The author has a background in computer science and a passion for new technology. When the degree was earned, the web was not too popular yet. That opened an opportunity to follow the entire process with huge fascination, and the journey didn’t end yet. Most of the development happens in Python and Django these days, but all other facets are interesting, too.
Here is what happened: (spoiler: No)
“AI will never be ethical,” the AI said during the debate. “It is a tool, and like any tool, it is used for good and bad. There is no such thing as a good AI, only good and bad humans.”
Source: Researchers Asked an Advanced AI Whether AI Could Ever Be Ethical, and It Said No
It’s this time of the year that brings us all predictions for the next year. Over on another channel I had some already, but let me collect more here.
First here is an article from Werner Vogels, CTO of Amazon Web Services (AWS):
2022 will be an exciting year for technology, with it pushing all of us, and our planet, forward in the process
Werner Vogels on allthingsconnected.com
To summarize @werner‘s predictions briefly, here are the 5 ideas for next year and beyond:
Github probably made the most noise when it introduced CoPilot, however, the market has been open before that. Products like Amazon DevOps Guru or CodeGuru and GPT-3 apparently supports this approach, too. While research criticizes the high error rate of the approach, the technology will improve. After all, it will accelerate development.
Not only AWS has an offering to execute code on the distributed edge of the cloud in for of in form of Lambda@Edge. Also traditional edge players turn towards cloud capabilities. Akamai announced Edge Workers earlier this year. CloudFlare has Workers sind 2017. While the concept has been around and technically viable for much longer, all this increased activity indicate a commercial viability. That will attract more vendors.
When the Internet of Things became popular in the middle of the ten years, Product Managers have been looking at this space already. The reason is simple: emotion is driving a huge willingness to buy. However, in most countries, this is a highly regulated market. Companies will push for their share, but the entry is difficult.
Which is way overtime. Most will say the architecture is simple, less of the same. However, computing and storage used to be a scarce and expensive resource. Those in the age to remember a C64, an Amiga or even early PCs can relate. Software architecture had to cater for those limitations. Only with the advent of the cloud resources became virtually endless and affordable. Architecture out of a sudden didn’t have to consider technical limitations, which shows in modern stacks. In the future, architecture will follow sustainability constraints.
That’s a bold one. After Web 1.0, Web 2.0 and what many call Web 3.0, this is difficult. Low Earth orbit (LEO) satellites sure are a thing and there is no reason starlink wouldn’t be successful. Their approach is set to bring affordable broadband to every corner of the planet. Only: which problem – in scope of this prediction – does this solve? The world has places and societies that do need internet connectivity. Those areas are not a typical home for any of these projects that would require connectivity. And still then, that’d be known applications in remote areas.
The fantastic buildbot continuous integration framework offers plenty of functionality, among others the option to authenticate with several options. The framework, at the time of this writing, comes with plugins packaged, that locally support NoAuth, UserPasswordAuth, HTPasswdAuth. More interestingly, buildbot also supports GoogleAuth, GitHubAuth GitLabAuth, BitbucketAuth for authentication through an OAuth2 login. Further, there are plugins for RemoteUserAuth or CustomAuth.
However, there is no generic plugin for OAuth2 authentication. The obvious reason for this is, that OAuth2 is an authorisation protocol, but that’s the story of another post. While at first glance the documented classes for our purpose seem to be RemoteUserAuth or CustomAuth, open source allows us to understand how for example the GoogleAuth-class works and give us an idea of what we can do here. So does buildbot come with a base-class OAuth2Auth, that all others inherit from. We can do the same for our goal:
from buildbot.www.oauth2 import OAuth2Auth # for custom authentication
class PramariAuth(OAuth2Auth):
name = "Pramari"
faIcon = "fa-python"
resourceEndpoint = "https://www.pramari.de"
authUri = 'https://pramari.de/o/authorize/'
tokenUri = 'https://pramari.de/o/token/'
authUriAdditionalParams = dict(scope=" ".join(['userinfo', ]))
def getUserInfoFromOAuthClient(self, c):
data = self.get(c, '/api/userinfo/')
return dict(full_name="{}, {}".format(data['last_name'], data['first_name']),
username=data['username'],
email=data["email"],
)
def createSessionFromToken(self, token):
s = requests.Session()
s.headers = {'Authorization': 'bearer ' + token['access_token']}
s.verify = self.sslVerify
return sThe class requires a few attributes to be set. The obvious are name, that indicates the name of the Authentication Plugin, and faIcon, that allows to chose a FontAwesome-Icon as a representation in the buildbot menubar later. Further, OAuth2 requires an authorisation-endpoint URL and a token-exchange endpoint URL. These are specified by the authUri– and tokenUri-attributes in the above example. The authUriAdditionalParams will specify the OAuth2-scopes that will be requested in the authentication/authorisation-process. Since buildbot will require, at a minimum, some information about the authenticated user, this will contain a space-separated list of scopes. Here it is the “userinfo”-scope.
The class can exist in master.cfg.
On the server end, in this case pramari.de, this example presumes using Jazzbands fantastic oauth2-toolkit and the equally fantastic django-restframework. To provide the userinfo that buildbot will expect, in this case under “/api/userinfo“, djangorestframework can serialize information from the Django User-Model.
class UserSerializer(serializers.ModelSerializer):
# pylint: disable=R0903
class Meta:
model = User
fields = (
"pk",
"username",
"first_name",
"last_name",
"email",
)To provide these details, djangorestframework needs to have a view to give out these details:
class UserDetails(views.APIView):
# authentication_classes = [OAuth2Authentication]
permission_classes = [TokenHasScope]
required_scopes = ['userinfo']
serializer_class = UserSerializer
def get(self, request, *args, **kwargs):
userinfo = User.objects.get(pk=self.request.user.pk)
return response.Response(UserSerializer(userinfo).data)Finally, add the userinfo-api view to your urls.py configuration, to provide the API Endpoint under /api/userinfo/, as configured in the buildbot-authentication class:
urlpatterns += [
path(r"api/userinfo/", UserDetails.as_view()),
]Userinfo is now available to API-clients that provide a token with the ‘userinfo’-scope.
Of course, the client needs to authenticate against an authentication server, in our example using Jazzbands fantastic OAuth2-toolkit). We’ll not discuss installation and configuration of the server-side here, the package has fantastic documentation. Provided the toolkit is reachable just as the django-oauth2-toolkit tutorial described it, add a client at http://<hostname>/o/applications/:
The dialog will auto generate client-id and client-secret, that you will need for a later step. The buildbot-application will be a public application, that works using the authorization-code flow. Redirect-URLs for buildbot are <buildbot-url>/auth/login/. Please replace with your URL in the above example.
Once you have client-id and client-secret, you can go and configure the web interface in master.cfg for buildbot:
['www'] = dict(
port=8010,
plugins=dict(waterfall_view={}, console_view={}, grid_view={}, badges={"left_pad": 0, "right_pad": 0, "bord
er_radius": 3, "style": "badgeio"}),
auth=PramariAuth(
clientId="********",
clientSecret="********"
),
change_hook_dialects={'github': {'secret': 'BRbNFGkfC$os9W)3mXCYer>vf2,j;w2MYfzNRRdMz{HGVa6zbaoPi6fb6Fs?EEp
w'}},
authz=authz
)As a last hint in this small exercise, you may want to look into authz, to ensure proper access-limits for remote-authenticated users. Again, buildbot has excellent documentation on this topic, and further examples would be beyond the scope of this article. Here only for the completeness of the example:
authz = util.Authz(
allowRules=[
util.AnyControlEndpointMatcher(role="admins", defaultDeny=True),
util.AnyEndpointMatcher(role="admins", defaultDeny=True),
],
roleMatchers=[
util.RolesFromEmails(admins=["andreas@neumeier.org"])
]
)There you go. After starting, buildbot now comes with your own one-click login:
CloudFlare hat heute eine neue Storage Option vorgestellt. Der Service, abgekürzt R2, das alternativ für “Really Requestable”, “Ridiculously Reliable” oder “Radically Reprogrammable” stehen soll, ist der Ankündigung zufolge vollständig mit S3 von Amazon API kompatibel. Der wichtigste Punkt der Ankündigung scheint aber die Kosten Abgrenzung zu anderen Cloud-Storgae Services zu sein. Gleich in der Ankündigung ist die Rede davon, dass für diesen Service keine Express Kosten anfallen. Zusammen mit dem Service für eine “automatic migration” richtet sich das Angebot eindeutig an Entwickler und Nutzer des Amazon Services, die mit Kosten unzufrieden sind. Insgesamt fällt das Produkt damit auf den ersten Blick in eine Linie mit anderen Cloud-Angeboten, die die Cloud als solche in Richtung der Null-Grenzkosten-Ökonomie bewegen. Den Anspruch auf Verfügbarkeit und Flexibilität muss das Produkt erst beweisen. Und auch die Kostenfrage wird sich bei Nutzern stellen, die schlussendlich das Zero-Rating dieses Angebots ausgeschöpft haben.
Introducing Cloudflare’s S3-compatible Object Storage service, with zero egress bandwidth charges and automatic migration from S3-compatible services.
Source: Announcing Cloudflare R2 Storage: Rapid and Reliable Object Storage, minus the egress fees
Travis-CI published a security bulletin the other day, describing a special condition that would allow to access secrets belonging to a foreign repository in Github or Bitbucket. The condition requires a fork from a public repository. That’s how open source work, and very central functionality. Not a corner case.
Turns out, the cloud service did address the issue, still plenty of secrets have been affected:
While cloud technology is all great economically, this is another sample of why commercial software vendors need to consider third party vendors in their threat profiles.
With the anticipated release of iPhone 13 coming closer, rumours increase. Leaker @FrontTron on Twitter has some numbers, that AppleInsider is kind enough to put into perspective.
It’s impressive how apple dominates the mobile CPU space. With last years release of “Apple Silicon” in form of the M1 chip for notebook like computing (and the iPad), the near strategy ain’t too obvious. Notebookcheck.coms interpretation is the next gen M2 will base on the A15 design, but vary in contained cores.
A benchmark on what is said to be the GPU in Apple’s A15 chip, destined for the ” iPhone 13 ,” is 13.7% faster than the A14, maintaining Apple’s lead in mobile performance. A Manhattan 3.1 GPU benchmark test reportedly shows Apple’s A15 chip hitting 198 FPS during the first round of testing.
From the article.
Contentful, a Content-Management SaaS company, raised another round of financing. With the latest investment the Berlin founded and Headquartered is valued at over $3B.
Contentful locked in a $175 million Series F and a $3 billion-plus valuation as it looks to take advantage of a more digital-first marketplace
From Crunchbase
Source: Contentful Hits $3B-Plus Valuation After Tiger Global-Led $175M Round – Crunchbase News
Source @ingliguori on Twitter:
