Open Source - Open Doors, Open Potential

Open Source Open Doors - Open Potential

This is a very very very long gag @hendrikEbbers Hendrik
Ebbers • Karakun Co-Founder • Founder of JUG Dortmund • JSR EG member • JavaOne Rockstar, Java Champion • AdoptOpenJDK / Adoptium TSC member

This is a very very very long gag @hendrikEbbers Hendrik
Ebbers • I (and collect) boardgames • I STARWARS • I Hardrock • I Dogs

This is a very very very long gag @hendrikEbbers Content
• OpenSource FACTS • GitHub and Open Source Work fl ows • Automate everything • Foundations and open standards • How to start your open source career

OpenSource today

This is a very very very long gag @hendrikEbbers Facts
about OpenSource • The usage of open source software is growing every year • Even most closed source projects depend on open source today • Today many companies trust in open source

This is a very very very long gag @hendrikEbbers Why
to use open source • What aspects were important to you when choosing open source based solutions in your company? 87 % 85 % open standards big community 81 % security 80 % no vendor lock-in 79 % stability 78 % cost savings transparency & trust 75 %

do we trust? • Open source means that the sources of a product can be seen / requested by everyone • Open source does not mean that everybody can mutate the source

is it more secure? • We are human • We create bugs • We create security issues • The developers of our   dependencies are   humans, too

is it more secure? • Security issues can be found much faster • Security audits can be done by anybody

is it more secure? • Based on GitHub there is a 59% change to receive a security alert / issue within the next 12 month   • Common Vulnerabilities and Exposures (CVE)   are tracked in open databases   (see http://cve.mitre.org) Based on your dependencies

is it more secure? github.com

is it more secure? github.com • It is always important to know your dependencies • Especially when you do JavaScript...

is it more secure? • Tools like dependabot automatically inform you on critical issues in your dependencies • Example based on CVE-2020-8203 (in lodash) Common JS lib 04.23.2012 vulerability created in lodash 07.08.2020 vulerability fi xed in lodash 07.15.2020 over 5 million projects receive dependabot alert 10.02.2020 over 40% of projects have upgraded to fi xed version github.com

GitHub

This is a very very very long gag @hendrikEbbers Facts
about GitHub • 1.9 billion contributions in 2019 • Over 50 million registered developers users 2008 2020 2025 50 m 100 m

This is a very very very long gag @hendrikEbbers New
to Git(Hub) ? • Today GIT is the standard version control system (for open source) today. • Most modern open source projects are hosted at GitHub

This is a very very very long gag @hendrikEbbers New
to Git(Hub) ? • GitHub makes the usage of GIT very easy and provide visual tooling for work fl ows • But a user needs to understand GIT to contribute to projects • You can fi nd many very good tutorials online https://rogerdudler.github.io/git-guide/

This is a very very very long gag @hendrikEbbers More
than a repository • GitHub provides much more than just GIT repositories: • Issues • Wiki • Pull Requests • ...

This is a very very very long gag @hendrikEbbers More
than a repository • Best starting points are issues • Mostly all people start at GitHub by creating an issue for an open source project • Have you already created an issue?

Add a Title Add a description. Try to add as
much info as possible. Important: - How to reproduce the issue? - Why do you need it - Metadata (environment, version,…)

This is a very very very long gag @hendrikEbbers Some
important rules • Always be friendly • Ask questions • Listen to the project maintainers • Stay in touch

Pull Request

This is a very very very long gag @hendrikEbbers Let's
contribute • A Pull request is the work fl ow that allows user to contribute to projects • Pull requests let you tell others about changes you want to add to a repository • A pull request can be commented and reviewed • Follow-up commits can be added • The changes of a pull request can be merged by a maintainer of the project

This is a very very very long gag @hendrikEbbers Some
important rules • Do not create a pull request without an issue • Mention in the issue that you plan to do a pull request • Start with a small issue

This is a very very very long gag @hendrikEbbers Reviews

This is a very very very long gag @hendrikEbbers Preview
+ Test of Integration • Several tools can interact with GitHub • Automatically build & deploy pull request and integration results • Examples are Netli fl y or Heroku

This is a very very very long gag @hendrikEbbers Pull
Requests in Enterprise • GitHub published some average numbers regarding the timing of pull requests • The numbers are based on enterprise (non-hobby) projects pull request opened fi rst review done last review done pull request merged github.com review requested 1h 36m to merge pull request 54m till fi rst review 12m till merge

JavaFX

This is a very very very long gag @hendrikEbbers First
OpenJDK project at Git • JavaFX is (still) part of OpenJDK • JavaFX was the fi rst project of the OpenJDK that has been migrated to git & GitHub • With project Skara the OpenJDK is moved to git & GitHub https://github.com/openjdk/jfx

This is a very very very long gag @hendrikEbbers First
OpenJDK project at Git • Since OpenJDK projects are now hosted at GitHub contribution is super easy • Every GitHub user can create a PR (+ some paperwork to have you checked as a valid OpenJDK commiter)

This is a very very very long gag @hendrikEbbers All
OS Builds with GitHub Actions • OpenJDK projects already use GitHub Actions for CI tasks • Automatically build and test JavaFX on all 3 big operation systems for each pull request https://github.com/openjdk/jfx/pull/619/checks

This is a very very very long gag @hendrikEbbers All
OS Builds with GitHub Actions • GitHub Actions can do more • Every used test containers in an enterprise project? • Just let GitHub run thousands of integration tests for you

This is a very very very long gag @hendrikEbbers PullRequests
for OpenJDK • Happily more and more people of the Java community contribute to OpenJDK • Good tutorials and 'Getting started' guides are missing We are working on that issue

Eclipse Adoptium

This is a very very very long gag @hendrikEbbers Eclipse
Adoptium • Eclipse Adoptium is the successor of AdoptOpenJDK        

Adoptium • Eclipse Adoptium is the successor of AdoptOpenJDK       • Adoptium WG is based on leaders of the ecosystem

Adoptium • Eclipse Adoptium is the successor of AdoptOpenJDK         • Eclipse Adoptium provides an OpenJDK distribution • That distribution is called Temurin

not 'Eclipse AdoptOpenJDK' ? • The answer is quite simple:           • The Eclipse Foundation trademarks all names and 'AdoptOpenJDK' is just not trademark able OpenJDK Java ® ®

The Eclipse Temurin Java runtime builds by Adoptium can not
be named 'AdoptOpenJDK' since OpenJDK is owned by Oracle ™ ™ ® ™ ™ ®

This is a very very very long gag Temurin by
Adoptium OpenJDK Sources Temurin Installer Binaries / Distribution ci.adoptopenjdk.net (ci.adoptium.net in near future) adoptium.net github.com/adoptium/installer github.com/adoptium/jdk github.com/adoptium/jdk8u Build / CI Infrastructure github.com/adoptium/temurin8-binaries/releases github.com/adoptium/temurin11-binaries/releases github.com/adoptium/temurin16-binaries/releases github.com/adoptium/temurin17-binaries/releases Platform Builds AQAvit github.com/adoptium/temurin-build github.com/adoptium/aqa-tests * * Redirect to @hendrikEbbers

This is a very very very long gag @hendrikEbbers Just
call the distro 'Adoptium' ... • NO! We want to be convenient:     Like ___________ provides ___________ the Adoptium project provides Temurin Azul Systems Zulu Amazon Coretto Bellsoft Liberica Oracle Oracle JDK

'Temurin' ? TEMURIN • The answer is quite simple:          

This is a very very very long gag • The
answer is quite simple:           @hendrikEbbers Why 'Temurin' ? N N N N O H3 C CH3 CH3 O N N N N O H3 C CH3 CH3 O CH3 O Caffeine Temurin

Adoptium is MORE • NO! Adoptium is much more than 'just the binaries': AQAVIT is the quality and runtime branding evaluation project for Java SE runtimes and associated technology. Any Java runtime Open source AQAVIT test & benchmark suite Enterprise ready runtime

Adoptium is MORE • NO! Adoptium is much more than 'just the binaries':

Adoptium is MORE • Adoptium is much more than 'just the binaries': Community

JakartaEE & MicroPro fi le

This is a very very very long gag @hendrikEbbers Open
Speci fi cations • JakartaEE / Micropro fi le is not 'old JavaEE'   • JakartaEE / Micropro fi le speci fi cations are used by Spring Boot, Micronaut, Quarkus, ... • When you create enterprise applications and (micro-)services in Java you need to know and use the specs

This is a very very very long gag @hendrikEbbers Open
Speci fi cations • A spec always contains 3 parts: • API that contains the Java interfaces, annotations... • SPEC that contains the documentation of the API, its usage and interoperability with other speci fi cations • TCK that contains a test kit to validate the full functionality of an implementation

Foundation • Both JakartaEE and Micropro fi le are top level projects at Eclipse Foundation • An open source foundation allows a transparent and solid support and sponsoring by companies and organisations • An open source foundation provides work fl ows, rules, infrastructure and support (for example in marketing issues)

Foundation • All projects and speci fi cations are hosted at GitHub • Everybody can do a pull request • Contributions and discussions are more than welcome • Attend a meeting to start your open source journey! https://bit.ly/3l4I4E5 Jakarta EE Community Calendar

Hacktoberfest

This is a very very very long gag @hendrikEbbers Hacktoberfest
• A month long celebration of open source software • It happens every year in October. • Everyone can support open-source by contributing changes, and then earn a limited edition swag https://hacktoberfest.digitalocean.com Visit

This is a very very very long gag @hendrikEbbers Good
First Issue • Search for issues that are labeled with 'good fi rst issue' • As a maintainer take care to have such issues... • ... with a good description and additional help

This is a very very very long gag @hendrikEbbers Good
First Issue Description of the issue Best to add examples and name needed Actions Generic information Step by step information of the work fl ow Generic information of the project Links for questions, documentation and contact options

Cyberland

This is a very very very long gag @hendrikEbbers Cyberland
OS Camp • Du fi ndest die gezeigten Themen spannende • Du hast keine Ahnung wo du anfangen sollst? • Das Cyberland hat ein neues Event-Format für dich!

OS Camp • Lass uns zusammen an Open Source Projekten arbeiten • Lass uns zusammen die (ersten) Hürden nehmen • Lass dir helfen ein Commiter zu werden

OS Camp 29.09.2021 - 18:00 Virtuelles Event https://cyberland.ijug.eu/2021-09-open-source-camp/ https://bit.ly/3yTLezf

OS Camp • Keynote von Adam Bien • Vorstellung der Eclipse Projekte von   Commiter:innen

OS Camp • Keynote von Adam Bien • Vorstellung der Eclipse Projekte von   Commiter:innen Wenn dieser Vortrag wieder zum besten gewählt wird, gibt es nächstes Jahr einen Adam Bien Starschnitt zum Ausdrucken !!!

OS Camp • Keynote von Adam Bien • Vorstellung der Eclipse Projekte von   Commiter:innen Wenn dieser Vortrag wieder zum besten gewählt wird, gibt es nächstes Jahr einen Adam Bien Starschnitt zum Ausdrucken !!! Scherz!!! Wenn dieser Vortrag nicht gewählt wird, gibt es einen Starschnitt von mir!!!!

OS Camp • Viel wichtiger: Wir hacken zusammen und wollen unsere ersten PRs für Adoptium / JakartaEE umsetzen

This is a very very very long gag @hendrikEbbers iJUG
Open Source Stipendium • Der iJUG möchte seine   Mitglieder:innen fördern • Der iJUG ist Eclipse Member &   Mitglied in den Adoptium, Micropro fi le & JakartaEE Arbeitsgruppen • Fördert Mitarbeit an Projekten z.B. durch Freikarte zum JavaLand https://github.com/ijug-ev/Stipendium

Let's work together

This is a very very very long gag @hendrikEbbers Call
for Action • Contribution to open source projects becomes easier every day • Join initiatives like the Cyberland open source camp • Start with simple tasks like typos or documentation • Ask questions, create issues, listen to other commiters

Stay safe & healthy

@hendrikEbbers dev.karakun.com

Open Source - Open Doors, Open Potential

Open Source - Open Doors, Open Potential

More Decks by Hendrik Ebbers

Other Decks in Programming

Featured

Transcript