Open Source - Open Doors, Open Potential

Open Source

Open Doors - Open Potential

View Slide

This is a very very very long gag
@hendrikEbbers
Hendrik Ebbers
• Karakun Co-Founder

• Founder of JUG Dortmund

• JSR EG member

• JavaOne Rockstar, Java Champion

• AdoptOpenJDK / Adoptium TSC member

View Slide

@hendrikEbbers
Hendrik Ebbers
• I (and collect) boardgames

• I STARWARS

• I Hardrock

• I Dogs

View Slide

@hendrikEbbers
Content
• OpenSource FACTS

• GitHub and Open Source Work
fl
ows

• Automate everything

• Foundations and open standards

• How to start your open source career

View Slide

OpenSource today

View Slide

@hendrikEbbers
Facts about OpenSource
• The usage of open source software is growing every
year

• Even most closed source projects depend on open
source today

• Today many companies trust in open source

View Slide

@hendrikEbbers
Why to use open source
• What aspects were important to you when choosing
open source based solutions in your company?
87 % 85 %
open standards big community
81 %
security
80 %
no vendor lock-in
79 %
stability
78 %
cost savings transparency & trust
75 %

View Slide

@hendrikEbbers
Why do we trust?
• Open source means that the sources of a product can
be seen / requested by everyone

• Open source does not mean that everybody can
mutate the source

View Slide

@hendrikEbbers
Why is it more secure?
• We are human

• We create bugs

• We create security issues

• The developers of our
 
dependencies are
 
humans, too

View Slide

@hendrikEbbers
• Security issues can be found much
faster

• Security audits can be done by
anybody

View Slide

@hendrikEbbers
• Based on GitHub there is a 59% change to receive a
security alert / issue within the next 12 month
 
• Common Vulnerabilities and Exposures (CVE)
 
are tracked in open databases
 
(see http://cve.mitre.org)

Based on your dependencies

View Slide

@hendrikEbbers
github.com

View Slide

@hendrikEbbers
github.com
• It is always important to know
your dependencies

• Especially when you do
JavaScript...

View Slide

@hendrikEbbers
• Tools like dependabot automatically inform you on
critical issues in your dependencies

• Example based on CVE-2020-8203 (in lodash)

Common JS lib
04.23.2012
vulerability created in
lodash
07.08.2020
vulerability
fi
xed in
lodash
07.15.2020
over 5 million projects
receive dependabot
alert
10.02.2020
over 40% of projects
have upgraded to
fi
xed
version
github.com

View Slide

GitHub

View Slide

@hendrikEbbers
Facts about GitHub
• 1.9 billion contributions in 2019

• Over 50 million registered developers users
2008 2020 2025
50 m
100 m

View Slide

@hendrikEbbers
New to Git(Hub) ?
• Today GIT is the standard version control system (for
open source) today.

• Most modern open source projects are hosted at
GitHub

View Slide

@hendrikEbbers
New to Git(Hub) ?
• GitHub makes the usage of GIT very easy and provide
visual tooling for work
fl
ows

• But a user needs to understand GIT to contribute to
projects

• You can
fi
nd many very good tutorials online
https://rogerdudler.github.io/git-guide/

View Slide

@hendrikEbbers
More than a repository
• GitHub provides much more than just GIT repositories:

• Issues

• Wiki

• Pull Requests

• ...

View Slide

@hendrikEbbers
More than a repository
• Best starting points are issues

• Mostly all people start at GitHub by creating an issue
for an open source project

• Have you already created an issue?

View Slide

View Slide

Add a Title
Add a description. Try to add as much info as possible.

Important:

- How to reproduce the issue?

- Why do you need it

- Metadata (environment, version,…)

View Slide

View Slide

@hendrikEbbers
Some important rules
• Always be friendly

• Ask questions

• Listen to the project maintainers

• Stay in touch

View Slide

Pull Request

View Slide

@hendrikEbbers
Let's contribute
• A Pull request is the work
fl
ow that allows user to contribute to
projects

• Pull requests let you tell others about changes you want to add to
a repository

• A pull request can be commented and reviewed

• Follow-up commits can be added

• The changes of a pull request can be merged by a maintainer of
the project

View Slide

View Slide

@hendrikEbbers
Some important rules
• Do not create a pull request without an issue

• Mention in the issue that you plan to do a pull
request

• Start with a small issue

View Slide

@hendrikEbbers
Reviews

View Slide

View Slide

@hendrikEbbers
Preview + Test of Integration
• Several tools can
interact with GitHub

• Automatically build &
deploy pull request
and integration results

• Examples are Netli
fl
y
or Heroku

View Slide

@hendrikEbbers
Pull Requests in Enterprise
• GitHub published some average numbers regarding
the timing of pull requests

• The numbers are based on enterprise (non-hobby)
projects
pull request opened
fi
rst review done last review done pull request merged
github.com
review requested
1h 36m to merge pull request
54m till
fi
rst review 12m till merge

View Slide

JavaFX

View Slide

@hendrikEbbers
First OpenJDK project at Git
• JavaFX is (still) part of OpenJDK

• JavaFX was the
fi
rst project of the OpenJDK that has
been migrated to git & GitHub

• With project Skara the OpenJDK is moved to git &
GitHub
https://github.com/openjdk/jfx

View Slide

@hendrikEbbers
First OpenJDK project at Git
• Since OpenJDK projects are now hosted at GitHub
contribution is super easy

• Every GitHub user can create a PR (+ some paperwork
to have you checked as a valid OpenJDK commiter)

View Slide

@hendrikEbbers
All OS Builds with GitHub Actions
• OpenJDK projects already use GitHub
Actions for CI tasks

• Automatically build and test JavaFX
on all 3 big operation systems for
each pull request
https://github.com/openjdk/jfx/pull/619/checks

View Slide

@hendrikEbbers
All OS Builds with GitHub Actions
• GitHub Actions can do more

• Every used test containers in an
enterprise project?

• Just let GitHub run thousands of
integration tests for you

View Slide

@hendrikEbbers
PullRequests for OpenJDK
• Happily more and more
people of the Java
community contribute to
OpenJDK

• Good tutorials and 'Getting
started' guides are missing
We are working on that issue

View Slide

Eclipse Adoptium

View Slide

@hendrikEbbers
Eclipse Adoptium
• Eclipse Adoptium is the successor of AdoptOpenJDK
 
 
 
 

View Slide

@hendrikEbbers
Eclipse Adoptium
 
 
 
• Adoptium WG is based on leaders of the ecosystem

View Slide

@hendrikEbbers
Eclipse Adoptium
 
 
 
 
• Eclipse Adoptium provides an OpenJDK distribution

• That distribution is called Temurin

View Slide

@hendrikEbbers
Why not 'Eclipse AdoptOpenJDK' ?
• The answer is quite simple:
 
 
 
 
 
• The Eclipse Foundation trademarks all names and
'AdoptOpenJDK' is just not trademark able
OpenJDK Java
® ®

View Slide

The Eclipse Temurin Java runtime
builds by Adoptium can not be
named 'AdoptOpenJDK' since
OpenJDK is owned by Oracle
™ ™
®
™
™ ®

View Slide

View Slide

Temurin by Adoptium
OpenJDK Sources
Temurin Installer
Binaries / Distribution
ci.adoptopenjdk.net

(ci.adoptium.net in near future)
adoptium.net
github.com/adoptium/installer
github.com/adoptium/jdk

github.com/adoptium/jdk8u
Build / CI Infrastructure
github.com/adoptium/temurin8-binaries/releases



Platform Builds AQAvit
github.com/adoptium/temurin-build
github.com/adoptium/aqa-tests
*
*
Redirect to
@hendrikEbbers

View Slide

@hendrikEbbers
Just call the distro 'Adoptium' ...
• NO! We want to be convenient:
 
 
Like ___________ provides ___________ the Adoptium
project provides Temurin
Azul Systems Zulu
Amazon Coretto
Bellsoft Liberica
Oracle Oracle JDK

View Slide

@hendrikEbbers
Why 'Temurin' ?
TEMURIN
 
 
 
 
 

View Slide

 
 
 
 
 
@hendrikEbbers
Why 'Temurin' ?
N
N
N
N
O
H3
C
CH3
CH3
O
N
N
N
N
O
H3
C
CH3
CH3
O
CH3
O
Caffeine Temurin

View Slide

@hendrikEbbers
Eclipse Adoptium is MORE
• NO! Adoptium is much more than 'just the binaries':
AQAVIT is the quality and runtime branding
evaluation project for Java SE runtimes and
associated technology.
Any Java runtime
Open source AQAVIT test &
benchmark suite
Enterprise ready runtime

View Slide

@hendrikEbbers
• NO! Adoptium is much more than 'just the binaries':

View Slide

@hendrikEbbers
• Adoptium is much more than 'just the binaries':
Community

View Slide

JakartaEE &
MicroPro
fi
le

View Slide

@hendrikEbbers
Open Speci
fi
cations
• JakartaEE / Micropro
fi
le is not 'old JavaEE'
 
• JakartaEE / Micropro
fi
le speci
fi
cations are used by Spring
Boot, Micronaut, Quarkus, ...

• When you create enterprise applications and
(micro-)services in Java you need to know and use the
specs

View Slide

@hendrikEbbers
Open Speci
fi
cations
• A spec always contains 3 parts:

• API that contains the Java interfaces, annotations...

• SPEC that contains the documentation of the API, its
usage and interoperability with other speci
fi
cations

• TCK that contains a test kit to validate the full
functionality of an implementation

View Slide

@hendrikEbbers
Eclipse Foundation
• Both JakartaEE and Micropro
fi
le are top level projects at
Eclipse Foundation

• An open source foundation allows a transparent and
solid support and sponsoring by companies and
organisations

• An open source foundation provides work
fl
ows, rules,
infrastructure and support (for example in marketing
issues)

View Slide

@hendrikEbbers
Eclipse Foundation
• All projects and speci
fi
cations are hosted at GitHub

• Everybody can do a pull request

• Contributions and discussions are more than welcome

• Attend a meeting to start your open source journey!
https://bit.ly/3l4I4E5
Jakarta EE Community Calendar

View Slide

Hacktoberfest

View Slide

@hendrikEbbers
Hacktoberfest
• A month long celebration of open source software

• It happens every year in October.

• Everyone can support open-source by contributing
changes, and then earn a limited edition swag
https://hacktoberfest.digitalocean.com
Visit

View Slide

@hendrikEbbers
Good First Issue
• Search for issues that are
labeled with 'good
fi
rst issue'

• As a maintainer take care to
have such issues...

• ... with a good description and
additional help

View Slide

@hendrikEbbers
Good First Issue
Description of the issue

Best to add examples and name
needed Actions
Generic information

Step by step information of the
work
fl
ow

Generic information of the project

Links for questions, documentation
and contact options

View Slide

Cyberland

View Slide

@hendrikEbbers
Cyberland OS Camp
• Du
fi
ndest die gezeigten
Themen spannende

• Du hast keine Ahnung wo du
anfangen sollst?

• Das Cyberland hat ein neues
Event-Format für dich!

View Slide

@hendrikEbbers
Cyberland OS Camp
• Lass uns zusammen an Open
Source Projekten arbeiten

• Lass uns zusammen die
(ersten) Hürden nehmen

• Lass dir helfen ein Commiter
zu werden

View Slide

@hendrikEbbers
Cyberland OS Camp
29.09.2021 - 18:00

Virtuelles Event

https://cyberland.ijug.eu/2021-09-open-source-camp/
https://bit.ly/3yTLezf

View Slide

@hendrikEbbers
Cyberland OS Camp
• Keynote von Adam Bien

• Vorstellung der Eclipse Projekte von
 
Commiter:innen

View Slide

@hendrikEbbers
Cyberland OS Camp

 
Commiter:innen
Wenn dieser Vortrag wieder zum
besten gewählt wird, gibt es nächstes
Jahr einen Adam Bien Starschnitt
zum Ausdrucken !!!

View Slide

@hendrikEbbers
Cyberland OS Camp

 
Commiter:innen
Wenn dieser Vortrag wieder zum
besten gewählt wird, gibt es nächstes
Jahr einen Adam Bien Starschnitt
zum Ausdrucken !!!
Scherz!!! Wenn dieser Vortrag nicht
gewählt wird, gibt es einen
Starschnitt von mir!!!!

View Slide

@hendrikEbbers
Cyberland OS Camp
• Viel wichtiger: Wir hacken zusammen und wollen
unsere ersten PRs für Adoptium / JakartaEE umsetzen

View Slide

@hendrikEbbers
iJUG Open Source Stipendium
• Der iJUG möchte seine
 
Mitglieder:innen fördern

• Der iJUG ist Eclipse Member &
 
Mitglied in den Adoptium, Micropro
fi
le & JakartaEE
Arbeitsgruppen

• Fördert Mitarbeit an Projekten z.B. durch Freikarte zum
JavaLand
https://github.com/ijug-ev/Stipendium

View Slide

Let's work together

View Slide

@hendrikEbbers
Call for Action
• Contribution to open source projects becomes easier
every day

• Join initiatives like the Cyberland open source camp

• Start with simple tasks like typos or documentation

• Ask questions, create issues, listen to other commiters

View Slide

Stay safe & healthy

View Slide

@hendrikEbbers
dev.karakun.com

View Slide

Open Source - Open Doors, Open Potential

Open Source - Open Doors, Open Potential

Hendrik Ebbers

More Decks by Hendrik Ebbers

Other Decks in Programming

Featured

Transcript