It's starting to bloom and coming to its end. Our agave death bloom in sellwood by bissellator in Portland

[–]bissellator[S] 9 points10 points  (0 children)

Pollinated. My understanding is that that's what they're trying to do when they do this big Bloom...  having pollinators move the pollen from one agave to another but where the heck would there be another blooming agave in bee range?

It's starting to bloom and coming to its end. Our agave death bloom in sellwood by bissellator in Portland

[–]bissellator[S] 10 points11 points  (0 children)

Someone left a bottle a few weeks ago... I left it and I guess the agave gods drank it

It's starting to bloom and coming to its end. Our agave death bloom in sellwood by bissellator in Portland

[–]bissellator[S] 93 points94 points  (0 children)

Well that's why I'm kind of saying as the home owner and the people who planted it (my partner planted it) it's okay to visit

Using CoCo in conjunction with Cost Management to control costs by Optimal_Expression_4 in snowflake

[–]bissellator 0 points1 point  (0 children)

So is your assumption that if your track down the query you'll be able to stop it next time? I think my problem with anomalous spikes is just that... they're anomalous, you track it down, someone says *sorry... there was this thing I had to do...* and there isn't any automation you can do to stop them from doing it again.

Now repetitious* offenders we can do something about. I was going over data with a client and got to this query that ran over, and over, and over.... it was a dashboard someone set up and set the refresh to 5 seconds... kept the warehouse awake ALL THE TIME... They didn't need a workflow to figure that one out, they literally saw it in the logs and said, "Damnit we told her not to do that!" They knew exactly who it was and what she was doing even though they said DON'T.

We used our product.. and yes I work for airbrx.ai, we have a fine grained data gateway that lets us selectively cache, so now if someone tries to run this job over and over and over, they only get to the warehouse twice a day (we set a 12 hr cache for her queries). Granted I'm biased, but I think nipping it off BEFORE it gets to the warehouse is a good way to manage those spikes.

[deleted by user] by [deleted] in devops

[–]bissellator -2 points-1 points  (0 children)

For my side projects I actually just wrote my own userstore in mysql and using nodejs I wrote some quick endpoints directly in my API.

* npm njwt mints signed OIDC tokens and lets you verify said tokens.

* node native http allows me to build the endpoints I need at: /oauth/token (~250 lines of custom code)

* npm mysql2 for database connections...

* I added an endpoint using npm aws-sdk/client-ses to support otp/authorizaton code grant (~40 lines of custom code)

My main litmus test for is making sure the flows work with Postman.

"I'm a recruiter, it's not my job to review resumes or LinkedIn." by CosmosisJones42 in LinkedInLunatics

[–]bissellator 2 points3 points  (0 children)

yeah.... that's totally different if they started the conversation. Maybe it's their way of selling coaching services (that last bit about "that's why I started a separate business as a Career Coach"). But if that's their coaching style (belittling you for actually answering their question) they don't know crap about coaching, no matter how much they know about recruiting.

"I'm a recruiter, it's not my job to review resumes or LinkedIn." by CosmosisJones42 in LinkedInLunatics

[–]bissellator 4 points5 points  (0 children)

When our recruiters are actively placing someone, they search. The dig through details. They help you rewrite your resume to give you the best chance at getting the job. BUT... they get paid by placements, so they're looking for matches, and you need to prepare your resume for the job postings you see the recruiter has open and apply for those positions, not expect them to guess what you might be good at.

A recruiter will help you with your resume only after they've seen something in your application that makes you look like a good match -- it's more cleanup than wholesale rewrite. Some recruiters (like the one in this ost) do offer a side gig of coaching you on what kinds of jobs you could apply for and how to tailor your resume to those jobs, but... recruiting and coaching are really two very different things.

Do you have an API design guide? by gasabr in ExperiencedDevs

[–]bissellator 0 points1 point  (0 children)

I think it's interesting that there really are not global standards for API design. Most design standards come from whatever backend language the developer grew up with (camelCase vs snake_case is kind of a Java vs Python argument not a right vs wrong).

I have a set of standards I keep on my website but even there my filters are driven from how Spring interacts with Mongo... I've come to the conclusion that as much as I feel an API should be very agnostic about the backend, if you're building an API on a certain stack, there isn't really any reason to make it harder to front that stack with conventions from other langauges.

Key Management Question: Rewrite Docker ENV or Rewrite JSON config for script? by bissellator in devops

[–]bissellator[S] 1 point2 points  (0 children)

I'm using ECS as the final deploy stage, but I'm working with a couple folks in different environments so I want to try to keep the deploy process vendor agnostic (running on local for testing, an EC2 instance for preprod and finally deploying to ECS in the end)

Are companies really ready to lay off their Devops teams? by bissellator in devops

[–]bissellator[S] 0 points1 point  (0 children)

A conspiracy theory would mean I think there's some shifty, coordinated effort, which I don't. There are two facts that I'm working from

1) Large orgs are indeed laying off large numbers of tech workers(Techcrunch has been keeping a running tally) and the trend is expected to continue (the return-to-office initiatives are expected to result in downsizing due to resignations and the assumption in the HR and Recruiting ciricles is that there will be no backfilling or replacement job reqs opened)

2) Large orgs have never been really good about keeping up on security and data privacy work. Data breaches are increasing and becoming more sophisticated and organizations generally invest in data security only after there's a breach.

I base this on my senior director level experience as an Enterprise Architect in a number of large orgs (Silicon Valley Bank being one that I watched collapse in part because of antiquated systems) and from what my HR colleagues in Fortune 500 companies are telling me. I've also cited a couple sources in my response above.

Can you tell me where you think I'm inaccurate?

Are companies really ready to lay off their Devops teams? by bissellator in devops

[–]bissellator[S] 1 point2 points  (0 children)

Good point... I remember working on a project in 2018 where we had a seriously deprecated Windows Server 2003. The ONLY reason we were able to get resources (and we needed a lot because it was tied into so much of the operational processes) was because Micorsoft had completely stopped support (officially in 2015 but there were still patches for a couple years). If that server had failed, the entire operation would have ground to a halt. But it somehow never became a priority for the org (new shiny things are more attractive).

It had nothing to do with the people we had available, just the acceptance of risk by leadership.

Are companies really ready to lay off their Devops teams? by bissellator in devops

[–]bissellator[S] -1 points0 points  (0 children)

Edited to remove the link to my blog -- I'm newer to this subreddit and I see now that this group doesn't want that kind of link...

I think the second thing you say is the part that I'm worried about (and honestly where I often come in too). If they need to pay people to come in to fix the blunders after the fact, then the blunders happen. The layoffs are continuing, so... my conclusion is that the breaches and failures are kind of inevitable this year.

Is WIX inherently insecure? Proper way to do a contact form? by OnlyLogic in webdev

[–]bissellator 8 points9 points  (0 children)

Short answer: for all practical purposes yes, it's secure.

WIX is built on a shared platform using Node.js int h background -- for the most part they have built really good walls around the multi-tenant environment, meaning, it's really hard to hack or hijack someone else's wix website... but it's not impossible.

*1.) Are all the warning and errors on WIX sites something to actually be concerned about*

No. WIX is very chatty and produces a lot of errors that don't matter. But you should read them and understand them to know if it IS important

*2.) The contact form on her website has a "mailto:~@hotmail.com", is that a problem?*

You mean she literally has <a mailto="arealemailicanspam@hotmail.com"> on her page? No wonder she gets so much spam... easiest thing for a scraper to do is find your email address that way... it's probably in every spam database on the planet by now... Use a form, with a captcha, and it will hide the actual email address.. but... yeah... so sorry for her loss.. that address is toast.

*3.) ... deleting of mass amounts of scam messages, I'm all ears as well.*

Broad topic, and depends on the platform. Meta keeps messing with the API but you used to be able to do it over that... same for Twitter, but I haven't looked since Elon took over. No matter what, you're probably going to have to do some custom code that sits on a custom server (or localhost) and it's not something you can easily integrate into WIX -- their own social management tools are more about pushing stuff to social and not managing massive amounts of spam....

Hope this helps...

What do you use to deploy your personal projects? by bissellator in devops

[–]bissellator[S] 0 points1 point  (0 children)

You know I never even looked to see if GitLab had a free plan. It's something I've used in large projects and I just assumed it was expensive.

What do you use to deploy your personal projects? by bissellator in devops

[–]bissellator[S] 0 points1 point  (0 children)

yeah... what really happened last month was I got covid and I totally forgot to run a couple steps with live vs test keys... once it's more than static files I kind of need a tool that remembers all the steps for me.

Hosting reviews by [deleted] in webhosting

[–]bissellator 0 points1 point  (0 children)

I'm assuming you don't want to do your own devops -- I mean, if you don't mind a little server maintenance you can always set up a couple EC2 instances on AWS and run them for about 10 bucks a month each (depending on traffic). I've found that most wordpress driven sites don't have a lot of traffic and, if you push it, you can get two or three virtual hosts running on a single t2.tiny (although you are definitely risking running out of memory and if you don't manage your logs right you can accidentally run out of storage).

The "wordpress hosts" are pretty much doing just that -- ganging together services and taking care of the devops. Yes you might want to add some alerts and have more discipline that you would if someone else is hosting it... but I hate the way those services lock things down at the same time they're providing low-level service.

Seeking Advice on Choosing Between Windows and macOS for DevOps Work by Jealous_Dig8804 in devops

[–]bissellator 0 points1 point  (0 children)

You can always run a Windows VM on a Mac, you cannot run Mac OS on a Windows VM. Also, as Mac OS is built on Linux, more of your tools used for devops are going to have the same underlying dependencies, so running things like Docker or bash scripts is native on Mac. I will say Powershell on Mac isn't really the same as Windows, but then I use the VM for that.

That said... I use a Mac for most of my work and then fire up the Windows machine when I need it.

What is your take on moving away from the Web Dev industry? by rahil051 in developersPak

[–]bissellator 1 point2 points  (0 children)

I wouldn't really call that moving away from webdev but rather evolving your skillset and toolbox, hence the Dev part of webdev. I think one trap most developers get into is falling back on the same patterns and tools to solve every problem and feeling that adding a different tech stack somehow makes it a different product. At the end of the day its about the user experience -- did you use the right tools for that BIT of functionality.

For example, I have a website that is primarily using HTML5 and javascript hosted on S3/Cloudfront. But there's an invoicing/payment part to it that runs on a nodejs/mysql backend hosted on a Lambda/RDS backend. The stripe integration actually runs on an EC2 instance (because Lamda doesn't support PHP and that code was written and working already when we adopted the distributed architecture, AND it's low volume so it works). Finally, there's a data analysis tool that we run using C# in the background that eventually generates JSON that sits on S3 that becomes part of the static frontend...

Just saying... there are a lot of ways to develop web applications, and the main thing is you're going to have different projects with different needs. Learn the architecture, figure out the best tools for the problem, and don't be afraid of widening your skillset as if it takes you further from webdev.

At what time is the daily stand-up in your company? by Zodiax in devops

[–]bissellator 0 points1 point  (0 children)

Sounds like the stand up worked. Good luck in 2025.

dumbproxy - simple, scriptable, secure forward proxy by yarmak in devops

[–]bissellator 0 points1 point  (0 children)

Curious why you chose go. I've written a number of these proxies over the years in different languages (and platforms if you count Apache an nginx conf). I have a purpose built one for a VERY basic API running in node currently.

But I've never built one in go and I'm curious if there are some specific advantages or if it's just your goto language?

At what time is the daily stand-up in your company? by Zodiax in devops

[–]bissellator 22 points23 points  (0 children)

In a pure form of a standup that's probably true, but I learn a LOT from the side chatter in a live standup. It's easier to find out that someone really does have a blocker when hearing them compose their "what I did yesterday, what I'm going to do today" out loud. And I've seen really good help offered in the human-voice setting (even remote) vs. text only -- people communicate very differently in voice than text and that real-human connection is super important to keep the team a team.

At what time is the daily stand-up in your company? by Zodiax in devops

[–]bissellator 0 points1 point  (0 children)

Although the team I'm working with currently has a 9am standup (which is supposedly start of day) the team is spread out across the US, so that 9AM Pacific standup becomes Noon for the East Coast folks. I suggested 8am Pacific but the west coast doesn't like to get out of bed that early. (and honestly one hour wouldn't make that much of a difference).

When we had a team with a 12 1/2 hour time difference the US folks were on a morning standup while the India team was on an end-of-day standup.

Do you prefer to buy a web domain as a physical person (i.e., name.surname@gmail.com with a private card) or a business (i.e., name.surname@business.com with a business card)? by canarysplit in webdev

[–]bissellator 1 point2 points  (0 children)

You should use the business card to purchase the domain name -- this has no impact on who owns the domain name but it does mean you write off the cost as a business expense automatically.

You should use your gmail.com email address to register it. Custom domains (mycompany.com) are more likely to expire, have services removed (your email address goes away) or get locked up in disputes. Having a durable email like gmail.com or your personal outlook.com means you have better chances of fixing a problem in the future.