IT/Software career thread: Invert binary trees for dollars.

  • Guest, it's time once again for the hotly contested and exciting FoH Asshat Tournament!



    Go here and fill out your bracket!
    Who's been the biggest Asshat in the last year? Once again, only you can decide!

Mist

Eeyore Enthusiast
<Gold Donor>
30,274
22,008
we recently made some API access tokens for MS Azure. I’m probably messing up the specific language but they all expire in a year and MS wouldn’t let us make them permanent. Is there a better way to handle this beyond a calendar reminder? Issue is we have two systems talking to one another so I’m not enthusiastic about having to swap a live key at some point. And the keys are specific to environment #sadpanda.

‘for now the plan is to make a new key and then test it, have the two overlap during the switch. But I feel like there must be a better way to manage this
A few ways to do this, but they're both kinda cumbersome and bad. The fact that MS doesn't just send out a 30 day notification to the Azure admins is ridiculous, this has come up for a few customers of mine as well.

Using Powershell: Azure AD app registration secrets: a quick script to check who expires soon
Using Power Automate: Get notified on expiring Azure App Registration client secrets | Peter Klapwijk - In The Cloud 24-7

In the case of last night, it turned out to be a Cisco SDWAN certificate (people might know the product better as Viptela but Cisco actually retired that branding) that expired without warning on a whole bunch of devices. So it wasn't actually anything in our cloud that expired, but the client's network was shattered to pieces without SDWAN and none of the offices could reach the ECX connection to our cloud.
 

TJT

Mr. Poopybutthole
<Gold Donor>
40,697
102,073
we recently made some API access tokens for MS Azure. I’m probably messing up the specific language but they all expire in a year and MS wouldn’t let us make them permanent. Is there a better way to handle this beyond a calendar reminder? Issue is we have two systems talking to one another so I’m not enthusiastic about having to swap a live key at some point. And the keys are specific to environment #sadpanda.

‘for now the plan is to make a new key and then test it, have the two overlap during the switch. But I feel like there must be a better way to manage this
If you are using shit in Azure just put it in an Azure Key Vault. Then use that reference in your code and update it in the Key Vault. Which will keep your tokens up to date.

Pretty painless.
 

Mist

Eeyore Enthusiast
<Gold Donor>
30,274
22,008
If you are using shit in Azure just put it in an Azure Key Vault. Then use that reference in your code and update it in the Key Vault. Which will keep your tokens up to date.

Pretty painless.
Maybe it's not his code. Maybe he's integrating some shitty third party SaaS or cloud product with O365.
 

Rangoth

Blackwing Lair Raider
1,528
1,641
Maybe it's not his code. Maybe he's integrating some shitty third party SaaS or cloud product with O365.
We have both examples. The code is less painless as we don’t use the azure key vault but another encoded settings system with easier deployment and testing environments. But we also integrate with 3rd party crap and have the same problem….which is one of the reasons we made our own non-azure vault settings systems. It allows to do some interesting cheats on this front.

but the fact remains that someone has to remember to actually go in and click “new key” or any system falls to shit. I somewhat understand it for security reasons, but also not really since I would only want the key to expire or be invalid if compromised. I mean fuck, even a bitcoin wallet is eventually tied to a “Password”(key phrases) or piece of hardware. The failure point is always the human element.
 

Nirgon

YOU HAVE NO POWER HERE
12,581
19,318
I got this writing React app unit tests stuff for Okta auth etc shoved at me constantly with research work to be done, pretty obvious this ones going to land on my desk and ruin my life for a few days getting it figured out. Having it run without the defined constants starts getting into abstract blabbering on by the officials without a cook book or example to go on.

Writing these tests is harder than the actual work to get the app developed many times over lol.
 
  • 1Truth!
Reactions: 1 user

TJT

Mr. Poopybutthole
<Gold Donor>
40,697
102,073
I got this writing React app unit tests stuff for Okta auth etc shoved at me constantly with research work to be done, pretty obvious this ones going to land on my desk and ruin my life for a few days getting it figured out. Having it run without the defined constants starts getting into abstract blabbering on by the officials without a cook book or example to go on.

Writing these tests is harder than the actual work to get the app developed many times over lol.
For real dude.

Code some function in like an hour. Spend the next 3 hours figuring out how to write the stupid ass test for it.
 
  • 1Truth!
Reactions: 1 user

Kharzette

Watcher of Overs
4,856
3,471
I've never gotten into test-driven. A friend tried to sell me on it years ago but so much of the time my inputs and outputs are impossible to even check. Stuff ends up in pixels on a screen.

I recently did something that I think would benefit from it; A 6502 emulator I'm going to use as my survival game's computing. Tests for that would make sense, but I still haven't decided if I want to spend the extra time.
 
  • 1Like
Reactions: 1 user

TJT

Mr. Poopybutthole
<Gold Donor>
40,697
102,073
Some platforms, like Salesforce, require a certain percentage of automated test coverage before you can ever deploy it. So you have to. SFDC is an odd one as its Java syntactically but everything else about it is different and you have to navigate the byzantine labyrinth of weirdness that is the Salesforce platform.
 
  • 1Like
Reactions: 1 user

Nirgon

YOU HAVE NO POWER HERE
12,581
19,318
I figured one out for some spring boot @Retry annotation stuff earlier, that they wouldn't dare give to the "great" goblin I work with. It didn't even give the normal success message of a passing test on our version of spring (blank when run individually and did succeed, passed through build gates for successful tests and coverage). However you could change the # of retries from 2 to 3 and prove that the function was indeed retrying 3 times in the test because it would fail saying expected 3 calls and got 2.

I am not kidding when I say this got intentionally dumped on me thinking I'd never figure it out.

I'm not sure changing jobs is a way to avoid this stuff. It's more like change careers, but I'm obviously a cut above the average if I manage these insane hot potato assignments that regularly get thrown at me and no one else. Tech and HR is absolutely infested by evil, lucky me what a combo lol.
 

Phazael

Confirmed Beta Shitlord, Fat Bastard
<Aristocrat╭ರ_•́>
14,021
29,916
Days since an expired certificate brought down 1 or more customers in our cloud requiring me to get paged out on a holiday: 0.
Don't feel to bad. Our Systems team forgot to renew the one SSL cert that is used by both our VPN system and our radius servers, so core wireless and VPN connectivity was down for the entire company for half the day (and I am the sole senior resource who interfaces with our service desk and the other teams) blowing shit up all over. Best part is they got a reminder email (I get copied on those) and still managed to miss it after this exact shit happened last year.

Upside is every time I am right about one of these disasters, I become even more bulletproof around here. Especially important because our CEO is apparently going to relocate himself to our local branch and my boss is jerking himself off trying to get RTO pushed through to more effectively kiss his ass. I have already told him hard now and that I am already looking at other gigs just for him suggesting it. Dude is fucking backpeddling at warp speed, because in a year they have not been able to find or promote anyone who does what I do for the meagre amount I do it for. And he KNOWS I have been looking to sign on as an App manager with our systems team, purely to get out of service work and avoid ever dealing with RTO threats again. I just can't decide if taking a few extra bucks and WAH being written into my contract is worth going from basically a nigh unfirable senior resource to lowest ranking guy in systems (which makes dumb errors like the one above). I have a month before it gets posted internally, so time to contemplate things over the holidays.
 
  • 1Like
Reactions: 1 user

Nirgon

YOU HAVE NO POWER HERE
12,581
19,318
Why would they do this to you though?

I'm all ears but im not an ultra leftist is the common theme.

The ones I deal with are pronouns in bio guys or overweight, overpaid, angry females that end up being a problem.

The india pals are always cool and same with the regular joe types - even the higher/highest up ones.

If you have some theories, please let me know but I dont come in to work with a MAGA hat or say goddamn anything that isnt about work or the weather.
 

Kharzette

Watcher of Overs
4,856
3,471
Six hour battle with "meson", a turd of a build system. Overcomplicated, vague error messages, terrible docs, shits all over itself if you give it a relative path.

Do we really need more build systems?
 

agripa

Molten Core Raider
585
495
Anyone else expecting to see layoffs? Our PE company asked us to cut our burn rate by 30% for the up coming year.
 

BrotherWu

MAGA
<Silver Donator>
2,994
5,762
What are you guys using for job searches these days? I can't decide if my current employer or LinkedIn is more annoying.
 
  • 1Worf
  • 1Solidarity
Reactions: 1 users

Phazael

Confirmed Beta Shitlord, Fat Bastard
<Aristocrat╭ರ_•́>
14,021
29,916
Anyone else expecting to see layoffs? Our PE company asked us to cut our burn rate by 30% for the up coming year.
Not really. IT people, real IT people who do day to day keep the lights on work, are always the last to get cut when that axe starts falling. They might clip some deadweight contractors, but companies can hardly fill the roles they want now with the current labor pool. Now I work for an advertising company and bullshit is pretty much a recession proof industry, but still I have been the sole member of the T3 helpdesk (and on projects, some app management, junior sysad tasks, a million other dumb things, ect) for over a year now with them unable to add someone else to my team of one. I work for less than I could with the understanding that I will not be asked to work in the office, ever. Every time my boss hints at it I put my resume out there with the same people he used to recruit me so he knows to knock that shit off. He has caved every single time.

If I were in development in certain industries, I might be more concerned. But Systems Engineers and Service Desk types with a proven track record are bullet proof right now. I think the multigigging gravy train might be coming to an end, but for competent people in the maintenance end of things, we are in a historic golden age the likes of which I have not seen since 1995. That is unless you are a greedy fuck who negotiated a majorly bloated pay rate because of the labor shortage, in which case you might get booted for someone more affordable. But those people will just take a pay cut and go someplace a little more desperate when the time comes.

TLDR version, if your company is not completely shuttering and you are not an oxygen thief where you work, you are probably good for the next couple years.
 

Phazael

Confirmed Beta Shitlord, Fat Bastard
<Aristocrat╭ರ_•́>
14,021
29,916
What are you guys using for job searches these days? I can't decide if my current employer or LinkedIn is more annoying.
Combination of LinkedIn and Indeed has been the best resource for me of late, but honestly if your resume is solid get it to a contract house you like and let them run with it if you can. K-Force has been pretty good for me in recent years on that front.
 

BrotherWu

MAGA
<Silver Donator>
2,994
5,762
Combination of LinkedIn and Indeed has been the best resource for me of late, but honestly if your resume is solid get it to a contract house you like and let them run with it if you can. K-Force has been pretty good for me in recent years on that front.

I find most of the contract houses that contact me are either offering rates that, annualized, are less than my current salary, and/or are Indians spamming positions that are probably unrelated to my background. Hard pass.
 
  • 2Like
Reactions: 1 users

Phazael

Confirmed Beta Shitlord, Fat Bastard
<Aristocrat╭ರ_•́>
14,021
29,916
Need to set expectations with them. I got what I demanded, just took a little more patience.