Sometimes, it's backwards

0x4E4F@sh.itjust.works to Programmer Humor@programming.dev – 681 points –
189

You are viewing a single comment

In a rapidly churning startup phase, where new releases can and do come out constantly to meet production requirements, this one size fits all mentality is impractical.

If you refuse to whitelist the deployment directory, you will be taking 2am calls to whitelist the emergency releases.

No it can't wait until Monday at 9am, no there will not be a staged roll out and multiple rounds of testing.

I am more than willing to have a chat; you, me and the CEO.

No it can't wait until Monday at 9am, no there will not be a staged roll out and multiple rounds of testing.

I hope you're doing internal product development. Otherwise, name and shame so I can stay the hell away from your product. This is a post-Crowdstrike world.

It IS bespoke internal development, not for deployment outside of the facility.
The computers running the software exist only to run this software and have no business talking to the internet at all.
IT is provided by an external third party vendor who operate on an inflexible "best practices dogma".

Sounds like you’re stuck in a worst practices mindset.

Sign your damn releases and have the whitelisting done by cert.

Sounds like you’re stuck in a worst practices mindset.

Worst/Pragmatic.
If I get a timeline for a feature request, then everything can be scheduled, tested, whitelisted, delivered at a reasonable time.
That's the rarer event - normally it's more like "the scale head has died and a technician is on the way to replace it" and whilst I modify the program in question to handle this new input, hundreds of staff are standing around and delivery quotas won't be met.
Is my position arrogant? This is the job.

Sign your damn releases and have the whitelisting done by cert.

I'll see if this is possible at the site in question, thank you.