archives
This commit is contained in:
parent
be843e836b
commit
8c890e759e
9 changed files with 1755 additions and 44 deletions
1
.gitignore
vendored
1
.gitignore
vendored
|
@ -1,3 +1,4 @@
|
||||||
ltximg
|
ltximg
|
||||||
HWP/
|
HWP/
|
||||||
.*.icloud
|
.*.icloud
|
||||||
|
.stack-work/
|
||||||
|
|
BIN
Cisco.org.gpg
BIN
Cisco.org.gpg
Binary file not shown.
|
@ -2945,3 +2945,468 @@ Improvement of common knowledge of clojure runtime.
|
||||||
|
|
||||||
@Nargol, I'll try to be online because I'm at the symposium.
|
@Nargol, I'll try to be online because I'm at the symposium.
|
||||||
@Craig, take the buffet :)
|
@Craig, take the buffet :)
|
||||||
|
|
||||||
|
* Tech notes
|
||||||
|
:PROPERTIES:
|
||||||
|
:ARCHIVE_TIME: 2019-04-04 Thu 16:27
|
||||||
|
:ARCHIVE_FILE: ~/.deft/Cisco.org.gpg
|
||||||
|
:ARCHIVE_CATEGORY: Cisco.org
|
||||||
|
:END:
|
||||||
|
** OPS Connect to Int
|
||||||
|
|
||||||
|
To find the IPs:
|
||||||
|
|
||||||
|
https://tg-iroh.signin.aws.amazon.com/console
|
||||||
|
|
||||||
|
Last time IP of =tenzin.int.iroh.site=: 54.165.154.145
|
||||||
|
|
||||||
|
Then
|
||||||
|
|
||||||
|
#+BEGIN_SRC
|
||||||
|
ssh -i ~/.ssh/tenzin_master_int -o IdentitiesOnly=yes ubuntu@tenzin.int.iroh.site
|
||||||
|
sudo su -
|
||||||
|
salt '*iroh-01*' cmd.run "ifconfig"
|
||||||
|
# GET THE IP
|
||||||
|
sudo su -
|
||||||
|
ssh -i /etc/salt/tenzin_master ubuntu@XXX
|
||||||
|
sudo su -
|
||||||
|
#+END_SRC
|
||||||
|
|
||||||
|
And you could do:
|
||||||
|
|
||||||
|
#+BEGIN_SRC
|
||||||
|
cd /srv/iroh; ls -lath
|
||||||
|
service iroh restart
|
||||||
|
lsof -nP | grep LISTEN
|
||||||
|
#+END_SRC
|
||||||
|
|
||||||
|
* Email of users
|
||||||
|
:PROPERTIES:
|
||||||
|
:ARCHIVE_TIME: 2019-04-04 Thu 16:29
|
||||||
|
:ARCHIVE_FILE: ~/.deft/Cisco.org.gpg
|
||||||
|
:ARCHIVE_OLPATH: Epics
|
||||||
|
:ARCHIVE_CATEGORY: Cisco.org
|
||||||
|
:END:
|
||||||
|
|
||||||
|
** channel: email
|
||||||
|
|
||||||
|
Hi Eduardo,
|
||||||
|
|
||||||
|
In order for everyone to be aware of the situation here is a short resume:
|
||||||
|
|
||||||
|
1. Since we're using the IDB, new user records don't not contain an email field in the profile.
|
||||||
|
The IDB does not return that data as specified in the OIDC protocol (see my remark).
|
||||||
|
2. I stated the problem to the IDB team
|
||||||
|
3. In order to mitigate that, for AMP accounts, I luckily found a workaround using a non
|
||||||
|
standard field. Thus, currently, new users and existing users who login via AMP
|
||||||
|
should have an email set in our DB.
|
||||||
|
4. I asked the IDB team again to provide us the email during login also for TG users.
|
||||||
|
|
||||||
|
The current status:
|
||||||
|
|
||||||
|
Our DB should start to be filled with emails for all user that login to CTR.
|
||||||
|
Existing user that do not login won't have their email set.
|
||||||
|
|
||||||
|
If the IDB team find a way to update their configuration to pass down the email
|
||||||
|
information for TG user, the DB might also be filled automatically without
|
||||||
|
work to be done by the CTR team.
|
||||||
|
|
||||||
|
> + Adding Snehal, Craig, and Guillaume for awareness
|
||||||
|
>
|
||||||
|
> Hi Yann,
|
||||||
|
>
|
||||||
|
> Could you please provide an update on the issues 2440 and 2504 around not
|
||||||
|
> getting user emails? There are 1548 user ids from AMP customers with no email
|
||||||
|
> associated.
|
||||||
|
>
|
||||||
|
> Something seems to have changed, since recently we’ve been getting no emails for
|
||||||
|
> new users. This is essential for us to track adoption by product and set up
|
||||||
|
> targeted email campaigns.
|
||||||
|
>
|
||||||
|
> Thanks
|
||||||
|
|
||||||
|
|
||||||
|
* History API via Event Store :TOC_3_gh:QUOTE:
|
||||||
|
:PROPERTIES:
|
||||||
|
:ARCHIVE_TIME: 2019-04-04 Thu 16:29
|
||||||
|
:ARCHIVE_FILE: ~/.deft/Cisco.org.gpg
|
||||||
|
:ARCHIVE_OLPATH: Epics
|
||||||
|
:ARCHIVE_CATEGORY: Cisco.org
|
||||||
|
:END:
|
||||||
|
#+BEGIN_QUOTE
|
||||||
|
- [[#oauth2-provider][OAuth2 Provider]]
|
||||||
|
- [[#workflow][Workflow]]
|
||||||
|
- [[#authorize][=/authorize=]]
|
||||||
|
- [[#approve][=/approve=]]
|
||||||
|
- [[#refuse][=/refuse=]]
|
||||||
|
- [[#token][=/token=]]
|
||||||
|
- [[#oauth2-in-iroh-auth-spec-rfc-second-pass][OAuth2 in IROH-Auth Spec RFC second pass]]
|
||||||
|
- [[#vocabulary][Vocabulary]]
|
||||||
|
- [[#client-registration][Client Registration]]
|
||||||
|
- [[#protocol-endpoints][Protocol Endpoints]]
|
||||||
|
- [[#obtaining-authorization][Obtaining Authorization]]
|
||||||
|
- [[#oauth2-provider-epic][OAuth2 Provider Epic]]
|
||||||
|
- [[#functional-spec][Functional Spec]]
|
||||||
|
- [[#tasks][Tasks]]
|
||||||
|
- [[#technical-spec][Technical Spec]]
|
||||||
|
- [[#oauth2-epics-3rd-pass][OAuth2 Epics (3rd pass)]]
|
||||||
|
- [[#spa-compatible-oauth2][SPA compatible OAuth2]]
|
||||||
|
- [[#users-made-oauth2-clients][User's made OAuth2 clients]]
|
||||||
|
- [[#internal-user-representation][Internal User Representation]]
|
||||||
|
- [[#oauth2-client-credentials-grant][OAuth2 Client Credentials Grant]]
|
||||||
|
- [[#iroh-admin-dashboard][IROH Admin Dashboard]]
|
||||||
|
- [[#oauth2-enhancements][OAuth2 Enhancements]]
|
||||||
|
- [[#scopes-dictionary][Scopes Dictionary]]
|
||||||
|
- [[#document-for-raghavaiah][Document for Raghavaiah]]
|
||||||
|
- [[#franks-proposal-auth-config-untangling][Frank's proposal; Auth config untangling]]
|
||||||
|
- [[#int][INT]]
|
||||||
|
- [[#test][TEST]]
|
||||||
|
- [[#proposal][Proposal]]
|
||||||
|
- [[#int-1][INT]]
|
||||||
|
- [[#prod-nam][PROD NAM]]
|
||||||
|
- [[#prod-eu][PROD EU]]
|
||||||
|
- [[#prod-apjc][PROD APJC]]
|
||||||
|
- [[#test-1][TEST]]
|
||||||
|
- [[#daily-standup-meeting][Daily Standup Meeting]]
|
||||||
|
- [[#2019-02-27-wed][<2019-02-27 Wed>]]
|
||||||
|
- [[#release-119][release 1.19]]
|
||||||
|
- [[#individual-updates][individual updates]]
|
||||||
|
- [[#uiux][UI/UX]]
|
||||||
|
- [[#misc][Misc]]
|
||||||
|
- [[#2019-02-25-mon][<2019-02-25 Mon>]]
|
||||||
|
- [[#2019-01-18-fri][<2019-01-18 Fri>]]
|
||||||
|
- [[#individual-update][Individual update]]
|
||||||
|
- [[#2019-01-23-wed][<2019-01-23 Wed>]]
|
||||||
|
- [[#ops][ops]]
|
||||||
|
- [[#rel-116][rel 1.16]]
|
||||||
|
- [[#individual-update-1][Individual update]]
|
||||||
|
- [[#ux-design-update][UX Design update]]
|
||||||
|
- [[#design-update][Design update]]
|
||||||
|
- [[#2019-01-11-fri][<2019-01-11 Fri>]]
|
||||||
|
- [[#ops-weather-report][Ops Weather Report]]
|
||||||
|
- [[#individual-reports][Individual Reports]]
|
||||||
|
- [[#design][Design]]
|
||||||
|
- [[#2019-01-09-wed][<2019-01-09 Wed>]]
|
||||||
|
- [[#ops-1][Ops]]
|
||||||
|
- [[#reports][Reports]]
|
||||||
|
- [[#2019-01-08-tue][<2019-01-08 Tue>]]
|
||||||
|
- [[#ops-2][OPS]]
|
||||||
|
- [[#release-status][Release Status]]
|
||||||
|
- [[#angela][Angela]]
|
||||||
|
- [[#2019-01-04-fri][<2019-01-04 Fri>]]
|
||||||
|
- [[#2018-12-07-fri][<2018-12-07 Fri>]]
|
||||||
|
- [[#topics][Topics]]
|
||||||
|
- [[#ops-3][Ops]]
|
||||||
|
- [[#rel][Rel]]
|
||||||
|
- [[#2018-11-28-wed][<2018-11-28 Wed>]]
|
||||||
|
- [[#release-114][release 1.14]]
|
||||||
|
- [[#ops-report][Ops report]]
|
||||||
|
- [[#individual-report][Individual Report]]
|
||||||
|
- [[#ux-design-report][UX Design Report]]
|
||||||
|
- [[#2018-11-26-mon][<2018-11-26 Mon>]]
|
||||||
|
- [[#2019-01-11-fri-1][<2019-01-11 Fri>]]
|
||||||
|
- [[#2018-11-19-mon][<2018-11-19 Mon>]]
|
||||||
|
- [[#ops-4][Ops]]
|
||||||
|
- [[#ui][UI]]
|
||||||
|
- [[#individual-reports-1][Individual reports]]
|
||||||
|
- [[#jwt-lifetime][JWT lifetime]]
|
||||||
|
- [[#2018-10-31-wed][<2018-10-31 Wed>]]
|
||||||
|
- [[#individual-reports-2][Individual Reports]]
|
||||||
|
- [[#2018-10-22-mon][<2018-10-22 Mon>]]
|
||||||
|
- [[#individual-updates-1][Individual Updates]]
|
||||||
|
- [[#2018-10-10-wed][<2018-10-10 Wed>]]
|
||||||
|
- [[#2018-10-01-mon][<2018-10-01 Mon>]]
|
||||||
|
- [[#2018-09-19-wed][<2018-09-19 Wed>]]
|
||||||
|
- [[#ops-weather-reports][Ops weather reports]]
|
||||||
|
- [[#release-report][Release report]]
|
||||||
|
- [[#doc-report][Doc report]]
|
||||||
|
- [[#personal-report][Personal report]]
|
||||||
|
- [[#ux-update][UX Update]]
|
||||||
|
- [[#pto][PTO]]
|
||||||
|
- [[#2018-09-18-tue][<2018-09-18 Tue>]]
|
||||||
|
- [[#2018-09-11-tue-secretary-nola][<2018-09-11 Tue> Secretary: Nola]]
|
||||||
|
- [[#topics-1][Topics]]
|
||||||
|
- [[#pr-merge][PR merge]]
|
||||||
|
- [[#pto-1][PTO]]
|
||||||
|
- [[#2018-09-10-mon][<2018-09-10 Mon>]]
|
||||||
|
- [[#yann][Yann]]
|
||||||
|
- [[#ux-design][UX Design]]
|
||||||
|
- [[#idp-issue][IdP Issue]]
|
||||||
|
- [[#2018-08-14-tue][<2018-08-14 Tue>]]
|
||||||
|
- [[#2018-08-17-fri][<2018-08-17 Fri>]]
|
||||||
|
- [[#topics-2][Topics]]
|
||||||
|
- [[#ops-report-1][Ops report]]
|
||||||
|
- [[#individual-reports-3][Individual Reports]]
|
||||||
|
- [[#ux-design-update-1][UX Design Update]]
|
||||||
|
- [[#pto-2][PTO]]
|
||||||
|
- [[#2018-08-13-mon-secretary-paula][<2018-08-13 Mon> Secretary Paula]]
|
||||||
|
- [[#individual-report-1][Individual report]]
|
||||||
|
- [[#2018-08-08-wed-secretary-john][<2018-08-08 Wed> Secretary John]]
|
||||||
|
- [[#individual-report-2][Individual Report]]
|
||||||
|
- [[#2018-08-07-tue][<2018-08-07 Tue>]]
|
||||||
|
- [[#brian][Brian]]
|
||||||
|
- [[#2018-08-06-mon][<2018-08-06 Mon>]]
|
||||||
|
- [[#bart-resigned-by-mail][Bart resigned (by mail)]]
|
||||||
|
- [[#individual-report-3][Individual report]]
|
||||||
|
- [[#2018-08-03-fri][<2018-08-03 Fri>]]
|
||||||
|
- [[#topic][Topic]]
|
||||||
|
- [[#individual-update-2][Individual Update]]
|
||||||
|
- [[#ops-report-2][Ops Report]]
|
||||||
|
- [[#release-status-1][Release Status]]
|
||||||
|
- [[#2018-08-01-wed][<2018-08-01 Wed>]]
|
||||||
|
- [[#topics-3][Topics]]
|
||||||
|
- [[#update-from-craig][Update from Craig]]
|
||||||
|
- [[#individual-reports-4][Individual Reports]]
|
||||||
|
- [[#blocking-bug-622][Blocking Bug #622]]
|
||||||
|
- [[#ops-5][Ops]]
|
||||||
|
- [[#pto-3][PTO]]
|
||||||
|
- [[#2018-07-25-wed-secretary-matt][<2018-07-25 Wed> Secretary Matt]]
|
||||||
|
- [[#individual-reports-5][Individual Reports]]
|
||||||
|
- [[#2018-07-24-tue][<2018-07-24 Tue>]]
|
||||||
|
- [[#release][Release]]
|
||||||
|
- [[#operation-report][Operation Report]]
|
||||||
|
- [[#release-notes][Release Notes]]
|
||||||
|
- [[#2018-07-23-mon-secretary-alex][<2018-07-23 Mon> Secretary Alex]]
|
||||||
|
- [[#individual-reports-6][Individual Reports]]
|
||||||
|
- [[#2018-07-17-tue][<2018-07-17 Tue>]]
|
||||||
|
- [[#topics-4][Topics]]
|
||||||
|
- [[#2018-07-16-mon][<2018-07-16 Mon>]]
|
||||||
|
- [[#topics-5][Topics]]
|
||||||
|
- [[#individual-reports-7][Individual Reports]]
|
||||||
|
- [[#2018-07-13-fri][<2018-07-13 Fri>]]
|
||||||
|
- [[#2018-07-11-wed-secretary-bart][<2018-07-11 Wed> Secretary: Bart]]
|
||||||
|
- [[#individual-update-3][Individual update]]
|
||||||
|
- [[#release-deployment-day][Release Deployment Day]]
|
||||||
|
- [[#conversation-in-the-iroh-channel][conversation in the IROH channel]]
|
||||||
|
- [[#soliciting-topic][soliciting topic]]
|
||||||
|
- [[#impersonate-api][impersonate API]]
|
||||||
|
- [[#integrating-with-amp-test-env][integrating with AMP test env]]
|
||||||
|
- [[#update-from-john][update from John]]
|
||||||
|
- [[#2018-07-09-mon][<2018-07-09 Mon>]]
|
||||||
|
- [[#release-1][Release]]
|
||||||
|
- [[#pto-4][PTO]]
|
||||||
|
- [[#][...]]
|
||||||
|
- [[#2018-07-06-fri-secretary-jesse][<2018-07-06 Fri> Secretary Jesse]]
|
||||||
|
- [[#release-2][Release]]
|
||||||
|
- [[#discovery][Discovery]]
|
||||||
|
- [[#bart-demo][Bart Demo]]
|
||||||
|
- [[#upcoming-pto][Upcoming PTO]]
|
||||||
|
- [[#2018-07-04-wed][<2018-07-04 Wed>]]
|
||||||
|
- [[#2018-07-03-tue][<2018-07-03 Tue>]]
|
||||||
|
- [[#2018-06-29-fri][<2018-06-29 Fri>]]
|
||||||
|
- [[#iroh-ui][IROH UI]]
|
||||||
|
- [[#pto-5][PTO]]
|
||||||
|
- [[#2018-06-22-fri-secretary-yann][<2018-06-22 Fri> Secretary Yann]]
|
||||||
|
- [[#release-status-2][Release Status]]
|
||||||
|
- [[#ops-report-3][Ops Report]]
|
||||||
|
- [[#ttp-headnodes][TTP Headnodes]]
|
||||||
|
- [[#pto-update][PTO update]]
|
||||||
|
- [[#question-about-possible-users-information-leaks-in-the-kibana-logs][Question about possible user's information leaks in the kibana logs]]
|
||||||
|
- [[#2018-06-15-fri][<2018-06-15 Fri>]]
|
||||||
|
- [[#2018-06-01-fri][<2018-06-01 Fri>]]
|
||||||
|
- [[#ops-status-aws-outage][OPS status (AWS outage)]]
|
||||||
|
- [[#ui-status-update][UI Status update]]
|
||||||
|
- [[#naga-status-update][Naga Status Update]]
|
||||||
|
- [[#certifcate-expiration][Certifcate expiration]]
|
||||||
|
- [[#kibana-dashboard][Kibana dashboard.]]
|
||||||
|
- [[#pto-6][PTO]]
|
||||||
|
- [[#2018-05-30-wed-secretary-bart][<2018-05-30 Wed> Secretary: Bart]]
|
||||||
|
- [[#2018-05-23-wed][<2018-05-23 Wed>]]
|
||||||
|
- [[#2018-05-14-mon-secretary-jesse][<2018-05-14 Mon> Secretary: Jesse]]
|
||||||
|
- [[#2018-04-24-tue-secretary-chris][<2018-04-24 Tue> Secretary: Chris]]
|
||||||
|
- [[#2018-04-23-mon-secretary-jesse][<2018-04-23 Mon> Secretary: Jesse]]
|
||||||
|
- [[#2018-04-11-wed][<2018-04-11 Wed>]]
|
||||||
|
- [[#2018-03-27-tue-secretary-daniel][<2018-03-27 Tue> Secretary: Daniel]]
|
||||||
|
- [[#release-3][release]]
|
||||||
|
- [[#2018-03-14-wed-secretary-daniel][<2018-03-14 Wed> Secretary: Daniel]]
|
||||||
|
- [[#2018-03-02-fri-secretary-craig][<2018-03-02 Fri> Secretary: Craig]]
|
||||||
|
- [[#2018-02-28-wed-secretary-yann][<2018-02-28 Wed> Secretary: Yann]]
|
||||||
|
- [[#saml-vulnerability][SAML Vulnerability]]
|
||||||
|
- [[#blocked-on-es-maximum-nb-of-field-error][Blocked on ES maximum nb of field error]]
|
||||||
|
- [[#blocked][Blocked]]
|
||||||
|
- [[#some-dev-start-to-become-painful][Some dev start to become painful]]
|
||||||
|
- [[#release-status-3][Release status]]
|
||||||
|
- [[#cisco-anyconnect-problem][Cisco AnyConnect Problem]]
|
||||||
|
- [[#2018-02-27-tue-secretary-paula][<2018-02-27 Tue> Secretary: Paula]]
|
||||||
|
- [[#report-from-berlin][Report from Berlin]]
|
||||||
|
- [[#int--test][Int / Test]]
|
||||||
|
- [[#2018-02-26-mon-secretary-alex][<2018-02-26 Mon> Secretary: Alex]]
|
||||||
|
- [[#tg-login][TG Login]]
|
||||||
|
- [[#tenzin-conf][Tenzin Conf]]
|
||||||
|
- [[#offsite][Offsite]]
|
||||||
|
- [[#2018-02-23-fri][<2018-02-23 Fri>]]
|
||||||
|
- [[#2018-02-19-mon-secretary-jesse][<2018-02-19 Mon> Secretary: Jesse]]
|
||||||
|
- [[#2018-02-07-wed-secretary-yann][<2018-02-07 Wed> Secretary: Yann]]
|
||||||
|
- [[#wait_for-for-refresh-in-es-impact][wait_for for refresh in ES impact]]
|
||||||
|
- [[#chris-stuck-too-long-on-1225][Chris: stuck too long on #1225]]
|
||||||
|
- [[#release-status-4][Release status]]
|
||||||
|
- [[#2018-02-05-mon-secretary-chris][<2018-02-05 Mon> Secretary: Chris]]
|
||||||
|
- [[#2018-02-01-thu-secretary-alex][<2018-02-01 Thu> Secretary: Alex]]
|
||||||
|
- [[#2018-01-31-wed-secretary-matt][<2018-01-31 Wed> Secretary: Matt]]
|
||||||
|
- [[#spectre-patches][Spectre patches]]
|
||||||
|
- [[#ctia-investigate-issue][CTIA Investigate Issue]]
|
||||||
|
- [[#html-route][HTML route]]
|
||||||
|
- [[#2018-01-30-tue-secretary-brian][<2018-01-30 Tue> Secretary: Brian]]
|
||||||
|
- [[#scratchpad-service-guillaume][Scratchpad Service (Guillaume)]]
|
||||||
|
- [[#error-reporting-in-iroh-ui-interface-jesse][Error Reporting in IROH UI Interface (Jesse)]]
|
||||||
|
- [[#amp-visibility-design-recap][AMP Visibility design recap]]
|
||||||
|
- [[#amp-visibility-builds][AMP Visibility Builds]]
|
||||||
|
- [[#2018-01-29-mon-secretary-houman][<2018-01-29 Mon> Secretary: Houman]]
|
||||||
|
- [[#status-of-the-release][Status of The release]]
|
||||||
|
- [[#investigation--snapshots--incident--scratchpads][Investigation & Snapshots / Incident & Scratchpads]]
|
||||||
|
- [[#ui-rewrite][UI rewrite?]]
|
||||||
|
- [[#2018-01-25-thu-secretary][<2018-01-25 Thu> Secretary:]]
|
||||||
|
- [[#2018-01-24-wed-secretary-paula][<2018-01-24 Wed> Secretary: Paula]]
|
||||||
|
- [[#timeout-issue][Timeout issue]]
|
||||||
|
- [[#client-lib-visibility-lib][Client Lib, Visibility Lib]]
|
||||||
|
- [[#deadline][Deadline]]
|
||||||
|
- [[#metrics-we-need-in-production][Metrics we need in production]]
|
||||||
|
- [[#2018-01-22-mon-secretary-guillaume][<2018-01-22 Mon> Secretary: Guillaume]]
|
||||||
|
- [[#contact-to-tg-integration][Contact to TG Integration]]
|
||||||
|
- [[#amp-global-intel-next-step][AMP Global Intel Next Step]]
|
||||||
|
- [[#iroh-ui-1][IROH-UI]]
|
||||||
|
- [[#2018-01-18-thu-secretary-jesse][<2018-01-18 Thu> Secretary: Jesse]]
|
||||||
|
- [[#2018-01-17-wed-secretary-alex][<2018-01-17 Wed> Secretary: Alex]]
|
||||||
|
- [[#2018-01-16-tue-secretary-yann][<2018-01-16 Tue> Secretary: Yann]]
|
||||||
|
- [[#prod-patching-meltdown][Prod Patching Meltdown]]
|
||||||
|
- [[#tg-indicator][TG indicator]]
|
||||||
|
- [[#2018-01-11-thu-secretary-chris][<2018-01-11 Thu> Secretary: Chris]]
|
||||||
|
- [[#story-boards][Story boards]]
|
||||||
|
- [[#2018-01-10-wed-secretary-sam][<2018-01-10 Wed> Secretary: Sam]]
|
||||||
|
- [[#status-update][status update]]
|
||||||
|
- [[#2018-01-09-tue][<2018-01-09 Tue>]]
|
||||||
|
- [[#offsite-1][offsite]]
|
||||||
|
- [[#yesterday-meeting][yesterday meeting]]
|
||||||
|
- [[#update-ui-stuff][update UI stuff]]
|
||||||
|
- [[#job-description][Job description]]
|
||||||
|
- [[#2018-01-08-mon][<2018-01-08 Mon>]]
|
||||||
|
- [[#2018-01-05-fri][<2018-01-05 Fri>]]
|
||||||
|
- [[#secretary-alex][Secretary @Alex]]
|
||||||
|
- [[#ui-breakout][UI breakout]]
|
||||||
|
- [[#project-boards][Project Board(s)]]
|
||||||
|
- [[#offsite-2][Offsite]]
|
||||||
|
- [[#new-position][New position]]
|
||||||
|
- [[#2018-01-04-thu][<2018-01-04 Thu>]]
|
||||||
|
- [[#2018-01-03-wed][<2018-01-03 Wed>]]
|
||||||
|
- [[#2018-01-02-tue][<2018-01-02 Tue>]]
|
||||||
|
- [[#craig][Craig]]
|
||||||
|
- [[#2017-12-04][<2017-12-04>]]
|
||||||
|
- [[#2017-11-29][<2017-11-29>]]
|
||||||
|
- [[#2017-11-28][<2017-11-28>]]
|
||||||
|
- [[#2017-10-27][<2017-10-27>]]
|
||||||
|
- [[#2017-10-26][<2017-10-26>]]
|
||||||
|
- [[#2017-10-18---nil][<2017-10-18> - nil]]
|
||||||
|
- [[#2017-10-17---nil][<2017-10-17> - nil]]
|
||||||
|
- [[#2017-10-16][<2017-10-16>]]
|
||||||
|
- [[#2017-09-26][<2017-09-26>]]
|
||||||
|
- [[#tech-notes][Tech notes]]
|
||||||
|
- [[#ops-connect-to-int][OPS Connect to Int]]
|
||||||
|
- [[#email-of-users][Email of users]]
|
||||||
|
- [[#channel-email][channel: email]]
|
||||||
|
- [[#introduction][Introduction]]
|
||||||
|
- [[#plan][Plan]]
|
||||||
|
- [[#part-1][Part 1]]
|
||||||
|
- [[#part-2][Part 2]]
|
||||||
|
- [[#technical-details][Technical Details]]
|
||||||
|
#+END_QUOTE
|
||||||
|
|
||||||
|
** Introduction
|
||||||
|
|
||||||
|
Multiple recent features/changes would be improved by a system to keep
|
||||||
|
track of history events (see #2370, #2425, #2426).
|
||||||
|
|
||||||
|
- keep track of login dates (right now, we only keep track of the
|
||||||
|
latest 5 login dates, we also can't keep much meta infos about those
|
||||||
|
logins like IP addresses, HTTP referrers, etc...)
|
||||||
|
- Administrative tasks, a new notion of role will give some user the
|
||||||
|
right to manage resources like other users / other OAuth2 clients.
|
||||||
|
As such we should keep track of who is doing what and when to
|
||||||
|
prevent subtle attack and/or errors.
|
||||||
|
|
||||||
|
For now, all these information can be gathered through our internal logging
|
||||||
|
system. I think this should become an internal API. Typically our customer will
|
||||||
|
want to know who is the admin that blocked some user and when.
|
||||||
|
|
||||||
|
** Plan
|
||||||
|
|
||||||
|
*** Part 1
|
||||||
|
|
||||||
|
Keep track of:
|
||||||
|
|
||||||
|
- user logins
|
||||||
|
- user profile updates
|
||||||
|
- client updates (who modified the client and when)
|
||||||
|
|
||||||
|
I think we should start with a very small plan first. We could take
|
||||||
|
advantage of the current events we are sending to Riemann and put those
|
||||||
|
events (or only part of them) in a searchable store. The advantage is
|
||||||
|
that we already have a service with a clear and simple API and is used
|
||||||
|
in many different other services.
|
||||||
|
|
||||||
|
We should then impose stronger constraints to the event format. It
|
||||||
|
should be beneficial for both internal API and analysis via Kibana (the
|
||||||
|
team responsible to analyse user behaviour expressed difficulties in
|
||||||
|
dealing with the lack of common format and missing infos for some
|
||||||
|
events).
|
||||||
|
|
||||||
|
This approach will also make it easier to simplify the internal
|
||||||
|
structure of the client object and be able to remove details about the
|
||||||
|
internal workflow in that object (and also others). Typically, it should
|
||||||
|
remove the need for many metadatas of the object (updated-by,
|
||||||
|
approval-status, etc...)
|
||||||
|
|
||||||
|
During this first step the events should correspond to *things that
|
||||||
|
happened* and as such should be named in past tense (*User Blocked*,
|
||||||
|
*Client Deleted*, etc...).
|
||||||
|
|
||||||
|
*** Part 2
|
||||||
|
|
||||||
|
/remark/: Part 2 is out of the scope of this issue and should be its own issue
|
||||||
|
later.
|
||||||
|
|
||||||
|
I think we should think about not only using "Events" (things that
|
||||||
|
happened in the past) but also /Commands/ (requests for things to
|
||||||
|
happen, named with verb in imperative mood). And from there we might
|
||||||
|
start to create /Aggregates/ (read-only views constructed from events).
|
||||||
|
Using this architecture, a single events would be able to be used to
|
||||||
|
provide different views (historical views about a single client, list of
|
||||||
|
users that modified clients in the past, stats about users, etc...)
|
||||||
|
|
||||||
|
** Technical Details
|
||||||
|
|
||||||
|
- create an Event Store that can also be a CRUDStore to be searchable. I think
|
||||||
|
it should be backed by PostgreSQL to ease views when we might need to make
|
||||||
|
joins.
|
||||||
|
- the =Event= schema should contain an =event-type= this should always be named in
|
||||||
|
the past tense. (note this structure provide a quite good template for events
|
||||||
|
structure that could ease the search in kibana in the future)
|
||||||
|
#+BEGIN_SRC clojure
|
||||||
|
(s/defschema Event
|
||||||
|
{:event-type s/Keyword ;; prefer namespaced keywords that should link to a schema
|
||||||
|
:event-params {s/Any s/Any} ;; some printable hash-map that match the schema linked by event-type
|
||||||
|
:emiter
|
||||||
|
(st/optional-keys
|
||||||
|
{:service s/Keyword ;; should be an service-name
|
||||||
|
:user-id s/Str ;; should be the user-id of the person responsible for the event
|
||||||
|
:client-id s/Str ;; if the operation is done via a client provide the client-id
|
||||||
|
:impersonated-by s/Str ;; if impersonated should provide the user-id of the master user
|
||||||
|
:user User ;; all gory details about the User
|
||||||
|
:org Org ;; all gory details about the org
|
||||||
|
})})
|
||||||
|
#+END_SRC
|
||||||
|
|
||||||
|
- update the riemann-reporter service to be able to write to multiple stores and
|
||||||
|
with the ability to filter on set of event-types. So we could create stores
|
||||||
|
that could contains only some event-types. Also provide a list of event fields to track.
|
||||||
|
As riemann event-store will want all the details about an event while event in a searchable
|
||||||
|
store should not.
|
||||||
|
- provide another =send-event= method for the =riemann-reporter= service to be able to send
|
||||||
|
event with all the mandatory infos, take care of removing all user / org infos from the event destined
|
||||||
|
#+BEGIN_SRC clojure
|
||||||
|
(s/defn send-event [event-type event-params emiter-infos] :- Event ...)
|
||||||
|
#+END_SRC
|
||||||
|
- update the =send-event= call to match the correct format and configure one
|
||||||
|
searchable store of riemann reporter store to track those events.
|
||||||
|
- update the =/login= handler not to put login dates infos in the user object.
|
||||||
|
- update the =/profile= endpoint to use thoses events to display latests login dates.
|
||||||
|
|
||||||
|
|
14
TODO.org
14
TODO.org
|
@ -1,6 +1,6 @@
|
||||||
#+Title:TODO
|
#+Title:TODO
|
||||||
#+Author: Yann Esposito
|
#+Author: Yann Esposito
|
||||||
#+TODO: TODO IN-PROGRESS WAIT | DONE CANCELED
|
#+TODO: TODO IN-PROGRESS HOLD WAITING | DONE CANCELED
|
||||||
#+COLUMNS: %TODO %3PRIORITY %40ITEM(Task) %17Effort(Estimated Effort){:} %CLOCKSUM %8TAGS(TAG)
|
#+COLUMNS: %TODO %3PRIORITY %40ITEM(Task) %17Effort(Estimated Effort){:} %CLOCKSUM %8TAGS(TAG)
|
||||||
|
|
||||||
Paris 7h10 - 8h45, à Londre, 15 mars
|
Paris 7h10 - 8h45, à Londre, 15 mars
|
||||||
|
@ -29,7 +29,6 @@ Les languages de programmation fonctionnels ont introduits récemment l'usage de
|
||||||
structures de données immuables. Nous verrons comment celà facilite énormément
|
structures de données immuables. Nous verrons comment celà facilite énormément
|
||||||
l'écriture de programmes parallèles et concurrents.
|
l'écriture de programmes parallèles et concurrents.
|
||||||
|
|
||||||
|
|
||||||
*** DONE Virement maman 3000€
|
*** DONE Virement maman 3000€
|
||||||
CLOSED: [2019-03-29 Fri 09:23]
|
CLOSED: [2019-03-29 Fri 09:23]
|
||||||
- IBAN: FR28 3000 2028 2100 0005 8155 N89
|
- IBAN: FR28 3000 2028 2100 0005 8155 N89
|
||||||
|
@ -58,8 +57,8 @@ l'écriture de programmes parallèles et concurrents.
|
||||||
Tel: 09 80 89 95 31
|
Tel: 09 80 89 95 31
|
||||||
|
|
||||||
** Meetup Lamda Riviera :geek:
|
** Meetup Lamda Riviera :geek:
|
||||||
** Projects :dev:geek:
|
** Projects :dev:geek:
|
||||||
*** TODO Write a comments system
|
*** IN-PROGRESS Write a comments system
|
||||||
|
|
||||||
Requirements:
|
Requirements:
|
||||||
|
|
||||||
|
@ -109,7 +108,8 @@ Requirements:
|
||||||
https://man.sr.ht/installation.md)
|
https://man.sr.ht/installation.md)
|
||||||
- Something rawer like gpm?
|
- Something rawer like gpm?
|
||||||
**** TODO Enhance Domain Name hoster to better support letsencrypt (typically CAA I think)
|
**** TODO Enhance Domain Name hoster to better support letsencrypt (typically CAA I think)
|
||||||
*** =gpm= todo / wiki / docs, etc... :dweb:
|
*** CANCELED =gpm= todo / wiki / docs, etc... :dweb:
|
||||||
|
CLOSED: [2019-04-14 Sun 20:00]
|
||||||
**** DONE Doc
|
**** DONE Doc
|
||||||
CLOSED: [2018-11-17 Sat 13:07]
|
CLOSED: [2018-11-17 Sat 13:07]
|
||||||
Write a tool to handle the following workflow.
|
Write a tool to handle the following workflow.
|
||||||
|
@ -165,8 +165,8 @@ Requirements:
|
||||||
CLOSED: [2019-03-03 Sun 15:08]
|
CLOSED: [2019-03-03 Sun 15:08]
|
||||||
***** DONE Ignore patterns
|
***** DONE Ignore patterns
|
||||||
CLOSED: [2019-03-02 Sat 20:07]
|
CLOSED: [2019-03-02 Sat 20:07]
|
||||||
***** TODO [#C] Use a split and Index on n-grams to match for all bots fast
|
***** HOLD [#C] Use a split and Index on n-grams to match for all bots fast
|
||||||
***** TODO [#C] User regex?
|
***** HOLD [#C] User regex?
|
||||||
**** TODO Enhance Producer by retrieving all post/comments [[https://intoli.com/blog/f5bot/][f5bot]]
|
**** TODO Enhance Producer by retrieving all post/comments [[https://intoli.com/blog/f5bot/][f5bot]]
|
||||||
**** TODO Send mails on matches
|
**** TODO Send mails on matches
|
||||||
**** TODO Dev/Ops Improvement
|
**** TODO Dev/Ops Improvement
|
||||||
|
|
13
agenda.org
Normal file
13
agenda.org
Normal file
|
@ -0,0 +1,13 @@
|
||||||
|
* Agenda
|
||||||
|
** TODO yet another thing to test
|
||||||
|
:LOGBOOK:
|
||||||
|
CLOCK: [2019-04-15 Mon 00:35]--[2019-04-15 Mon 00:35] => 0:00
|
||||||
|
:END:
|
||||||
|
[2019-04-15 Mon 00:35]
|
||||||
|
[[file:~/.spacemacs::'(org-agenda-files%20'("~/.deft/agenda.org"))]]
|
||||||
|
** TODO xxx
|
||||||
|
:LOGBOOK:
|
||||||
|
CLOCK: [2019-04-15 Mon 00:36]--[2019-04-15 Mon 00:36] => 0:00
|
||||||
|
:END:
|
||||||
|
[2019-04-15 Mon 00:36]
|
||||||
|
[[file:~/.spacemacs::'(org-refile-targets%20'((nil%20:maxlevel%20.%209)]]
|
72
cisco-epic-feature-flag-by-env.org
Normal file
72
cisco-epic-feature-flag-by-env.org
Normal file
|
@ -0,0 +1,72 @@
|
||||||
|
#+Title:Cisco Epic Feature Flag by Env
|
||||||
|
#+Author: Yann Esposito
|
||||||
|
#+LANGUAGE: en
|
||||||
|
#+TODO: TODO IN-PROGRESS WAIT | DONE CANCELED
|
||||||
|
|
||||||
|
* Feature Flag by Env :TOC_3_gh:QUOTE:
|
||||||
|
#+BEGIN_QUOTE
|
||||||
|
- [[#requirement][Requirement]]
|
||||||
|
- [[#current-status][Current status]]
|
||||||
|
- [[#proposed-solution][Proposed Solution.]]
|
||||||
|
- [[#feature-flag-block-in-configedn][Feature Flag Block in =config.edn=]]
|
||||||
|
#+END_QUOTE
|
||||||
|
|
||||||
|
** Requirement
|
||||||
|
|
||||||
|
> Craig Brozefsky Yesterday, 17:04
|
||||||
|
> Matt: No orgs in EU should have devices scope
|
||||||
|
|
||||||
|
*** Current status
|
||||||
|
|
||||||
|
Until now we managed feature flag for an entire release. As such the
|
||||||
|
feature-flag was 100% held in the code, not in the deployement conf.
|
||||||
|
|
||||||
|
There are two methods used until today to manage feature-flags:
|
||||||
|
|
||||||
|
1. scopes
|
||||||
|
2. service launch (in bootstrap.cfg)
|
||||||
|
3. control via config (in config.edn)
|
||||||
|
|
||||||
|
The current requirement only talks about the =sse= scope.
|
||||||
|
In fact we could (should) also prevent the =sse-service= to be launched.
|
||||||
|
|
||||||
|
Note that scope handling is generally not trivial:
|
||||||
|
|
||||||
|
- CTR use the scope as the single dimension to handle authorizations. One
|
||||||
|
consequence is that the notion of /role/ is not really meaningful in the CTR
|
||||||
|
code. The /role/ is only used from the info provided by the IdP and then
|
||||||
|
interpreted as a set of scopes (which can change dynamically, for exemple we
|
||||||
|
can attribute additional scopes to some org or user). It is also planned to
|
||||||
|
provide the ability for admin users to change the scopes of other users of
|
||||||
|
their org.
|
||||||
|
|
||||||
|
** Proposed Solution.
|
||||||
|
|
||||||
|
*** Feature Flag Block in =config.edn=
|
||||||
|
|
||||||
|
That way it would be possible to not only handle scopes but also manage the
|
||||||
|
feature flag in some specific part of the code. Typically we could use that flag
|
||||||
|
to ignore some conf, and to not initialize fully some service.
|
||||||
|
|
||||||
|
**** Service Launch Handling
|
||||||
|
|
||||||
|
- If a service is started but its presence is not necessary when the feature
|
||||||
|
flag is off. The service should not really init itself fully and only return a
|
||||||
|
nil context and the methods should also returns nil silently
|
||||||
|
|
||||||
|
**** Scope Handling
|
||||||
|
|
||||||
|
Depending of the feature flag we might add an additional step during login we
|
||||||
|
might "add" some new scopes and "remove some". If that's the case we might also
|
||||||
|
change the JWT version dyamically.
|
||||||
|
|
||||||
|
I would suggest something like:
|
||||||
|
|
||||||
|
|
||||||
|
#+BEGIN_SRC clojure
|
||||||
|
(defn dyn-jwt-version [activated-features]
|
||||||
|
(string/join "-" (cons static-jwt-version activated-features))
|
||||||
|
#+END_SRC
|
||||||
|
|
||||||
|
That would produce version such as: =v1.23=, =v1.23-sse=, =v1.23-sse-scim=,
|
||||||
|
etc...
|
BIN
journal.org.gpg
BIN
journal.org.gpg
Binary file not shown.
4
refile.org
Normal file
4
refile.org
Normal file
|
@ -0,0 +1,4 @@
|
||||||
|
#+FILETAGS: REFILE
|
||||||
|
* Tasks
|
||||||
|
* Notes
|
||||||
|
* Agenda
|
Loading…
Reference in a new issue