402 lines
14 KiB
HTML
402 lines
14 KiB
HTML
<!DOCTYPE html>
|
|
<html xmlns="http://www.w3.org/1999/xhtml" lang="" xml:lang="">
|
|
<head>
|
|
<meta charset="utf-8" />
|
|
<meta name="generator" content="pandoc" />
|
|
<meta name="viewport" content="width=device-width, initial-scale=1.0, user-scalable=yes" />
|
|
<meta name="dcterms.date" content="2023-05-03" />
|
|
<title>Yann FY23Q3 Report</title>
|
|
<style>
|
|
html {
|
|
line-height: 1.5;
|
|
font-family: Georgia, serif;
|
|
font-size: 20px;
|
|
color: #1a1a1a;
|
|
background-color: #fdfdfd;
|
|
}
|
|
body {
|
|
margin: 0 auto;
|
|
max-width: 36em;
|
|
padding-left: 50px;
|
|
padding-right: 50px;
|
|
padding-top: 50px;
|
|
padding-bottom: 50px;
|
|
hyphens: auto;
|
|
overflow-wrap: break-word;
|
|
text-rendering: optimizeLegibility;
|
|
font-kerning: normal;
|
|
}
|
|
@media (max-width: 600px) {
|
|
body {
|
|
font-size: 0.9em;
|
|
padding: 1em;
|
|
}
|
|
h1 {
|
|
font-size: 1.8em;
|
|
}
|
|
}
|
|
@media print {
|
|
body {
|
|
background-color: transparent;
|
|
color: black;
|
|
font-size: 12pt;
|
|
}
|
|
p, h2, h3 {
|
|
orphans: 3;
|
|
widows: 3;
|
|
}
|
|
h2, h3, h4 {
|
|
page-break-after: avoid;
|
|
}
|
|
}
|
|
p {
|
|
margin: 1em 0;
|
|
}
|
|
a {
|
|
color: #1a1a1a;
|
|
}
|
|
a:visited {
|
|
color: #1a1a1a;
|
|
}
|
|
img {
|
|
max-width: 100%;
|
|
}
|
|
h1, h2, h3, h4, h5, h6 {
|
|
margin-top: 1.4em;
|
|
}
|
|
h5, h6 {
|
|
font-size: 1em;
|
|
font-style: italic;
|
|
}
|
|
h6 {
|
|
font-weight: normal;
|
|
}
|
|
ol, ul {
|
|
padding-left: 1.7em;
|
|
margin-top: 1em;
|
|
}
|
|
li > ol, li > ul {
|
|
margin-top: 0;
|
|
}
|
|
blockquote {
|
|
margin: 1em 0 1em 1.7em;
|
|
padding-left: 1em;
|
|
border-left: 2px solid #e6e6e6;
|
|
color: #606060;
|
|
}
|
|
code {
|
|
font-family: Menlo, Monaco, 'Lucida Console', Consolas, monospace;
|
|
font-size: 85%;
|
|
margin: 0;
|
|
}
|
|
pre {
|
|
margin: 1em 0;
|
|
overflow: auto;
|
|
}
|
|
pre code {
|
|
padding: 0;
|
|
overflow: visible;
|
|
overflow-wrap: normal;
|
|
}
|
|
.sourceCode {
|
|
background-color: transparent;
|
|
overflow: visible;
|
|
}
|
|
hr {
|
|
background-color: #1a1a1a;
|
|
border: none;
|
|
height: 1px;
|
|
margin: 1em 0;
|
|
}
|
|
table {
|
|
margin: 1em 0;
|
|
border-collapse: collapse;
|
|
width: 100%;
|
|
overflow-x: auto;
|
|
display: block;
|
|
font-variant-numeric: lining-nums tabular-nums;
|
|
}
|
|
table caption {
|
|
margin-bottom: 0.75em;
|
|
}
|
|
tbody {
|
|
margin-top: 0.5em;
|
|
border-top: 1px solid #1a1a1a;
|
|
border-bottom: 1px solid #1a1a1a;
|
|
}
|
|
th {
|
|
border-top: 1px solid #1a1a1a;
|
|
padding: 0.25em 0.5em 0.25em 0.5em;
|
|
}
|
|
td {
|
|
padding: 0.125em 0.5em 0.25em 0.5em;
|
|
}
|
|
header {
|
|
margin-bottom: 4em;
|
|
text-align: center;
|
|
}
|
|
#TOC li {
|
|
list-style: none;
|
|
}
|
|
#TOC ul {
|
|
padding-left: 1.3em;
|
|
}
|
|
#TOC > ul {
|
|
padding-left: 0;
|
|
}
|
|
#TOC a:not(:hover) {
|
|
text-decoration: none;
|
|
}
|
|
code{white-space: pre-wrap;}
|
|
span.smallcaps{font-variant: small-caps;}
|
|
span.underline{text-decoration: underline;}
|
|
div.column{display: inline-block; vertical-align: top; width: 50%;}
|
|
div.hanging-indent{margin-left: 1.5em; text-indent: -1.5em;}
|
|
ul.task-list{list-style: none;}
|
|
.display.math{display: block; text-align: center; margin: 0.5rem auto;}
|
|
</style>
|
|
<style>
|
|
body { font-family: monospace; font-size: 14px; line-height: 1.5em; max-width: 60em; margin: 0 auto; padding-top: 0; }
|
|
h1,h2,h3,h4 { margin: 0.25em 0; }
|
|
header { margin-bottom: 0; }
|
|
header h1 { border: none; }
|
|
h1 { border-top: solid 10px; border-bottom: solid 10px; margin-bottom: 1em; padding: 0.5em 0; width: 100%; text-align: center;}
|
|
h2 { border-top: solid; text-align: center; margin-top: 1em; padding-top: 1em; }
|
|
h3 { margin-left: 1em; color: #cb4b16; }
|
|
h4 { margin-left: 2em; }
|
|
u { display: inline-block; margin-left: 2.75em; opacity: 0.3; }
|
|
hr { opacity: 0; }
|
|
a { color: #06a;}
|
|
ul { margin-left: 3em; }
|
|
#TOC ul { margin-left: 0.5em; }
|
|
li { clear: both; }
|
|
li > a { float: right; }
|
|
nav li a { float: none; }
|
|
blockquote { opacity: 0.7; }
|
|
</style>
|
|
<!--[if lt IE 9]>
|
|
<script src="//cdnjs.cloudflare.com/ajax/libs/html5shiv/3.7.3/html5shiv-printshiv.min.js"></script>
|
|
<![endif]-->
|
|
</head>
|
|
<body>
|
|
<header id="title-block-header">
|
|
<h1 class="title">Yann FY23Q3 Report</h1>
|
|
<p class="subtitle">back to one month older</p>
|
|
<p class="date">2023-05-03</p>
|
|
</header>
|
|
<nav id="TOC" role="doc-toc">
|
|
<ul>
|
|
<li><a href="#individual-development-plan">Individual Development
|
|
Plan</a>
|
|
<ul>
|
|
<li><a href="#results">Results</a>
|
|
<ul>
|
|
<li><a href="#accomplishments">Accomplishments</a></li>
|
|
<li><a
|
|
href="#improvementsopportunities-for-development">Improvements/opportunities
|
|
for development:</a></li>
|
|
</ul></li>
|
|
<li><a href="#principles-behaviors">Principles & Behaviors</a>
|
|
<ul>
|
|
<li><a href="#accomplishments-1">Accomplishments</a></li>
|
|
<li><a
|
|
href="#improvementsopportunities-for-development-1">Improvements/opportunities
|
|
for development:</a></li>
|
|
</ul></li>
|
|
<li><a href="#team-impact">Team Impact</a>
|
|
<ul>
|
|
<li><a href="#accomplishments-2">Accomplishments</a></li>
|
|
<li><a
|
|
href="#improvementsopportunities-for-development-2">Improvements/opportunities
|
|
for development:</a></li>
|
|
</ul></li>
|
|
</ul></li>
|
|
<li><a href="#code-last-quarter-44">Code last quarter [44]</a>
|
|
<ul>
|
|
<li><a href="#ctia-1-1-0">ctia [1 (1 / 0)]</a></li>
|
|
<li><a href="#iroh-30-27-3">iroh [30 (27 / 3)]</a></li>
|
|
<li><a href="#tenzin-2-2-0">tenzin [2 (2 / 0)]</a></li>
|
|
<li><a href="#tenzin-config-6-6-0">tenzin-config [6 (6 / 0)]</a></li>
|
|
<li><a href="#xdr-provisioning-5-5-0">xdr-provisioning [5 (5 /
|
|
0)]</a></li>
|
|
</ul></li>
|
|
</ul>
|
|
</nav>
|
|
<h1 id="individual-development-plan">Individual Development Plan</h1>
|
|
<h2 id="results">Results</h2>
|
|
<h3 id="accomplishments">Accomplishments</h3>
|
|
<ul>
|
|
<li>Added support for AND/OR queries in tk-store. Should help</li>
|
|
<li>PIAM (Provisioning)</li>
|
|
<li>Start of the work related to Entitlements (see: <a
|
|
href="https://github.com/advthreat/iroh/issues/7835">https://github.com/advthreat/iroh/issues/7835</a>)</li>
|
|
<li>Free Tier Provisioning (the <code>xdr-provisioning</code> repository
|
|
+ Platform Provisioning API)</li>
|
|
<li>IROH config work to help ops and prevent release problems</li>
|
|
<li>Recurring admin tasks:
|
|
<ul>
|
|
<li>added bunch of XDR Flags (see <a
|
|
href="https://github.com/advthreat/response/issues/1742">#response/1742</a>)</li>
|
|
<li>moved the TG OAuth2 client from config to DB on INT</li>
|
|
</ul></li>
|
|
<li>Managed to get Wanderson back to better efficiency after being
|
|
difficult during its move and his daughter</li>
|
|
<li>Managed Olivier to his best. Very discrete but pretty strong.</li>
|
|
</ul>
|
|
<p>For full details look at the code last quarter report section.</p>
|
|
<h3
|
|
id="improvementsopportunities-for-development">Improvements/opportunities
|
|
for development:</h3>
|
|
<ul>
|
|
<li>I should work even more closely with PIAM as this is fruitful and
|
|
could have a lot of impact on IROH team as well as the rest of the IROH
|
|
ecosystem (IROH + modules + integrations).</li>
|
|
<li>Entitlement will be an interesting topic</li>
|
|
<li>Wanderson and Olivier are not yet fully autonomous while working
|
|
with some IROH-Auth parts. So there are still room for teaching and
|
|
improvements.</li>
|
|
</ul>
|
|
<h2 id="principles-behaviors">Principles & Behaviors</h2>
|
|
<h3 id="accomplishments-1">Accomplishments</h3>
|
|
<ul>
|
|
<li>Advocate: even while it was questionable I did my best to provide
|
|
only positive XDR feedback to the team.</li>
|
|
<li>Customer value: see the Results Accomplishments section (most of
|
|
them add customer value)</li>
|
|
<li>Learn:
|
|
<ul>
|
|
<li>bash scripts containing Clojure</li>
|
|
<li>matrix testing (this was not very visible PR but this is a testing
|
|
framework improvements)</li>
|
|
<li>matrix representation inside Clojure code, this is helpful to
|
|
visualize and easily change scopes associated to roles for example.</li>
|
|
</ul></li>
|
|
<li>Team for results: engaged team ops + Matt + IROH-Auth for iroh
|
|
config issue</li>
|
|
</ul>
|
|
<h3
|
|
id="improvementsopportunities-for-development-1">Improvements/opportunities
|
|
for development:</h3>
|
|
<h2 id="team-impact">Team Impact</h2>
|
|
<h3 id="accomplishments-2">Accomplishments</h3>
|
|
<ul>
|
|
<li><code>admin-clj</code> scripts should be helpful, for now use only
|
|
for</li>
|
|
<li>IROH default config should help ops</li>
|
|
<li>PIAM contacts will be useful in the future</li>
|
|
<li>Mario PR feedback was a really nice exchange while we are not having
|
|
much cross-sub-team discussions.</li>
|
|
<li>Helped Explain RBAC technical consequences with other teams, in
|
|
particular SXO, but also the UI.</li>
|
|
</ul>
|
|
<h3
|
|
id="improvementsopportunities-for-development-2">Improvements/opportunities
|
|
for development:</h3>
|
|
<ul>
|
|
<li>RBAC: Next quarter will probably start discussions with DI and
|
|
perhaps CSC.</li>
|
|
</ul>
|
|
<h1 id="code-last-quarter-44">Code last quarter [44]</h1>
|
|
<h2 id="ctia-1-1-0">ctia [1 (1 / 0)]</h2>
|
|
<ul>
|
|
<li>bump snakeyaml to address CVE-2022-38751 <a
|
|
href="https://github.com/advthreat/ctia/pull/1346">#1346</a></li>
|
|
</ul>
|
|
<h2 id="iroh-30-27-3">iroh [30 (27 / 3)]</h2>
|
|
<ul>
|
|
<li>Add a missing option to disable default configs <a
|
|
href="https://github.com/advthreat/iroh/pull/7805">#7805</a></li>
|
|
<li>Add a script to init tokens without login in <a
|
|
href="https://github.com/advthreat/iroh/pull/7794">#7794</a></li>
|
|
<li>Fix schema for Response <a
|
|
href="https://github.com/advthreat/iroh/pull/7804">#7804</a></li>
|
|
<li>Add support to onboard a single app <a
|
|
href="https://github.com/advthreat/iroh/pull/7796">#7796</a></li>
|
|
<li>Add a role instrospection route to help the UI and other clients <a
|
|
href="https://github.com/advthreat/iroh/pull/7785">#7785</a></li>
|
|
<li>Fix scopes declaration for execute-workflow route <a
|
|
href="https://github.com/advthreat/iroh/pull/7799">#7799</a></li>
|
|
<li>Fix a Swagger bug due to schema name conflict <a
|
|
href="https://github.com/advthreat/iroh/pull/7790">#7790</a></li>
|
|
<li>Web api search improvements <a
|
|
href="https://github.com/advthreat/iroh/pull/7728">#7728</a></li>
|
|
<li>add profile and notification to ao-jwt <a
|
|
href="https://github.com/advthreat/iroh/pull/7726">#7726</a></li>
|
|
<li>Tk store combinator search queries (AND, OR, NOT) <a
|
|
href="https://github.com/advthreat/iroh/pull/7691">#7691</a></li>
|
|
<li>Fix a case where the body is <code class="verbatim">nil</code> <a
|
|
href="https://github.com/advthreat/iroh/pull/7685">#7685</a></li>
|
|
<li>Add xdr-instance-id field to the orgs <a
|
|
href="https://github.com/advthreat/iroh/pull/7707">#7707</a></li>
|
|
<li>PIAM: Provisioning onboard endpoint <a
|
|
href="https://github.com/advthreat/iroh/pull/7659">#7659</a></li>
|
|
<li>Add ff scope script <a
|
|
href="https://github.com/advthreat/iroh/pull/7680">#7680</a></li>
|
|
<li>added a script to add feature-flag scopes from command line <a
|
|
href="https://github.com/advthreat/iroh/pull/7676">#7676</a></li>
|
|
<li>prefer to use client from DB than client from config <a
|
|
href="https://github.com/advthreat/iroh/pull/7672">#7672</a></li>
|
|
<li>Align scopes to SXO behaviour <a
|
|
href="https://github.com/advthreat/iroh/pull/7673">#7673</a></li>
|
|
<li>fix lein start <a
|
|
href="https://github.com/advthreat/iroh/pull/7663">#7663</a></li>
|
|
<li>PIAM provisioning no idp-mapping for create user <a
|
|
href="https://github.com/advthreat/iroh/pull/7655">#7655</a></li>
|
|
<li>Default bootstrap & config <a
|
|
href="https://github.com/advthreat/iroh/pull/6868">#6868</a></li>
|
|
<li>Add Entitlements to Orgs <a
|
|
href="https://github.com/advthreat/iroh/pull/7631">#7631</a></li>
|
|
<li>Remove yaml to supported format for profile API <a
|
|
href="https://github.com/advthreat/iroh/pull/7632">#7632</a></li>
|
|
<li>Fix a flaky test in either_test.clj <a
|
|
href="https://github.com/advthreat/iroh/pull/7610">#7610</a></li>
|
|
<li>Role Matrix representation in the code. <a
|
|
href="https://github.com/advthreat/iroh/pull/7583">#7583</a></li>
|
|
<li>fix some wording only for admin users view <a
|
|
href="https://github.com/advthreat/iroh/pull/7579">#7579</a></li>
|
|
<li>Improve User login logs situation <a
|
|
href="https://github.com/advthreat/iroh/pull/7555">#7555</a></li>
|
|
<li>Added a composable redis.nix <a
|
|
href="https://github.com/advthreat/iroh/pull/7535">#7535</a></li>
|
|
</ul>
|
|
<p><u>between 3 and 4 months ago</u></p>
|
|
<ul>
|
|
<li>Fix template rendering during invite confirmation <a
|
|
href="https://github.com/advthreat/iroh/pull/7480">#7480</a></li>
|
|
<li>Display virtual users in the batch get users <a
|
|
href="https://github.com/advthreat/iroh/pull/7473">#7473</a></li>
|
|
<li>Add the UI session logout into IROH-Auth <a
|
|
href="https://github.com/advthreat/iroh/pull/7431">#7431</a></li>
|
|
</ul>
|
|
<h2 id="tenzin-2-2-0">tenzin [2 (2 / 0)]</h2>
|
|
<ul>
|
|
<li>use iroh.main for all nodes types <a
|
|
href="https://github.com/advthreat/tenzin/pull/2862">#2862</a></li>
|
|
<li>Update iroh.job.jinja <a
|
|
href="https://github.com/advthreat/tenzin/pull/2861">#2861</a></li>
|
|
</ul>
|
|
<h2 id="tenzin-config-6-6-0">tenzin-config [6 (6 / 0)]</h2>
|
|
<ul>
|
|
<li>fix missing iroh-async web-services <a
|
|
href="https://github.com/advthreat/tenzin-config/pull/884">#884</a></li>
|
|
<li>align iroh and iroh-async confs <a
|
|
href="https://github.com/advthreat/tenzin-config/pull/883">#883</a></li>
|
|
<li>Add CSC onboarding URLs <a
|
|
href="https://github.com/advthreat/tenzin-config/pull/875">#875</a></li>
|
|
<li>fix provisioning service <a
|
|
href="https://github.com/advthreat/tenzin-config/pull/863">#863</a></li>
|
|
<li>PIAM config change (+ boostrap cleanup) <a
|
|
href="https://github.com/advthreat/tenzin-config/pull/677">#677</a></li>
|
|
<li>add perf.orbital.threatgrid.com to allowed login origin <a
|
|
href="https://github.com/advthreat/tenzin-config/pull/854">#854</a></li>
|
|
</ul>
|
|
<h2 id="xdr-provisioning-5-5-0">xdr-provisioning [5 (5 / 0)]</h2>
|
|
<ul>
|
|
<li>Improve help regarding setting env vars</li>
|
|
<li>Improve the command line parsing</li>
|
|
<li>rename script to .sh</li>
|
|
<li>Add onboarding of DI and CSC</li>
|
|
<li>Initial provisioning Script</li>
|
|
</ul>
|
|
</body>
|
|
</html>
|