bellgrim) Date: Fri, 21 Mar 2014 08:33:13 +0100 Subject: [Opendnssec-develop] Building SoftHSMv2 on sparc sun4v In-Reply-To: References: Message-ID: On Fri, Mar 21, 2014 at 8:07 AM, Jerry Lundstr?m wrote: > On Fri, Mar 21, 2014 at 7:58 AM, Rickard Bellgrim wrote: > >> >> I would like some help to test SOFTHSM-39 in a sun environment. Does >> anyone have this environment? >> > > I will set up an account for you on our sparc box. > Thank you! -------------- next part -------------- An HTML attachment was scrubbed... URL: From jerry at opendnssec.org Fri Mar 21 08:00:49 2014 From: jerry at opendnssec.org (=?ISO-8859-1?Q?Jerry_Lundstr=F6m?=) Date: Fri, 21 Mar 2014 09:00:49 +0100 Subject: [Opendnssec-develop] About smoke/daily/weekly tests... Message-ID: Hi all, So about this with the test grouping, we have been talking that we want to test daily also in the pull requests and really that we want to test everything before merging. So how about we make it easy and instead of chaining daily/mysql/etc in we merge all tests and skip the grouping. This gives us one directory with all tests and we run them on every pull request. Pros: - Easier to manage Cons: - Tests take longer time to run (but we want to test everything anyway so it is going to take some time and this can be resolved by adding resources (which I am looking at)) 2c? comments? thoughts? ok? -- Jerry Lundstr?m - OpenDNSSEC Developer http://www.opendnssec.org/ -------------- next part -------------- An HTML attachment was scrubbed... URL: From matthijs at nlnetlabs.nl Fri Mar 21 08:44:51 2014 From: matthijs at nlnetlabs.nl (Matthijs Mekking) Date: Fri, 21 Mar 2014 09:44:51 +0100 Subject: [Opendnssec-develop] About smoke/daily/weekly tests... In-Reply-To: References: Message-ID: <532BFC03.5000300@nlnetlabs.nl> Hi, On 03/21/2014 09:00 AM, Jerry Lundstr?m wrote: > Hi all, > > So about this with the test grouping, we have been talking that we want > to test daily also in the pull requests and really that we want to test > everything before merging. > > So how about we make it easy and instead of chaining daily/mysql/etc in > we merge all tests and skip the grouping. > > This gives us one directory with all tests and we run them on every pull > request. > > Pros: > - Easier to manage > > Cons: > - Tests take longer time to run (but we want to test everything anyway > so it is going to take some time and this can be resolved by adding > resources (which I am looking at)) > > 2c? comments? thoughts? ok? I think it would be good to have the granularity between smoke and daily. I would call #build to run the smoke tests. Once I am satisfied (or rather: the bot is satisfied), I call #build-daily. Because other users also wait on the bot, this could be scheduled the first upcoming evening/midnight. Drawback of that is that it will take you a long time to see if something is wrong in the daily tests (but we have that now too). Best regards, Matthijs > > -- > Jerry Lundstr?m - OpenDNSSEC Developer > http://www.opendnssec.org/ > > > _______________________________________________ > Opendnssec-develop mailing list > Opendnssec-develop at lists.opendnssec.org > https://lists.opendnssec.org/mailman/listinfo/opendnssec-develop > From jerry at opendnssec.org Fri Mar 21 09:19:54 2014 From: jerry at opendnssec.org (=?iso-8859-1?Q?Jerry_Lundstr=F6m?=) Date: Fri, 21 Mar 2014 10:19:54 +0100 Subject: [Opendnssec-develop] About smoke/daily/weekly tests... In-Reply-To: <532BFC03.5000300@nlnetlabs.nl> References: <532BFC03.5000300@nlnetlabs.nl> Message-ID: <23B4ED7B-9354-44BF-B1AE-E0DBBF94298E@opendnssec.org> On 21 Mar 2014, at 09:44 , Matthijs Mekking wrote: > I think it would be good to have the granularity between smoke and > daily. I would call #build to run the smoke tests. Once I am satisfied > (or rather: the bot is satisfied), I call #build-daily. > > Because other users also wait on the bot, this could be scheduled the > first upcoming evening/midnight. Drawback of that is that it will take > you a long time to see if something is wrong in the daily tests (but we > have that now too). That is a resource issue and can be resolved by adding more. We have received access to SURFnet?s new OpenStack and I will soon add a set of platforms to that cloud and add them into Jenkins. This will make Jenkins able to run 2 pull requests tests at the same time. If we ask for more resources in that cloud we could dynamically manage the number of instances running so that we always have one on standby but can start 3-4 to be able to test that many pull requests at the same time. If this was the case would you still want the granularity? -- Jerry Lundstr?m - OpenDNSSEC Developer http://www.opendnssec.org/ -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 625 bytes Desc: Message signed with OpenPGP using GPGMail URL: From matthijs at nlnetlabs.nl Fri Mar 21 10:13:06 2014 From: matthijs at nlnetlabs.nl (Matthijs Mekking) Date: Fri, 21 Mar 2014 11:13:06 +0100 Subject: [Opendnssec-develop] About smoke/daily/weekly tests... In-Reply-To: <23B4ED7B-9354-44BF-B1AE-E0DBBF94298E@opendnssec.org> References: <532BFC03.5000300@nlnetlabs.nl> <23B4ED7B-9354-44BF-B1AE-E0DBBF94298E@opendnssec.org> Message-ID: <532C10B2.1040006@nlnetlabs.nl> On 03/21/2014 10:19 AM, Jerry Lundstr?m wrote: > On 21 Mar 2014, at 09:44 , Matthijs Mekking wrote: > >> I think it would be good to have the granularity between smoke and >> daily. I would call #build to run the smoke tests. Once I am satisfied >> (or rather: the bot is satisfied), I call #build-daily. >> >> Because other users also wait on the bot, this could be scheduled the >> first upcoming evening/midnight. Drawback of that is that it will take >> you a long time to see if something is wrong in the daily tests (but we >> have that now too). > > That is a resource issue and can be resolved by adding more. > > We have received access to SURFnet?s new OpenStack and I will soon add a set of platforms to that cloud and add them into Jenkins. This will make Jenkins able to run 2 pull requests tests at the same time. If we ask for more resources in that cloud we could dynamically manage the number of instances running so that we always have one on standby but can start 3-4 to be able to test that many pull requests at the same time. > > If this was the case would you still want the granularity? Yes please:) (for the first reason) > > -- > Jerry Lundstr?m - OpenDNSSEC Developer > http://www.opendnssec.org/ > > > > _______________________________________________ > Opendnssec-develop mailing list > Opendnssec-develop at lists.opendnssec.org > https://lists.opendnssec.org/mailman/listinfo/opendnssec-develop > From rickard at opendnssec.org Fri Mar 21 13:00:54 2014 From: rickard at opendnssec.org (Rickard Bellgrim) Date: Fri, 21 Mar 2014 14:00:54 +0100 Subject: [Opendnssec-develop] SoftHSM 2.0.0a2 Message-ID: Hi I think we can release a second alpha version. There are no bugs or similar that needs to be fixed before this release. All the changes are available in the NEWS file. // Rickard -------------- next part -------------- An HTML attachment was scrubbed... URL: From sara at sinodun.com Fri Mar 21 14:10:52 2014 From: sara at sinodun.com (Sara Dickinson) Date: Fri, 21 Mar 2014 14:10:52 +0000 Subject: [Opendnssec-develop] About smoke/daily/weekly tests... In-Reply-To: <532C10B2.1040006@nlnetlabs.nl> References: <532BFC03.5000300@nlnetlabs.nl> <23B4ED7B-9354-44BF-B1AE-E0DBBF94298E@opendnssec.org> <532C10B2.1040006@nlnetlabs.nl> Message-ID: <1AEBC4AA-3A9C-4352-8C23-1AB32791FB67@sinodun.com> On 21 Mar 2014, at 10:13, Matthijs Mekking wrote: >> If this was the case would you still want the granularity? > > Yes please:) (for the first reason) +1. I like the idea of keeping the granularity in the test cases because the smoke and daily do have different coverage (core success cases vs advanced/corner/failure cases) and then using different build bot commands to achieve the flexibility needed #build_smoke #build_daily #build_all Sara. From sara at sinodun.com Fri Mar 21 14:16:54 2014 From: sara at sinodun.com (Sara Dickinson) Date: Fri, 21 Mar 2014 14:16:54 +0000 Subject: [Opendnssec-develop] SoftHSM 2.0.0a2 In-Reply-To: References: Message-ID: On 21 Mar 2014, at 13:00, Rickard Bellgrim wrote: > Hi > > I think we can release a second alpha version. There are no bugs or similar that needs to be fixed before this release. All the changes are available in the NEWS file. > So do you want Jerry to go ahead and make a tar ball and me to do the announce, etc? I can do that on Monday or Tuesday next week if you like. Is there a list of functionality that still needs to be added between now and beta that could also be published? Sara. From jerry at opendnssec.org Fri Mar 21 15:04:16 2014 From: jerry at opendnssec.org (=?iso-8859-1?Q?Jerry_Lundstr=F6m?=) Date: Fri, 21 Mar 2014 16:04:16 +0100 Subject: [Opendnssec-develop] Re: Jenkins will be moved to .SE on Friday 21/3 In-Reply-To: <4662325519985652945@unknownmsgid> References: <4662325519985652945@unknownmsgid> Message-ID: <96AE8070-8C77-42F0-9F83-4798D1089E28@opendnssec.org> Hi, On 19 Mar 2014, at 17:27 , Jerry Lundstr?m wrote: > John needs the server for other stuff and we have been wanting to move it anyway so its going to happen on Friday. > Expect a few hours downtime for it and the build bot. The new Jenkins is up but there currently seems to be some problems with the platforms, folders that I remove reappears after a while. I will continue this work next week but for now both Jenkins and the build bot is down. -- Jerry Lundstr?m - OpenDNSSEC Developer http://www.opendnssec.org/ -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 625 bytes Desc: Message signed with OpenPGP using GPGMail URL: From rickard at opendnssec.org Fri Mar 21 15:54:58 2014 From: rickard at opendnssec.org (Rickard Bellgrim) Date: Fri, 21 Mar 2014 16:54:58 +0100 Subject: [Opendnssec-develop] SoftHSM 2.0.0a2 In-Reply-To: References: Message-ID: > > So do you want Jerry to go ahead and make a tar ball and me to do the > announce, etc? I can do that on Monday or Tuesday next week if you like. > Yes, please go ahead > Is there a list of functionality that still needs to be added between now > and beta that could also be published? Everything is in Jira. There are 8 items for 2.0.0. // Rickard -------------- next part -------------- An HTML attachment was scrubbed... URL: From sara at sinodun.com Mon Mar 24 11:00:05 2014 From: sara at sinodun.com (Sara Dickinson) Date: Mon, 24 Mar 2014 11:00:05 +0000 Subject: [Opendnssec-develop] RE: OpenDNSSEC 1.4.4 and SoftHSM 2.0.0a2 releases Message-ID: <48BBA896-A58D-4E35-8005-45B21E690153@sinodun.com> Hi All, I?m not aware of any issues with the 1.4.4 release candidate so I think we are good to go ahead with a full release today. Jerry could you please make OpenDNSSEC 1.4.4 and SoftHSM 2.0.0a2 tarballs as soon as is convenient? Regards Sara. From jerry at opendnssec.org Mon Mar 24 11:30:41 2014 From: jerry at opendnssec.org (=?iso-8859-1?Q?Jerry_Lundstr=F6m?=) Date: Mon, 24 Mar 2014 12:30:41 +0100 Subject: [Opendnssec-develop] Re: OpenDNSSEC 1.4.4 and SoftHSM 2.0.0a2 releases In-Reply-To: <48BBA896-A58D-4E35-8005-45B21E690153@sinodun.com> References: <48BBA896-A58D-4E35-8005-45B21E690153@sinodun.com> Message-ID: On 24 Mar 2014, at 12:00 , Sara Dickinson wrote: > Jerry could you please make OpenDNSSEC 1.4.4 and SoftHSM 2.0.0a2 tarballs as soon as is convenient? It will be done at the latests tomorrow. -- Jerry Lundstr?m - OpenDNSSEC Developer http://www.opendnssec.org/ -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 625 bytes Desc: Message signed with OpenPGP using GPGMail URL: From jerry at opendnssec.org Mon Mar 24 13:33:45 2014 From: jerry at opendnssec.org (=?iso-8859-1?Q?Jerry_Lundstr=F6m?=) Date: Mon, 24 Mar 2014 14:33:45 +0100 Subject: [Opendnssec-develop] Re: Jenkins will be moved to .SE on Friday 21/3 In-Reply-To: <96AE8070-8C77-42F0-9F83-4798D1089E28@opendnssec.org> References: <4662325519985652945@unknownmsgid> <96AE8070-8C77-42F0-9F83-4798D1089E28@opendnssec.org> Message-ID: On 21 Mar 2014, at 16:04 , Jerry Lundstr?m wrote: > I will continue this work next week but for now both Jenkins and the build bot is down. The new Jenkins is now up and DNS should point to the new address any minute. This Jenkins has been configured from a clean installation so all previous accounts are gone and with pull requests and the build bot there should not be any need. Build bot is still down! -- Jerry Lundstr?m - OpenDNSSEC Developer http://www.opendnssec.org/ -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 625 bytes Desc: Message signed with OpenPGP using GPGMail URL: From jerry at opendnssec.org Mon Mar 24 14:33:07 2014 From: jerry at opendnssec.org (=?iso-8859-1?Q?Jerry_Lundstr=F6m?=) Date: Mon, 24 Mar 2014 15:33:07 +0100 Subject: [Opendnssec-develop] Re: Jenkins will be moved to .SE on Friday 21/3 In-Reply-To: References: <4662325519985652945@unknownmsgid> <96AE8070-8C77-42F0-9F83-4798D1089E28@opendnssec.org> Message-ID: <133064D8-2112-4DC6-AB96-CA63BC508855@opendnssec.org> On 24 Mar 2014, at 14:33 , Jerry Lundstr?m wrote: > Build bot is still down! It?s ALIVE! -- Jerry Lundstr?m - OpenDNSSEC Developer http://www.opendnssec.org/ -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 625 bytes Desc: Message signed with OpenPGP using GPGMail URL: From jerry at opendnssec.org Tue Mar 25 10:02:32 2014 From: jerry at opendnssec.org (=?iso-8859-1?Q?Jerry_Lundstr=F6m?=) Date: Tue, 25 Mar 2014 11:02:32 +0100 Subject: [Opendnssec-develop] Re: OpenDNSSEC 1.4.4 and SoftHSM 2.0.0a2 releases In-Reply-To: <48BBA896-A58D-4E35-8005-45B21E690153@sinodun.com> References: <48BBA896-A58D-4E35-8005-45B21E690153@sinodun.com> Message-ID: On 24 Mar 2014, at 12:00 , Sara Dickinson wrote: > Jerry could you please make OpenDNSSEC 1.4.4 and SoftHSM 2.0.0a2 tarballs as soon as is convenient? https://dist.opendnssec.org/source/opendnssec-1.4.4.tar.gz https://dist.opendnssec.org/source/opendnssec-1.4.4.tar.gz.sig SHA1 c204659dc53d47a16481f19fbc709b292c445c7d SHA256 71f930d871e3526f930ac57925f5d5b934988e0b2e9e858926bfc73d9ba9d00e https://dist.opendnssec.org/source/testing/softhsm-2.0.0a2.tar.gz https://dist.opendnssec.org/source/testing/softhsm-2.0.0a2.tar.gz.sig SHA1 5197835de70eedbf4e33ca3a9b3da8e112e4c85c SHA256 325187ae0823c22c4d3794914edcefef891b1b8021c3d363404d77508f86b9ca -- Jerry Lundstr?m - OpenDNSSEC Developer http://www.opendnssec.org/ -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 625 bytes Desc: Message signed with OpenPGP using GPGMail URL: From sara at sinodun.com Tue Mar 25 15:20:38 2014 From: sara at sinodun.com (Sara Dickinson) Date: Tue, 25 Mar 2014 15:20:38 +0000 Subject: [Opendnssec-develop] OpenDNSSEC 1.4.4 Message-ID: <1B07058C-B088-43EC-BA42-1F92D142D3DA@sinodun.com> All, Version 1.4.4 of OpenDNSSEC has now been released. This is the latest stable release. Updates: * SUPPORT-114: libhsm: Optimize storage in HSM by deleting the public key directly if SkipPublicKey is used [OPENDNSSEC-574]. * OPENDNSSEC-358: ods-ksmutil: Extend 'key list' command with options to filter on key type and state. This allows keys in the GENERATE and DEAD state to be output. * OPENDNSSEC-549: Signer Engine: Put NSEC3 records on empty non-terminals derived from unsigned delegations (be compatible with servers that are incompatible with RFC 5155 errata 3441). Bugfixes: * SUPPORT-86: Fixed build on OS X [OPENDNSSEC-512]. * SUPPORT-97: Signer Engine: Fix after restart signer thinks zone has expired [OPENDNSSEC-526]. * SUPPORT-101: Signer Engine: Fix multiple zone transfer to single file bug [OPENDNSSEC-529]. * SUPPORT-102: Signer Engine: Fix statistics (count can be negative)/ * SUPPORT-108: Signer Engine: Don't replace tabs in RRs with whitespace [OPENDNSSEC-520]. * SUPPORT-116: ods-ksmutil: 'key import' date validation fails on certain dates [OPENDNSSEC-553]. * SUPPORT-128: ods-ksmutil. Man page had incorrect formatting [OPENDNSSEC-576]. * SUPPORT-127: ods-signer: Fix manpage sections. * OPENDNSSEC-457: ods-ksmutil: Add a check on the 'zone add' input/output type parameter to allow only File or DNS. * OPENDNSSEC-481: libhsm: Fix an off-by-one length check error. * OPENDNSSEC-482: libhsm: Improved cleanup for C_FindObjects. * OPENDNSSEC-531: ods-ksmutil: Exported value of in 'policy export' output could be wrong on MySQL. * OPENDNSSEC-537: libhsm: Possible memory corruption in hsm_get_slot_id. * OPENDNSSEC-544: Signer Engine: Fix assertion error that happens on an IXFR request with EDNS. * OPENDNSSEC-546: enforcer & ods-ksmutil: Improve logging on key creation and alloctaion. * OPENDNSSEC-560: Signer Engine: Don't crash when unsigned zone has no SOA. * Signer Engine: Fix a race condition when stopping daemon. Documentation: * http://wiki.opendnssec.org/display/DOCS Download: * https://dist.opendnssec.org/source/opendnssec-1.4.4.tar.gz * https://dist.opendnssec.org/source/opendnssec-1.4.4.tar.gz.sig * Checksum SHA1: c204659dc53d47a16481f19fbc709b292c445c7d * Checksum SHA256: 71f930d871e3526f930ac57925f5d5b934988e0b2e9e858926bfc73d9ba9d00e //OpenDNSSEC team From sara at sinodun.com Tue Mar 25 15:21:12 2014 From: sara at sinodun.com (Sara Dickinson) Date: Tue, 25 Mar 2014 15:21:12 +0000 Subject: [Opendnssec-develop] SoftHSM 2.0.0a2 Message-ID: <05B83DCF-8C7A-40D3-A813-303E320724CC@sinodun.com> All, Version 2.0.0a2 of SoftHSM has now been released. This is a development release for testing and evaluation purposes only. Updates: * SOFTHSM-68: Display a better configure message when there is a version of Botan with a broken ECC/GOST/OID implementation. * SOFTHSM-70: Improved handling of the database backend. * SOFTHSM-71: Supporting Botan 1.11. * SOFTHSM-76: Do not generate RSA keys smaller than 1024 bit when using the Botan crypto backend. * SOFTHSM-83: Support CKA_VALUE_BITS for CKK_DH private key object. * SOFTHSM-85: Rename libsofthsm.so to libsofthsm2.so and prefix the command line utilties with softhsm2-. * SOFTHSM-89: Use constants and not strings for signaling algorithms. * SUPPORT-129: Possible to use an empty template in C_GenerateKey. The class and key type are inherited from the generation mechanism. Some mechanisms do however require a length attribute. [SOFTHSM-88] * SUPPORT-131: Support RSA-PSS using SHA1, SHA224, SHA256, SHA384, or SHA512. [SOFTHSM-87] Bugfixes: * SOFTHSM-39: Fix 64 bit build on sparc sun4v. * SOFTHSM-69: GOST did not work when you disabled ECC. * SOFTHSM-78: Correct the attribute checks for a number of objects. * SOFTHSM-80: Prevent segfault in OpenSSL GOST HMAC code. * SOFTHSM-91: Fix a warning from static code analysis. * Fixed a number of memory leaks. Documentation: * https://wiki.opendnssec.org/display/SoftHSMDOCS/SoftHSM+Documentation+v2.0 Download: * https://dist.opendnssec.org/source/testing/softhsm-2.0.0a2.tar.gz * https://dist.opendnssec.org/source/testing/softhsm-2.0.0a2.tar.gz.sig * Checksum SHA1: 5197835de70eedbf4e33ca3a9b3da8e112e4c85c * Checksum SHA256: 325187ae0823c22c4d3794914edcefef891b1b8021c3d363404d77508f86b9ca GitHub tag: https://github.com/opendnssec/SoftHSMv2/releases/tag/2.0.0a2 //OpenDNSSEC team From jad at sinodun.com Tue Mar 25 18:18:00 2014 From: jad at sinodun.com (John Dickinson) Date: Tue, 25 Mar 2014 18:18:00 +0000 Subject: [Opendnssec-develop] Jenkins will be moved to .SE on Friday 21/3 In-Reply-To: References: <4662325519985652945@unknownmsgid> <96AE8070-8C77-42F0-9F83-4798D1089E28@opendnssec.org> Message-ID: Hi, Thanks for this. You need a redirect from http to https. Also maybe user accounts will be needed to create new tests manually run stuff? regards John On 24 Mar 2014, at 13:33, Jerry Lundstr?m wrote: > On 21 Mar 2014, at 16:04 , Jerry Lundstr?m wrote: > >> I will continue this work next week but for now both Jenkins and the build bot is down. > > The new Jenkins is now up and DNS should point to the new address any minute. > > This Jenkins has been configured from a clean installation so all previous accounts are gone and with pull requests and the build bot there should not be any need. > > Build bot is still down! > > -- > Jerry Lundstr?m - OpenDNSSEC Developer > http://www.opendnssec.org/ > > _______________________________________________ > Opendnssec-develop mailing list > Opendnssec-develop at lists.opendnssec.org > https://lists.opendnssec.org/mailman/listinfo/opendnssec-develop -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 841 bytes Desc: Message signed with OpenPGP using GPGMail URL: From jerry at opendnssec.org Tue Mar 25 19:20:03 2014 From: jerry at opendnssec.org (=?ISO-8859-1?Q?Jerry_Lundstr=F6m?=) Date: Tue, 25 Mar 2014 20:20:03 +0100 Subject: [Opendnssec-develop] Jenkins will be moved to .SE on Friday 21/3 In-Reply-To: References: <4662325519985652945@unknownmsgid> <96AE8070-8C77-42F0-9F83-4798D1089E28@opendnssec.org> Message-ID: On Tue, Mar 25, 2014 at 7:18 PM, John Dickinson wrote: > > You need a redirect from http to https. Also maybe user accounts will be > needed to create new tests manually run stuff? > Its HTTPS only, so just use https:// . There is no need for user accounts anymore since everything should be run through pull requests and the build bot. -- Jerry Lundstr?m - OpenDNSSEC Developer http://www.opendnssec.org/ -------------- next part -------------- An HTML attachment was scrubbed... URL: From yuri at nlnetlabs.nl Tue Mar 25 21:38:51 2014 From: yuri at nlnetlabs.nl (Yuri Schaeffer) Date: Tue, 25 Mar 2014 22:38:51 +0100 Subject: [Opendnssec-develop] Jenkins will be moved to .SE on Friday 21/3 In-Reply-To: References: <4662325519985652945@unknownmsgid> <96AE8070-8C77-42F0-9F83-4798D1089E28@opendnssec.org> Message-ID: <5331F76B.1090204@nlnetlabs.nl> > There is no need for user accounts anymore since everything should be > run through pull requests and the build bot. What about my builds lately where the daemon locked up on freebsd? That never ending test clogged up the queue for further pull requests. Alternatively a #kill command for the bot would work as well. //Yuri From jerry at opendnssec.org Wed Mar 26 06:15:01 2014 From: jerry at opendnssec.org (=?ISO-8859-1?Q?Jerry_Lundstr=F6m?=) Date: Wed, 26 Mar 2014 07:15:01 +0100 Subject: [Opendnssec-develop] Jenkins will be moved to .SE on Friday 21/3 In-Reply-To: References: <4662325519985652945@unknownmsgid> <96AE8070-8C77-42F0-9F83-4798D1089E28@opendnssec.org> <5331F76B.1090204@nlnetlabs.nl> Message-ID: Oops, happened to do reply and not reply all. On Wed, Mar 26, 2014 at 6:51 AM, Jerry Lundstr?m wrote: > On Wed, Mar 26, 2014 at 6:03 AM, Jerry Lundstr?m wrote: > >> >> I am going to add a runtime limit in the build bot for that so it will >> kill the job automatically if it has been running too long. >> > > There was actually a plugin in Jenkins for this, going to configure it for > all jobs today. > All jobs now have a 1 hour timeout, after that they are automatically aborted. This timeout is counted after the job starts on a node and not while in queue. The longest running job is about 40 minutes currently so 1 hour should be fine. -- Jerry Lundstr?m - OpenDNSSEC Developer http://www.opendnssec.org/ -------------- next part -------------- An HTML attachment was scrubbed... URL: From jerry at opendnssec.org Wed Mar 26 06:45:51 2014 From: jerry at opendnssec.org (=?ISO-8859-1?Q?Jerry_Lundstr=F6m?=) Date: Wed, 26 Mar 2014 07:45:51 +0100 Subject: [Opendnssec-develop] All Jenkins jobs now use labels instead of nodes Message-ID: Hi, I have reconfigured Jenkins and all the jobs to run on labels now, there are a label per platform (ubuntu10 ubuntu12 freebsd9 etc). This is to prepare for additional resources so we can run more tests at the same time. The pull requests that are open and have previously made a build might fail on the next build, just issue another build if that happens and contact me if it still fails after that. -- Jerry Lundstr?m - OpenDNSSEC Developer http://www.opendnssec.org/ -------------- next part -------------- An HTML attachment was scrubbed... URL: From matthijs at nlnetlabs.nl Wed Mar 26 09:36:13 2014 From: matthijs at nlnetlabs.nl (Matthijs Mekking) Date: Wed, 26 Mar 2014 10:36:13 +0100 Subject: [Opendnssec-develop] Jenkins will be moved to .SE on Friday 21/3 In-Reply-To: References: <4662325519985652945@unknownmsgid> <96AE8070-8C77-42F0-9F83-4798D1089E28@opendnssec.org> Message-ID: <53329F8D.9060405@nlnetlabs.nl> On 03/25/2014 08:20 PM, Jerry Lundstr?m wrote: > On Tue, Mar 25, 2014 at 7:18 PM, John Dickinson > wrote: > > > You need a redirect from http to https. Also maybe user accounts > will be needed to create new tests manually run stuff? > > > Its HTTPS only, so just use https:// . > > There is no need for user accounts anymore since everything should be > run through pull requests and the build bot. Does this mean that we can access all the debug logs and files through jenkins only? That would be a sad thing, because it is much faster to debug this stuff on the command line, at the machine which is failing the tests. So, I would be in favor of keeping user accounts. Best regards, Matthijs > > -- > Jerry Lundstr?m - OpenDNSSEC Developer > http://www.opendnssec.org/ > > > _______________________________________________ > Opendnssec-develop mailing list > Opendnssec-develop at lists.opendnssec.org > https://lists.opendnssec.org/mailman/listinfo/opendnssec-develop > From jerry at opendnssec.org Wed Mar 26 09:53:07 2014 From: jerry at opendnssec.org (Jerry =?ISO-8859-1?Q?Lundstr=F6m?=) Date: Wed, 26 Mar 2014 10:53:07 +0100 Subject: [Opendnssec-develop] Jenkins will be moved to .SE on Friday 21/3 In-Reply-To: <53329F8D.9060405@nlnetlabs.nl> References: <4662325519985652945@unknownmsgid> <96AE8070-8C77-42F0-9F83-4798D1089E28@opendnssec.org> <53329F8D.9060405@nlnetlabs.nl> Message-ID: <1395827587.9063.1.camel@mine> On ons, 2014-03-26 at 10:36 +0100, Matthijs Mekking wrote: > Does this mean that we can access all the debug logs and files through > jenkins only? That would be a sad thing, because it is much faster to > debug this stuff on the command line, at the machine which is failing > the tests. No, the readonly account is still there, this is about account in Jenkins, not on the platforms. /Jerry -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 620 bytes Desc: This is a digitally signed message part URL: From sara at sinodun.com Thu Mar 27 10:58:28 2014 From: sara at sinodun.com (Sara Dickinson) Date: Thu, 27 Mar 2014 10:58:28 +0000 Subject: [Opendnssec-develop] Jenkins will be moved to .SE on Friday 21/3 In-Reply-To: References: <4662325519985652945@unknownmsgid> <96AE8070-8C77-42F0-9F83-4798D1089E28@opendnssec.org> Message-ID: <0091F98F-F1C5-4F5E-8583-D342A3420DAE@sinodun.com> On 25 Mar 2014, at 19:20, Jerry Lundstr?m wrote: > > There is no need for user accounts Obviously we need at least one back-up administrator for when you are not available. AFAIK John has the most jenkins experience of anyone, so he should have an account. I also volunteer as additional backup admin. Sara. From jerry at opendnssec.org Fri Mar 28 12:57:17 2014 From: jerry at opendnssec.org (Jerry =?ISO-8859-1?Q?Lundstr=F6m?=) Date: Fri, 28 Mar 2014 13:57:17 +0100 Subject: [Opendnssec-develop] Jenkins will be moved to .SE on Friday 21/3 In-Reply-To: <0091F98F-F1C5-4F5E-8583-D342A3420DAE@sinodun.com> References: <4662325519985652945@unknownmsgid> <96AE8070-8C77-42F0-9F83-4798D1089E28@opendnssec.org> <0091F98F-F1C5-4F5E-8583-D342A3420DAE@sinodun.com> Message-ID: <1396011437.12624.5.camel@mine> On tor, 2014-03-27 at 10:58 +0000, Sara Dickinson wrote: > Obviously we need at least one back-up administrator for when you are not available. Jakob is a backup for Jenkins. -- Jerry Lundstr?m - OpenDNSSEC Developer http://www.opendnssec.org/ -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 620 bytes Desc: This is a digitally signed message part URL: From jerry at opendnssec.org Fri Mar 28 15:16:07 2014 From: jerry at opendnssec.org (Jerry =?ISO-8859-1?Q?Lundstr=F6m?=) Date: Fri, 28 Mar 2014 16:16:07 +0100 Subject: [Opendnssec-develop] Restructuring of lib.sh / functions-opendnssec.sh and a few changes to how things work Message-ID: <1396019767.20793.17.camel@mine> Hi all, I've done a bit of work on the test framework to try and get rid of intermediate fails and it seems to have been successful. The work has been done for 1.3, 1.4 and develop in these PR: https://github.com/opendnssec/opendnssec/pull/54 https://github.com/opendnssec/opendnssec/pull/58 https://github.com/opendnssec/opendnssec/pull/61 Changes are for all branches: - Added more checks to functions and made sure all variable are quoted and local. - Removed global syslog_grep_count_variable from lib.sh/syslog_grep_count(). - Added syslog_grep_count2 and grep_this_count2 that echos the count. - Used syslog_grep_count2 in Enforcer/Signer start/stop count functions and added new global variable ODS_ENFORCER_START_COUNT / ODS_ENFORCER_STOP_COUNT / ODS_SIGNER_START_COUNT / ODS_SIGNER_STOP_COUNT. - Added 2 new tool depend; pgrep and gsort/sort. - Save test output in retries and failed tests - Rewrote ods_enforcer_start_timeshift() based on log_this_timeout, it starts Enforcer is the background and checks for output in syslog and if there has not been any output for the given timeout it kills and fails. Changes just for develop: - Changed ods_reset_env() and ods_setup_env() to take the option -n in case you want the Enforcer to not be stopped. Short description of the changes to tests are: - $syslog_grep_count_variable is gone, use (for ex) $ODS_ENFORCER_START_COUNT instead. - ods_start_enforcer_timeshift() does not need a timeout any more, it works in a different and better way now. - Timeout to ods_reset_env() has been removed for all test in develop and I am currently testing to see where the Enforcer might need to live a bit longer. I am currently testing the develop branch and want to merge to ASAP so please have a look and fire away some comments. -- Jerry Lundstr?m - OpenDNSSEC Developer http://www.opendnssec.org/ -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 620 bytes Desc: This is a digitally signed message part URL: From jerry at opendnssec.org Mon Mar 31 15:55:52 2014 From: jerry at opendnssec.org (Jerry =?ISO-8859-1?Q?Lundstr=F6m?=) Date: Mon, 31 Mar 2014 17:55:52 +0200 Subject: [Opendnssec-develop] Re: Restructuring of lib.sh / functions-opendnssec.sh and a few changes to how things work In-Reply-To: <1396019767.20793.17.camel@mine> References: <1396019767.20793.17.camel@mine> Message-ID: <1396281352.26541.16.camel@what> On fre, 2014-03-28 at 16:16 +0100, Jerry Lundstr?m wrote: > I am currently testing the develop branch and want to merge to ASAP so > please have a look and fire away some comments. I have run tests this weekend and everything looks fine. I want to merge this before the end of tomorrow, please have a look. -- Jerry Lundstr?m - OpenDNSSEC Developer http://www.opendnssec.org/ -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 660 bytes Desc: This is a digitally signed message part URL: From yuri at nlnetlabs.nl Mon Mar 31 21:24:03 2014 From: yuri at nlnetlabs.nl (Yuri Schaeffer) Date: Mon, 31 Mar 2014 23:24:03 +0200 Subject: [Opendnssec-develop] Re: Restructuring of lib.sh / functions-opendnssec.sh and a few changes to how things work In-Reply-To: <1396281352.26541.16.camel@what> References: <1396019767.20793.17.camel@mine> <1396281352.26541.16.camel@what> Message-ID: <5339DCF3.3060801@nlnetlabs.nl> > I want to merge this before the end of tomorrow, please have a look. FYI, I've looked at a small part of it thus far, I have no issues with it.