From 24cad70f8f730619dd827dce466ea31a06aebcb3 Mon Sep 17 00:00:00 2001 From: "Yann Esposito (Yogsototh)" Date: Tue, 17 Aug 2021 14:47:39 +0200 Subject: [PATCH] 2021-W23.org --- 2021-W23.org | 307 +++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 307 insertions(+) create mode 100644 2021-W23.org diff --git a/2021-W23.org b/2021-W23.org new file mode 100644 index 00000000..c9deac85 --- /dev/null +++ b/2021-W23.org @@ -0,0 +1,307 @@ +** 2021-W23 +#+BEGIN: clocktable :scope subtree :maxlevel 4 :timestamp t :link t :tags t :narrow 36! :match "work" +#+CAPTION: Clock summary at [2021-06-08 Tue 15:10] +| Timestamp | Tags | Headline | Time | | | | +|------------------------+------+-------------------------+--------+------+------+------| +| | | *Total time* | *5:58* | | | | +|------------------------+------+-------------------------+--------+------+------+------| +| | | \_ [[file:/Users/esposito/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/tracker.org::*2021-W23][2021-W23]] | | 5:58 | | | +| [2021-06-08 Tue 15:10] | | \_ [[file:/Users/esposito/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/tracker.org::*2021-06-07 Monday][2021-06-07 Monday]] | | | 5:58 | | +| [2021-06-07 Mon 10:09] | work | \_ [[file:/Users/esposito/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/tracker.org::*device-grant][device-grant]] | | | | 5:26 | +| [2021-06-07 Mon 09:57] | work | \_ [[file:/Users/esposito/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/tracker.org::*morning routine][morning routine]] | | | | 0:32 | +#+END: +*** 2021-06-07 Monday +#+BEGIN: clocktable :scope subtree :maxlevel 4 :timestamp t :link t :tags t :narrow 36! :match "work" +#+CAPTION: Clock summary at [2021-06-08 Tue 15:10] +| Timestamp | Tags | Headline | Time | | | | +|------------------------+------+-------------------------+--------+---+------+------| +| | | *Total time* | *5:58* | | | | +|------------------------+------+-------------------------+--------+---+------+------| +| | | \_ [[file:/Users/esposito/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/tracker.org::*2021-06-07 Monday][2021-06-07 Monday]] | | | 5:58 | | +| [2021-06-07 Mon 10:09] | work | \_ [[file:/Users/esposito/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/tracker.org::*device-grant][device-grant]] | | | | 5:26 | +| [2021-06-07 Mon 09:57] | work | \_ [[file:/Users/esposito/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/tracker.org::*morning routine][morning routine]] | | | | 0:32 | +#+END: +**** IN-PROGRESS device-grant :work: +:LOGBOOK: +CLOCK: [2021-06-08 Tue 14:19]--[2021-06-08 Tue 15:09] => 0:50 +CLOCK: [2021-06-07 Mon 10:09]--[2021-06-07 Mon 14:45] => 4:36 +:END: +[2021-06-07 Mon 10:09] +- ref :: [[file:~/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/tracker.org::*morning routine][morning routine]] +**** DONE morning routine :work: +:LOGBOOK: +CLOCK: [2021-06-07 Mon 09:59]--[2021-06-07 Mon 10:09] => 0:10 +CLOCK: [2021-06-07 Mon 09:37]--[2021-06-07 Mon 09:59] => 0:22 +:END: +[2021-06-07 Mon 09:57] +- ref :: +*** 2021-06-08 Tuesday +**** MEETING deliberation Daniel :work:meeting: +:LOGBOOK: +CLOCK: [2021-06-08 Tue 18:59]--[2021-06-14 Mon 14:52] => 139:53 +:END: +[2021-06-08 Tue 18:59] +***** Irina + +- Don't have strong positive feeling. +- Mindset +- risk of lack of focus + +No +***** Ambrose + +I don't feel very engaged. Don't know if it's me or the interview. +He wants to learn more. + +0 +***** Mark + +not excited. +Didn't feel that. +Late night active session. +Didn't work at the last minute. + +Doesn't feel he has a strong opinion. + +0 +***** G2 + +not excited. +yes (maybe) +***** Y + +- pros: + - technically ok. +- cons: + - afraid about if he would like to work in a quite closed environment. + - not asked much questions, so I'm afraid about a risk of lack of + motivation in the long run. + +XXX: Do you think he is better than you? What will he bring to the team? +***** Ag + +- no test +**** MEETING Interview ; Daniel Petranek :work:meeting: +:LOGBOOK: +CLOCK: [2021-06-08 Tue 16:59]--[2021-06-08 Tue 18:59] => 2:00 +:END: +[2021-06-08 Tue 16:59] +***** Team Presentations + - Y + - Robert Levy + - Matt + - Irina + - G2 + - Ambrose + - Ag + - Mark +***** Daniel + + Came to Clojure, International Economic. + Data + emacs for note taking. + Emacs => Clojure as 1st programming lang. + 1st purely functional Scala shop. + Strongly typed camp. + Mass notification soft, and ton of Clojure. + + Cloud service, and scaling, performance, feature stuff. + Text to speach. + DB performance. + Rate limiting. +***** Demo + +datalog databases + +fullstack demo. +Use juxt.clip same like integrant +***** Questions from Daniel +****** Do you pair program? Process? +****** Use mac or Linux? +***** Questions +****** TODO static type system related. +Which feature do you prefer or do not like in Clojure. +****** Would you feel at ease working on an old code base? + +In our current environment many code architecture choices are already made. +Also within a lot of existing common abstractions: + +- application lifecycle abstraction +- configuration abstraction +- store abstraction +- user and most resources data structure +- identity/route declaration +- testing strategies +- logging (not 100% finished to have structured logs, but very close to completion) +- CI/REPL tooling + +Choice are not completely frozen, far from it, but a lot as already been +tried so adding a new one can be difficult and thus it is a bit hard to +"play" with the existing system. + +Also, the code is in PROD and must be very stable, so any change impacting +all component is generally observed as risky. +****** Documentations? + +How much, how are you documenting. + +Do you feel at ease to work completely async without any chat just via +comments/PR reviews on documents? +****** You mentionned CQRS API, what do you mean by that? +****** You used =defmulti=. Isn't there a contradiction with pure functional programming? +****** Maali schemas bunch of informations to generate datalog schema. +Have you heard about Haskell's servant. +They wrote a book about how they choose to organize this "Pattern" about +having the data driving different attributes of a code (generate servers, +clients, swagger-ui, documentation, etc...)? +For example you haven't used the route definitions to generate the frontend +clients (see =v2-routes=) +****** Macros +What would you call a good useful macros vs a macro that could have +negative impact on the code quality/productivity. +When does a macro is preferable than an emacs yasnippet? +**** IN-PROGRESS Irina 1-1 prep (bis) :work: +:LOGBOOK: +CLOCK: [2021-06-08 Tue 15:12]--[2021-06-08 Tue 16:59] => 1:47 +:END: +[2021-05-27 Thu 08:46] +- ref :: +***** What to talk about? + +1. My personal history with Cisco (presentation) personality/env, etc... +2. when/where I will be the more helpful to you +3. generic welcome advices (the team, SecureX/CTRl, SBG, Cisco) +4. what my day-to-day work looks like +5. what am I relevant for, when should you reach out? +6. the team spirit/ambiance +7. The expected work +8. Work organisation/schedule + + +- Know more about my work: +There is a 1h30 pres from previous week where I presented IROH-Auth to the +larger team. +***** Presentation (History first mine then the Team and the Product) + +1. Ph.D. Machine Learning +2. Post Ph.D. Machine Learning +3. Work for Airfrace (Perl/scripts/web/) +4. Join Vigiglobe via Guillaume (our wives worked together) + a. Social Media Analytics, hire Matt, then G2 + b. lot of pressure, fullstack dev + machine learning + c. rewrite in Clojure (lot of pressure) + d. bad management (SCRUM hell), wrong decisions, lot of pressure +5. Guillaume join Cisco in January, and I join in April. +6. Recruited by Craig & Dean. Craig is the mastermind + a. small team of 8 people, go to Calgary we are the center of attention + (the future!). Meet Al Huger. + b. first year work on CTIA (CTIM) + c. Cisco Threat Response (CTR); names IROH/Visibility/CTR + work on new abstractions / tk-store, inspect, modules, iroh-auth, + admin interface, scripts, help ops. + d. IROH-Auth: => login via AMP (SAML with Guillaume) (no user in DB) + e. IROH-Auth: => login via Threatgrid (OpenId Connect client) + f. IROH-Auth: => become OAuth2 provider (grants: client credentials, + authorization code, implicit) + **User** in DB + g. Huge amount of support to help other team integrate with OAuth2. + h. make implicit grant deprecated + i. SSE Integration (big deal, difficult with many teams) + House made integration (user auth hooks, pass tokens by side channels) + Matthieu implication + j. Orbital (they use our JWT) + k. IROH-Auth: => become an OIDC provider (IROH-Auth can be used as an IdP) + l. **SecureX** (previously called Platform, ...) + Very deep change in IROH-Auth underlying architecture/business logic. + 8 month of intense work. Main change, user have only one + =idp-mapping= and now have multiple =idp-mappings=. Mainly you can + login via different login buttons and different identities into the + same user inside SecureX. + m. Ambrose then Victor join the team + n. Craig & Dean resign both; this is *huge*, reorg even though it was + prepared for one year. + So, Jyoti is put on top of Guillaume, her team (Rob, Ag, Mark) merge + with our team. Namrata / Elias replace Dean/Craig. +***** Advices + +1. *Evaluation*: + Your main evaluation dimension will be *added user value*. + - Cisco promote and encourage their employees, if you are useful you will be rewarded. + - If you are helpful to other Cisco employees, this will also be visible + - If you help to make the internal system work, this will be more + difficult to sell to your manager. So my advice, have a 80/20 maximum + about; 80% working on visible to your manager stuff, 20% on the + necessary/fun stuff. +2. Use Cisco resources, ask for it (I have an iMac for example, which is + completely out of the normal things to get), do not be afraid to reach + other people at Cisco. Note, I am not the best one to follow on this one ;) +3. Try to use start-page, more and more people use it, I think this is a pretty + good starting point (mothership/work.html). + The frequency at which you will use these links (in 1 year from now) will be a good + way to evaluate if you are on the right track. +4. Do not fear to reach out to other people in other room/teams everyone + will be friendly and helpful, this is in fact one of the most important + hidden skill at Cisco. +5. Try to be aware about the CoC (chain of command), because it is not clearly + enforced does not mean it doesn't exists. +6. If you have any issue/problem technical/human/HR anything don't wait, be + vocal about it +7. If you would like to work on something don't let your manager(s) guess + for your ask them. +8. Depending on your tasks you could be overwhelmed by communication channels + (chat, mail, webexes), be prepared to handle this and have +***** Day to Day + +1. Open emacs, check my todo list +2. Morning tours: + - open webex teams, chat morning tour (from 10min to 8h, generally 30min) + I frenquently have messages in the morning from Jyoti and other team + from India, East Europe. + - open mails (from 5min to 30min) + - check the agenda webex invitations + - Check my PRs (if someone has made some review, work on it) + - Check opened PR for review (from 5min to 8h, generally I try to stay + under 2h/day) + - check chat in "the Frenchies" (we try to avoid it more and more) +3. After the tour, check the updated agenda, the new todos, organize the + day/priorities work on it (if I can). Number of chat interuption from + 10h-16h is generally about 4 notifications. +4. During my afternoon (>16h, the US wakes up) + - If no chat interruption continue the work until 18h/19h and stop my + day. + - Frequently one to three meetings, frequently during release weeks + impromptu webex/chat with QA team. + - If chat interruption, stop my work (unless my work is both urgent and + need deep concentration) and focus on the chat. Generally from 16->19h30. + Sometime a bit exceptionnally, work from 08:30pm->01:00am +***** What am I relevant about, when should you reach out? + +- **IROH-Auth**: login, OAuth2, OpenID connect, OAuth2 clients, User/Org/Client + management, **scopes** +- **API Security**: **scopes**, how to use them, organize, etc... +- **TK-Store**: access different DB with interfaces. Has been butchered a bit + by Matthieu with its cache interface, he is aware about it. +- **Inspect**: extract observables (IP, url, hashes, etc...) from raw text +- **Response**: in Module system (iroh-int); now it is more Matthieu +- **Admin interface**: hidden but *very important* +- **Structured logs** (via Riemann/ES): helped get data for management: now + should be moved to G2 (but I am still relevant for kibana access, how to + log in our code, still missing structured log, but we are close) +- **Code architecture**: + - first decided to use lein-monolith (terrible but best from other + terrible choices), then removed it recently. Take a look at + =CONTRIBUTING.md=. Made =tk-tests= see rationale, etc... + - =let-either= in =iroh-int= (monads, etc..) + - =tk-store= is structured with the flaws from stores in CTIA + - =defwebservice= to centralize how our webservices work +***** TODO Team spirit +***** TODO Expected work +***** TODO Work organization/schedule +**** IN-PROGRESS review GH Action :work: +:LOGBOOK: +CLOCK: [2021-06-08 Tue 09:45]--[2021-06-08 Tue 12:25] => 2:40 +:END: +[2021-06-08 Tue 15:09] +**** IN-PROGRESS device flow +:LOGBOOK: +CLOCK: [2021-06-08 Tue 14:11]--[2021-06-08 Tue 15:11] => 1:00 +:END: