:PROPERTIES: :ID: 38a25196-863a-41c8-8c17-772fc9fe9b04 :END: #+Title: Yann's Personal Retrospective 2023 Offsite #+Author: Yann Esposito #+Date: [2023-09-25] * Yann's Personal Retrospective 2023 Offsite ** Short presentation - years of Experience: 22 years (11 in Clojure) - years at Cisco: 7 years (7 in this team) - location: France (GMT+1) *** Anecdotes - Math & Abstractions: ML, Probability Automata, indecidability proofs - bash + Perl + templates CMS with horror stories like HTML Perl template in DB - VG: nodejs, hyperloglog, then clojure, and real time data analysis on a single dimentional object. SCRUM-hate, etc… ** Quick Recap about your main accomplishments these recent years *** XDR - RBAC (technical design) - role introspection endpoint to help UI - Provisioning (with PIAM) - provided script handled to TAC team - HTML templates for IROH-Auth - Feature-Flag script management - Rebrand SXSO to SCSO - Entitlement Summary (technical design) *** Product - Provisioning (with SE, Orbital) - Dynamic Session Token lifetime (Asked by Security/UI Chris Duane) started but cancelled by XDR - Delete duplicate accounts (was allowed first) - Fix Allow all role to login logic (UI bug) - TAC: expose change user role route - Replace some JWT by short random strings in IROH-Auth - UI Session Logout in IROH-Auth - Support displaying virtual users *** Administration - Fix Cross-Region UI bug - Links to kibana to see "master-only" events - Move some OAuth2 clients out of config to DB *** Devs - Matrix role representation - Eithers in Clojure - Improve logs; for SSE proxy, for impersonate - Expose open impersonate for UI devs on INT and TEST - composable ~shell.nix~ to replace docker compose - default-config.edn - config.edn as tree structure - scope aliases ** Old Important things - Structured Logs (riemann not used at its full power) - TK Store (abstraction learned from CTIA's limitation) - Admin UI (first) - Admin UI (second) - Admin scripts (now) ** Working in this Team - What I expected (7 years ago): Work on real time data streaming - What I am doing: Work on Authentication and Authorization - What my day to day looks like? - 50 to 70%: lot of communication via; webex, email, meetings, issues - planning (design, checking timeline) - help people on webex, fix issues, look in kibana, create orgs, create clients, link to documentation, etc…. - 20% to 50%: lot of time thinking about design improvements; - 10% to 20%: lot of time focused on product improvement (not code). - 0% to 20%: code, code review, etc… ** What we should NOT change (tailwind) - Not having daily standup ** What we should improve (headwind) - Not having more focus days. - Advertise that IROH (not XDR, not SecureX, not CTR) + IROH is a platform ** Workstation (demo time optional)