pierreprinetti.com

How to hire a software engineer: a panellist's guide to the technical interview

Tue, 05 Mar 2024 11:07:19 +0100

Many candidates struggle to express their full potential during a technical interview. As the interviewer, your job is to let them shine. You will certainly look out for red flags, and your attention will naturally be drawn to their technical weak spots. But you’ll have to be intentional if you don’t want to overlook talent.

Your job in a technical interview: prove that this very candidate is the best fit for the role. Of course they might not be, but the idea behind this approach is that if they are, you minimise the risk of not finding out. And if they are not, you will have given them a fair chance.

Hack: Rotate OpenShift clouds.yaml application credentials

Thu, 16 Mar 2023 00:00:00 +0000

Cloud credentials in OpenShift-on-OpenStack are stored in a secret in the kube-system namespace.

Rotating credentials entails:

Create the new credentials in OpenStack
Build a clouds.yaml with the new credentials
Upload the new clouds.yaml to the Kubernetes secret
Let the operators distribute the new secret.

When using application credentials, this translates to:

# Step 0: Get the current credentials for the cluster. Useful later to replace values

# Step 1: Create the new credentials in OpenStack
openstack application credentials create new-creds-1

# Step 2: Build a `clouds.yaml` with the new credentials.
# Get the current credentials from OCP, and replace with the new values from Step 2.
# Save as `c.yaml` for example.
oc -n kube-system get secret openstack-credentials -o jsonpath='{.data.clouds\.yaml}' | base64 -d

# Step 3: Upload the new `clouds.yaml` to the `openstack-credentials` secret
oc set data -n kube-system secret/openstack-credentials clouds.yaml="$(<"c.yaml")"

# Step 4: Enjoy.

Automate `clouds.yaml` generation

First, build a script that creates new application credentials and directly outputs a clouds.yaml based on a template. We asssume that the cloud in question is openstack, which is what you’ll find in the OpenShift secret.

Bash notes

Wed, 03 Aug 2022 00:00:00 +0000

My personal Bash styleguide.

Headers

The shebang tells our operating system what interpreter to use to execute the script.

#!/usr/bin/env bash

These options make the execution of our script more predictable:

set -o errtrace
set -o errexit
set -o nounset
set -o pipefail

# or more concisely:
set -Eeuo pipefail

When a command in a script fails, the failure is ignored by default. With -E and -e, errors stop the execution of the script.

Run in docker-compose, wait for the database

Tue, 25 Jun 2019 00:00:00 +0000

Do you use docker-compose to run your local development environment? Do you write your commands into a Makefile to protect your brain and your fingers from complex startup scripts?

If so, then you know how painful it is to tell your service to wait for the database before starting.

In a sane production environment, a service should always boot and patiently wait for the dependencies to become available, and signal their state through something like a readiness probe.

A short introduction to AWS IAM, including Roles

Sat, 22 Jun 2019 00:00:00 +0000

IAM stands for Identity and Access Management. It is the service that lets you manage authentication and authorization within your AWS account.

Authentication and Authorisation in AWS are based on six building blocks¹: Account, User, Group, Policy, Action and Role.

Everything I write here, and much more, can be found in the AWS documentation. This post is nothing more than a quick introduction to get you started with the basics.

My first Rust project

Sat, 01 Jun 2019 00:00:00 +0000

At work, I keep a todo list vaguely resembling a bullet-journal.

+--------------+
| * Task |
| x Completed |
| > Migrated |
| - Cancelled |
+--------------+


## 2019-05-27
x Version-pin deploy tooling
x Build auth package
* Replace Marco's deploy keys in the CI

## 2019-05-28
x Replace Marco's deploy keys in the CI
* Write new ticket: failed logins on STG
* Write new ticket: Create users for Kubectl
* Investigate bug #123

## 2019-05-29
x Write new ticket: Create users for Kubectl
> Write new ticket: failed logins on STG

Every working day, I open the file with my favourite editor, I add the date, and I report the unfinished items that I intend to work on.

Learning C++, day three: Integer overflow

Tue, 07 May 2019 00:00:00 +0000

I was happily playing with my shiny new prime-number-checker, trying out how loops work in C++.

When I started entering stupidly big numbers, something strange happened.

./main
Enter a number: 5784320578432578493207508493
Congratulations, it's prime!

Except, that is not actually a prime number. I can’t have typed a prime number by randomly banging on the keypad. What’s going on?

I didn’t code any input sanitization in my prime-number-checker, so let’s check what my program actually gets. I am now removing all the boring logic, and compiling this simple code:

Learning C++, day two

Sun, 05 May 2019 00:00:00 +0000

My first steps:

I have enrolled for a Pluralsight course
I have installed a C++ syntax extension on my beloved editor.

Discovery #1: Classes feel like language extensions

In Go, primitive types are special. Some properties only apply to them; for example, there is no way of defining a behaviour for make(myType). Every primitive type brings its own built-in constructor, and custom types inherit the constructor from the primitive type they’re based on. If you want a new instance of your type to be any different than “the zero value for the underlying type”, then you have to declare a very explicit New function and write a compelling comment advocating its use.

Learning C++, day one

Sat, 04 May 2019 00:00:00 +0000

A long time ago, I started programming with Python. Everything was great and I was happy.

Then I discovered Go. Everything was fast and portable and powerful.

This is my first day into learning C++.

Why? A SQL metaphor

I used to be contributor to an opensource Go database adaptor: something like an object-relational mapper. Back then, I was fascinated by the idea of abstracting away SQL from my applications.

Credential Management API for passwords

Thu, 10 Jan 2019 00:00:00 +0000

Browsers let us save passwords and to retrieve them. This way, we can use strings too long and complex to be remembered. Some browsers, with or without the support of external password managers, generate new passwords for us and manage them seamlessly.

However most of the time, everything regarding passwords is still based on the ability of the browser of guessing which input field contains a username, and which one contains a password.

The Go 1.11 web service Dockerfile

Mon, 05 Nov 2018 00:00:00 +0000

Build with Modules, Ship from Scratch

If you use dep, check out this post instead.

Goals:

The application executable is compiled inside a container, in order to boost reproducibility
The resulting image must be as small as possible
The application must run in a container as secure as possible: an unprivileged user in a minimal environment
The application must be able to make HTTPS calls

It is a multistage Dockerfile: the first throwaway stage is used for building, while the final image will only contain the compiled binary executable.

Test-Driven Development in Go

Mon, 09 Jul 2018 00:00:00 +0000

In this video, Robert Martin uses Kotlin and JUnit to illustrate his Three Laws of TDD. But what about Go? Follow me and challenge the master! We will walk in his footsteps with the only help of Brad Fitzpatrick’s checkFunc pattern.

The Three Laws

You are not allowed to write any production code unless it is to make a failing unit test pass.
You are not allowed to write any more of a unit test than is sufficient to fail; and compilation failures are failures.
You are not allowed to write any more production code than is sufficient to pass the one failing unit test.

Prime factors

Step 1: the API

We want a function to list the prime factors of a given number.

The Go Dockerfile

Wed, 14 Feb 2018 00:00:00 +0000

Build With Dep, Ship From Scratch

For Go 1.11 modules, check this post instead.

In a devops environment, pushing some code to the repository is not enough. You have to ship it. And the first step is often writing a Dockerfile.

The goals:

The code has to be compiled in a container, to boost the chances my build will be reproducible.
Use dep for fetching the dependencies in case the vendor folder is not committed alongside with the code. NOTE: if vendor/ is in the .gitignore, it should be in the .dockerignore too.
The final image should be as small as possible. Go applications compile to a single binary. We can have images as small as our compiled binary by leveraging the special FROM scratch base image in a multi-stage build.

Here is my base Dockerfile for Go services:

Event Sourcing in Go: the Event Handler

Sat, 03 Feb 2018 00:00:00 +0000

Recently, I have been working on an event-sourced application built around Command-Query Responsibility Segregation (CQRS). My job was to figure out how to implement a new command in Go.

In order to act on a given object, we have to build the current state of that object out of the events that created and modified it. Here I want to show how I have come up with the applier interface to represent the Event logic.

A pattern for Go tests

Sun, 28 Jan 2018 00:00:00 +0000

I used to spend an unreasonable amount of time thinking about how to begin writing a test.

I googled test patterns in Go.

Many people seem to rely on external dependencies for assertions. And in fact, I understand that generic (aha!) functions like isNil(v interface{}) bool can initially bring speed to the development. But in the long run, I think that embracing the true strongly-typed nature of Go, instead of just searching for a way around it, is more rewarding. Writing more idiomatic code will be beneficial both for the quality of the code, and for the insights you can get by looking the Beast in the eye.