117 lines
6.5 KiB
Org Mode
117 lines
6.5 KiB
Org Mode
|
#+title: Yann FY23Q3 Report
|
||
|
#+subtitle: back to one month older
|
||
|
#+date: 2023-05-03
|
||
|
#+options: H:6 ^:nil
|
||
|
|
||
|
* Individual Development Plan
|
||
|
|
||
|
** Results
|
||
|
*** Accomplishments
|
||
|
- Added support for AND/OR queries in tk-store. Should help
|
||
|
- PIAM (Provisioning)
|
||
|
- Start of the work related to Entitlements (see: https://github.com/advthreat/iroh/issues/7835)
|
||
|
- Free Tier Provisioning (the ~xdr-provisioning~ repository + Platform
|
||
|
Provisioning API)
|
||
|
- IROH config work to help ops and prevent release problems
|
||
|
- Recurring admin tasks:
|
||
|
- added bunch of XDR Flags (see [[https://github.com/advthreat/response/issues/1742][#response/1742]])
|
||
|
- moved the TG OAuth2 client from config to DB on INT
|
||
|
- Managed to get Wanderson back to better efficiency after being difficult
|
||
|
during its move and his daughter
|
||
|
- Managed Olivier to his best. Very discrete but pretty strong.
|
||
|
|
||
|
For full details look at the code last quarter report section.
|
||
|
|
||
|
*** Improvements/opportunities for development:
|
||
|
- I should work even more closely with PIAM as this is fruitful and could have a
|
||
|
lot of impact on IROH team as well as the rest of the IROH ecosystem (IROH +
|
||
|
modules + integrations).
|
||
|
- Entitlement will be an interesting topic
|
||
|
- Wanderson and Olivier are not yet fully autonomous while working with some
|
||
|
IROH-Auth parts. So there are still room for teaching and improvements.
|
||
|
** Principles & Behaviors
|
||
|
*** Accomplishments
|
||
|
- Advocate: even while it was questionable I did my best to provide only positive XDR feedback to the team.
|
||
|
- Customer value: see the Results Accomplishments section (most of them add customer
|
||
|
value)
|
||
|
- Learn:
|
||
|
- bash scripts containing Clojure
|
||
|
- matrix testing (this was not very visible PR but this is a testing framework
|
||
|
improvements)
|
||
|
- matrix representation inside Clojure code, this is helpful to visualize and
|
||
|
easily change scopes associated to roles for example.
|
||
|
- Team for results: engaged team ops + Matt + IROH-Auth for iroh config issue
|
||
|
*** Improvements/opportunities for development:
|
||
|
** Team Impact
|
||
|
*** Accomplishments
|
||
|
- ~admin-clj~ scripts should be helpful, for now use only for
|
||
|
- IROH default config should help ops
|
||
|
- PIAM contacts will be useful in the future
|
||
|
- Mario PR feedback was a really nice exchange while we are not having much
|
||
|
cross-sub-team discussions.
|
||
|
- Helped Explain RBAC technical consequences with other teams, in particular
|
||
|
SXO, but also the UI.
|
||
|
*** Improvements/opportunities for development:
|
||
|
- RBAC: Next quarter will probably start discussions with DI and
|
||
|
perhaps CSC.
|
||
|
|
||
|
* Code last quarter [44]
|
||
|
|
||
|
** ctia [1 (1 / 0)]
|
||
|
|
||
|
- bump snakeyaml to address CVE-2022-38751 [[https://github.com/advthreat/ctia/pull/1346][#1346]]
|
||
|
** iroh [30 (27 / 3)]
|
||
|
|
||
|
- Add a missing option to disable default configs [[https://github.com/advthreat/iroh/pull/7805][#7805]]
|
||
|
- Add a script to init tokens without login in [[https://github.com/advthreat/iroh/pull/7794][#7794]]
|
||
|
- Fix schema for Response [[https://github.com/advthreat/iroh/pull/7804][#7804]]
|
||
|
- Add support to onboard a single app [[https://github.com/advthreat/iroh/pull/7796][#7796]]
|
||
|
- Add a role instrospection route to help the UI and other clients [[https://github.com/advthreat/iroh/pull/7785][#7785]]
|
||
|
- Fix scopes declaration for execute-workflow route [[https://github.com/advthreat/iroh/pull/7799][#7799]]
|
||
|
- Fix a Swagger bug due to schema name conflict [[https://github.com/advthreat/iroh/pull/7790][#7790]]
|
||
|
- Web api search improvements [[https://github.com/advthreat/iroh/pull/7728][#7728]]
|
||
|
- add profile and notification to ao-jwt [[https://github.com/advthreat/iroh/pull/7726][#7726]]
|
||
|
- Tk store combinator search queries (AND, OR, NOT) [[https://github.com/advthreat/iroh/pull/7691][#7691]]
|
||
|
- Fix a case where the body is =nil= [[https://github.com/advthreat/iroh/pull/7685][#7685]]
|
||
|
- Add xdr-instance-id field to the orgs [[https://github.com/advthreat/iroh/pull/7707][#7707]]
|
||
|
- PIAM: Provisioning onboard endpoint [[https://github.com/advthreat/iroh/pull/7659][#7659]]
|
||
|
- Add ff scope script [[https://github.com/advthreat/iroh/pull/7680][#7680]]
|
||
|
- added a script to add feature-flag scopes from command line [[https://github.com/advthreat/iroh/pull/7676][#7676]]
|
||
|
- prefer to use client from DB than client from config [[https://github.com/advthreat/iroh/pull/7672][#7672]]
|
||
|
- Align scopes to SXO behaviour [[https://github.com/advthreat/iroh/pull/7673][#7673]]
|
||
|
- fix lein start [[https://github.com/advthreat/iroh/pull/7663][#7663]]
|
||
|
- PIAM provisioning no idp-mapping for create user [[https://github.com/advthreat/iroh/pull/7655][#7655]]
|
||
|
- Default bootstrap & config [[https://github.com/advthreat/iroh/pull/6868][#6868]]
|
||
|
- Add Entitlements to Orgs [[https://github.com/advthreat/iroh/pull/7631][#7631]]
|
||
|
- Remove yaml to supported format for profile API [[https://github.com/advthreat/iroh/pull/7632][#7632]]
|
||
|
- Fix a flaky test in either_test.clj [[https://github.com/advthreat/iroh/pull/7610][#7610]]
|
||
|
- Role Matrix representation in the code. [[https://github.com/advthreat/iroh/pull/7583][#7583]]
|
||
|
- fix some wording only for admin users view [[https://github.com/advthreat/iroh/pull/7579][#7579]]
|
||
|
- Improve User login logs situation [[https://github.com/advthreat/iroh/pull/7555][#7555]]
|
||
|
- Added a composable redis.nix [[https://github.com/advthreat/iroh/pull/7535][#7535]]
|
||
|
|
||
|
_between 3 and 4 months ago_
|
||
|
|
||
|
- Fix template rendering during invite confirmation [[https://github.com/advthreat/iroh/pull/7480][#7480]]
|
||
|
- Display virtual users in the batch get users [[https://github.com/advthreat/iroh/pull/7473][#7473]]
|
||
|
- Add the UI session logout into IROH-Auth [[https://github.com/advthreat/iroh/pull/7431][#7431]]
|
||
|
** tenzin [2 (2 / 0)]
|
||
|
|
||
|
- use iroh.main for all nodes types [[https://github.com/advthreat/tenzin/pull/2862][#2862]]
|
||
|
- Update iroh.job.jinja [[https://github.com/advthreat/tenzin/pull/2861][#2861]]
|
||
|
** tenzin-config [6 (6 / 0)]
|
||
|
|
||
|
- fix missing iroh-async web-services [[https://github.com/advthreat/tenzin-config/pull/884][#884]]
|
||
|
- align iroh and iroh-async confs [[https://github.com/advthreat/tenzin-config/pull/883][#883]]
|
||
|
- Add CSC onboarding URLs [[https://github.com/advthreat/tenzin-config/pull/875][#875]]
|
||
|
- fix provisioning service [[https://github.com/advthreat/tenzin-config/pull/863][#863]]
|
||
|
- PIAM config change (+ boostrap cleanup) [[https://github.com/advthreat/tenzin-config/pull/677][#677]]
|
||
|
- add perf.orbital.threatgrid.com to allowed login origin [[https://github.com/advthreat/tenzin-config/pull/854][#854]]
|
||
|
** xdr-provisioning [5 (5 / 0)]
|
||
|
|
||
|
- Improve help regarding setting env vars
|
||
|
- Improve the command line parsing
|
||
|
- rename script to .sh
|
||
|
- Add onboarding of DI and CSC
|
||
|
- Initial provisioning Script
|