I've been investigating what's required in order to support < https://issues.jenkins-ci.org/browse/JENKINS-21336> (tl;dr: make RUN_SCRIPTS the top most permission instead of ADMINISTER), and one major requirement I've found is that such a complex change would likely only be possible through feature flags (or by somehow coordinating the release of several plugins and Jenkins itself together). There are a handful of features in Jenkins that can only be enabled or disabled via system properties (which are also usually definable in an xml file). There is a SystemProperties class in Jenkins Core which facilitates this, but it's rather low level still.
What I'd like to propose is an abstract feature flag API in Jenkins Core. This would work similarly to how alpha feature flags work in Kubernetes where you need to explicitly opt in to an unstable feature, though it would also double as the place where you can disable new features (e.g., we could gather together all the existing security escape hatches and other feature flags into this new API). This could potentially be combined with telemetry to see which features are used or not which can inform developers on when it's OK to remove a feature flag which is also important to avoid complexity overload. I believe this effort would be required in order to properly embrace the idea behind Jenkins Jolt. With a feature flag system, introducing behavioral changes becomes much easier to continuously deliver without long lived feature branches, one of the key aspects of delivering software quickly and reliably. Some other techniques like A/B testing and such may not be as relevant here since Jenkins is not a SaaS, but there are still tons of benefits to this anyways. My suggestion on a starting point would be to propose an API inspired by existing feature flag libraries such as LaunchDarkly, togglz, or ff4j. This can be backed by default by system properties and overrideable via a local config file or possibly even an admin interface to toggle them (and then restart Jenkins of course). I'm somewhat iffy on the admin UI since toggling feature flags is an advanced end user behavior, so encouraging people to blindly enable or disable flags doesn't seem like a great UX decision. I'm also curious how such an effort might be coordinated with any other related projects, though I'm mostly interested in Jenkins specifically (sorry, Jenkins X!). -- Matt Sicker Software Engineer, CloudBees -- You received this message because you are subscribed to the Google Groups "Jenkins Developers" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-dev+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-dev/CAEot4ox18hcRhB3Z9axpcBAU8%2Baxbaca-AjN_65%2BoOCK5D3J%3Dg%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.