3·
2 days agoYeah. Since he was a subcontractor, he wanted all his scripts to be the same, no matter who the customer was.
I was like jesus christ, I’m lazy too and want to automate everything, but edit your stupid scripts to use env vars.
- 0 Posts
- 20 Comments
Joined 18 days ago
Cake day: March 14th, 2025
You are not logged in. If you use a Fediverse account that is able to follow users, you can follow this user.
We resolved it by making him use pipeline vars for his scripts. Like we told him to do in the beginning.
He fought it because he wanted his scripts the same for all projects. Including hard coded usernames and passwords. So, it was mostly his fault.
The production database gets down-synced to the lower environments on demand, so they can test on actual production datasets. That would require us to manually remake this user account every time a dev down-syncs the database to a lower environment.
The customer is paranoid, as the project is their public facing website, so they want testing against the actual prod environment.
We don’t mange the SSO, as that is controlled by the customer. The only local (application specific) account is this account for testing.
He had to do admin functionality regression tests before prod releases to make sure nothing broke.
The system uses SSO for logins for everything else.
He is a subcontractor who was using scripts for all his projects. I told him he really needs to use env vars for creds.
He was a subcontractor, so technically, he’s not our employee.
I bubbled it up the chain on our side, and it hasn’t happened since.
It was an admin account to do regression testing for the admin interface and functions before prod releases.
I had my guys enable/disable the account during the testing pipeline so people can’t login anymore.
deleted by creator
I had a test engineer demand an admin password be admin/admin in production. I said absolutely not and had one of my team members change it to a 64-character password generated in a password manager. Dumbass immediately logs in and changes it to admin again. We found out when part of the pipeline broke.
So, we generated another new one, and he immediately changed it back to admin again. We were waiting for it the second time and immediately called him out on the next stand-up. He said he needs it to be admin so he doesn’t have to change his scripts. picard_facepalm.jpg
I have my instance running in my k3s cluster. I have its node affinity to only run on my minisforum i9. That way, I can use cert manager to manage the certs.
37·5 days agoShe would need to stop for it to be “again”.
15·6 days agoIIRC, his dad was a popular Dem gov.
Arnold Palmer might work too.
Did the guy just eat fruit to cure his heart?
By skinning Dalmatians.
7112 claps back with a comment you won’t believe.
Not necessarily. Their are directors at my work that don’t have any clearances.
I will leave this here for anyone who needs to use Windows but wants a little more privacy.
3·16 days agoservices: gluetun: image: qmcgaw/gluetun container_name: gluetun cap_add: - NET_ADMIN environment: - DNS_ADDRESS= - PUID=1000 - PGID=1000 - SERVER_CITIES= - FIREWALL_VPN_INPUT_PORTS= - TZ=Etc/UTC # Provider readmes: https://github.com/qdm12/gluetun-wiki/tree/main/setup/providers - VPN_SERVICE_PROVIDER= #- VPN_TYPE=openvpn #- OPENVPN_CUSTOM_CONFIG=/config/custom.conf #- VPN_TYPE=wireguard #- WIREGUARD_PRIVATE_KEY= #- WIREGUARD_ADDRESSES= ports: - 6767:6767 # bazaar - 7878:7878 # radaar - 8118:8118 # privoxy - 8191:8191 # flaresolverr - 8787:8787 # readaar - 8989:8989 # sonaar - 9091:9091 # transmission - 9696:9696 # prowlarr # You can add an forwarded listening ports your VPN provider might have here as well. volumes: - /data/gluetun:/config bazarr: image: lscr.io/linuxserver/bazarr:latest container_name: bazarr environment: - PUID=1000 - PGID=1000 - TZ=Etc/UTC volumes: - /data/bazarr:/config - /share/downloads/movies:/share/downloads/movies - /share/downloads/tv:/share/downloads/tv restart: unless-stopped network_mode: service:gluetun flaresolverr: # DockerHub mirror flaresolverr/flaresolverr:latest image: ghcr.io/flaresolverr/flaresolverr:latest container_name: flaresolverr environment: - LOG_LEVEL=info - LOG_HTML=false - CAPTCHA_SOLVER=none - TZ=Etc/UTC restart: unless-stopped network_mode: service:gluetun privoxy: image: caligari/privoxy:latest container_name: privoxy restart: unless-stopped network_mode: service:gluetun prowlarr: image: lscr.io/linuxserver/prowlarr:latest container_name: prowlarr environment: - PUID=1000 - PGID=1000 - TZ=Etc/UTC volumes: - /data/prowlarr:/config restart: unless-stopped network_mode: service:gluetun radarr: image: lscr.io/linuxserver/radarr:latest container_name: radarr environment: - PUID=1000 - PGID=1000 - TZ=Etc/UTC volumes: - /data/radarr:/config - /share/downloads/movies:/share/downloads/movies restart: unless-stopped network_mode: service:gluetun readarr: image: lscr.io/linuxserver/readarr:develop container_name: readarr environment: - PUID=1000 - PGID=1000 - TZ=Etc/UTC volumes: - /data/readarr:/config - /share/downloads/books:/share/downloads/books restart: unless-stopped network_mode: service:gluetun sonarr: image: lscr.io/linuxserver/sonarr:latest container_name: sonarr environment: - PUID=1000 - PGID=1000 - TZ=Etc/UTC volumes: - /data/sonarr:/config - /share/downloads/tv:/share/downloads/tv restart: unless-stopped network_mode: service:gluetun transmission: image: lscr.io/linuxserver/transmission:latest container_name: transmission environment: - PUID=1000 - PGID=1000 - TZ=Etc/UTC - TRANSMISSION_WEB_HOME= #optional - USER= #optional - PASS= #optional - WHITELIST= #optional - PEERPORT= #optional - HOST_WHITELIST= #optional volumes: - /data/transmission:/config - /share/downloads/movies:/share/downloads/movies - /share/downloads/books:/share/downloads/books - /share/downloads/tv:/share/downloads/tv restart: unless-stopped network_mode: service:gluetun watchtower: container_name: watchtower image: containrrr/watchtower volumes: - /var/run/docker.sock:/var/run/docker.sock network_mode: service:gluetun
The training program is da bomb!