profile
viewpoint
Chayim chayim Canada A Python writing, DevOps focused, security conscious tech head, who loves economics, finance, and Star Wars.

karanthukral/FYDP 1

Base Repo for the FYDP Project. We can use it to keep track of things for now

chayim/about 0

Sourcegraph blog, feature announcements, and website (about.sourcegraph.com)

chayim/django-pdb 0

Gives you `manage.py runserver --pdb` and `manage.py test --pdb`

chayim/exchangeratesapi 0

Easy exchange rates - from the European Central Bank

chayim/GHOSTCHECK-cve-2015-0235 0

A check for GHOST; cve-2015-0235

chayim/gigo 0

GIGO: PIP for GO

chayim/newsapi 0

A basic wrapper for accessing newsapi.org

chayim/pyhelpers 0

Quick and dirty python script collection - at least what I remember to share

chayim/questrade 0

Golang bindings for the Questrade API

chayim/stockdata 0

Go library for gathering stock data

issue commentsourcegraph/sourcegraph

Security: 3.19 Tracking issue

This week @daxmc99 and I continued to work through the encryption of data as part of RFC 196. We have encrypted everything already planned (#12263), and added additional support for the event_log argument types. We developed a plan for rotating secrets, validating the useability with @rrhyne and updating the database (#12269), including a proof of concept. Finally, I updated the documentation for these feature (#12266), such that it can be carried forward in my absence.

Next week I'll be working on an RFC for encrypted filesystems, to enable multiple organizations to store data, whilst maintaining privacy between them. I'll also start fleshing out a plan for vulnerability scanning. As a reminder, my availability is decreased heavily next week.

chayim

comment created time in an hour

issue commentsourcegraph/sourcegraph

Update product documentation

Please see branch rfc196-docs

chayim

comment created time in 2 hours

create barnchsourcegraph/sourcegraph

branch : rfc196-docs

created branch time in 2 hours

PR opened sourcegraph/sourcegraph

Reviewers
Rfc196 ckpadding

The ability to check for the encoding of an object.

+621 -7

0 comment

8 changed files

pr created time in 4 hours

create barnchsourcegraph/sourcegraph

branch : rfc196-ckpadding

created branch time in 5 hours

push eventsourcegraph/about

Dan Adler

commit sha 6a05ef014380bfea72574a079399e4a1e44218b8

Add information security policy acknowledgement to onboarding (#1366)

view details

push time in 8 hours

delete branch sourcegraph/about

delete branch : security-acknowledgement

delete time in 8 hours

PR merged sourcegraph/about

Reviewers
Add information security policy acknowledgement to onboarding

This is only an initial outline of what we'll ultimately need in terms of new hire information security acknowledgement. While this will work for the near future, I'd love to ask for support from the @sourcegraph/security team in fleshing out an actual internal policy doc that is actually useful and relevant, while still being concise and avoiding a bunch of boilerplate.

Please let me know if you support the form I've added here for now!

+1 -0

0 comment

1 changed file

dadlerj

pr closed time in 8 hours

pull request commentsourcegraph/sourcegraph

Example of encryptColumns

Yeah, this is where we landed yesterday. Agreed.

daxmc99

comment created time in 8 hours

Pull request review commentsourcegraph/sourcegraph

Example of encryptColumns

 func (*userExternalAccounts) Delete(ctx context.Context, id int32) error { 	return nil } +// Encrypt uses the helper_secret to encrypt the denoted column(s)+// it first gets all the data in the current column and then performs the update+func (s *userExternalAccounts) Encrypt(ctx context.Context, id int32) error {++	account, err := s.Get(ctx, id)+	if err != nil {+		return err+	}++	maybeUserExtAcct, err := encryptColumns([]string{"auth_data"}, *account)

Very cool

daxmc99

comment created time in 8 hours

push eventsourcegraph/about

Chayim I. Kirshen

commit sha 3c64fdd4c4ce815c8b7c2aa6e2d8b6f3db0b4944

Modified the language for Dan's PR, and contributed some security specific detail (i.e 24x7x365).

view details

push time in a day

Pull request review commentsourcegraph/about

Update security page

 Learn more in our [pings documentation](https://docs.sourcegraph.com/admin/pings  [Sourcegraph can be configured to enforce repository permissions from code hosts.](https://docs.sourcegraph.com/admin/repo/permissions). Unit and integration tests protect the correctness of these permissions checks. -## Customer data+## Data access +When you run Sourcegraph on your own infrastructure, all application and user access logs are stored locally only. Sourcegraph employees and contractors never have access to your Sourcegraph or the code, user data, or application data stored in it (excluding any manual intervention, such as e-mailing logs for support purposes).++We maintain the following policies for sourcegraph.com data and any data provided via e-mail or other support channels: - Access to all internal systems is protected by multi-factor authentication. Access is restricted to those who require it to perform their job, and is regularly reviewed and revoked upon termination or when no longer needed.-- All application and user access logs are stored centrally and monitored.-- Company policy prevents customer data from being downloaded to portable devices, such as laptops.+- All sourcegraph.com application and user access logs for Sourcegraph.com are stored centrally and monitored.

Service, application, and access logs for sourcegraph.com are stored centrally, by Sourcegraph and monitored.

dadlerj

comment created time in a day

Pull request review commentsourcegraph/about

Update security page

 Learn more in our [pings documentation](https://docs.sourcegraph.com/admin/pings  [Sourcegraph can be configured to enforce repository permissions from code hosts.](https://docs.sourcegraph.com/admin/repo/permissions). Unit and integration tests protect the correctness of these permissions checks. -## Customer data+## Data access +When you run Sourcegraph on your own infrastructure, all application and user access logs are stored locally only. Sourcegraph employees and contractors never have access to your Sourcegraph or the code, user data, or application data stored in it (excluding any manual intervention, such as e-mailing logs for support purposes).++We maintain the following policies for sourcegraph.com data and any data provided via e-mail or other support channels: - Access to all internal systems is protected by multi-factor authentication. Access is restricted to those who require it to perform their job, and is regularly reviewed and revoked upon termination or when no longer needed.-- All application and user access logs are stored centrally and monitored.-- Company policy prevents customer data from being downloaded to portable devices, such as laptops.+- All sourcegraph.com application and user access logs for Sourcegraph.com are stored centrally and monitored.+- Company policy prevents customer data from being downloaded to portable devices, such as phones, that don't have device management software in place.

Good place to start.

dadlerj

comment created time in a day

Pull request review commentsourcegraph/about

Update security page

 Learn more in our [pings documentation](https://docs.sourcegraph.com/admin/pings  [Sourcegraph can be configured to enforce repository permissions from code hosts.](https://docs.sourcegraph.com/admin/repo/permissions). Unit and integration tests protect the correctness of these permissions checks. -## Customer data+## Data access +When you run Sourcegraph on your own infrastructure, all application and user access logs are stored locally only. Sourcegraph employees and contractors never have access to your Sourcegraph or the code, user data, or application data stored in it (excluding any manual intervention, such as e-mailing logs for support purposes).

When running Sourcegraph on your own infrastructure, all application logs are stored locally, and never shared with Sourcegraph. Sourcegraph employees and contractors never have access to your Sourcegraph instance, or any of its data, unless explicitly shared for troubleshooting purposes.

dadlerj

comment created time in a day

push eventsourcegraph/careers

Chayim

commit sha e4180c518e1374402905a33e90f3c36733d85b2d

Update job-descriptions/software-engineer-security.md Co-authored-by: Eric Brody-Moore <ericbm@sourcegraph.com>

view details

push time in 2 days

Pull request review commentsourcegraph/careers

possible process change on security hire

 Learn more about what it is like to work at Sourcegraph by reading [our handbook ## Interview process  1. You [apply here](https://jobs.lever.co/sourcegraph/c36db3e1-0ece-465d-ad7c-1eb6de9a4b22/apply).-1. You speak with the VP of Engineering for 30 minutes. To prepare:+1. You speak with the Security manager for 30 minutes. To prepare:    - Read through [our handbook](https://github.com/sourcegraph/about) to learn more about how we operate and to find answers to common questions that you might have.-   - Review the RFC template in the next step and write down any questions that you have.-1. You write your first Sourcegraph [RFC](https://about.sourcegraph.com/handbook/communication/rfcs) by creating a new Google Doc using [this template](https://docs.google.com/document/d/1ol7aVXuXB7XL4DorOoxoDsaSyFI9Pv4Bcc1zfo-iLtw/edit#). We will review your RFC and may ask questions via comments directly on the document.-1. You speak with the Sourcegraph Cloud engineering manager for 1 hour about your RFC.-1. We schedule 4 hours of remote interviews over video chat across multiple days.+1. You write a short security assessment, taking less than **30m** of your time, explaining a security vulnerability.

I'm going to dummy up a template, much like the RFC. The idea is that a candidate would explain a vulnerability for which we provide the appropriate research. The candidate will help explain the vulnerability in plain English. Given the information we provide, they would ideally explain the impact of the vulnerability to the Sourcegraph product. I should have it ready tomorrow afternoon.

chayim

comment created time in 2 days

push eventsourcegraph/sourcegraph

Chayim I. Kirshen

commit sha f58932d40b092b7384c3da08764fa29e2f094651

the ongoing saga of moving repoupdater into the database

view details

push time in 2 days

Pull request review commentsourcegraph/about

cloud: Add Growth plan section

 Other:  - [Keegan Carruthers-Smith](../../../company/team/index.md#keegan-carruthers-smith) will not be isolating his work to a single team. Instead, he will serially choose tasks that he thinks are important to work on and he will post updates to the most relevant tracking issue on GitHub. This is an experiment for the next month and we will evaluate the outcome on 2020-08-17. Tomás will continue to be his manager during this experiment. -## Hiring status+## Growth plan -_Updated 2020-07-03_+We've validated that while having a team focus on Cloud is very important, there continues to be a need for work to happen on other areas of our backend infrastructure. To that end, we'll split this team into two, Cloud and [Backend Infrastructure](../backend-infrastructure/index.md), as soon as we hired enough that each of those teams could have a minimum of 3 engineers, but for the time being, the Cloud team will have to handle any emerging high priority backend infrastructure goals that aren't directly related to the ultimate goal of the team. -We are hiring for these roles:+Each of these teams should not grow larger than 8 engineers. In the mean-time, Tomás will be the manager of both teams, but we're looking to hire Engineering Managers for both down the line.

Are we sure we want to limit to 8 engineers, or specify engineers? Given what we discussed in cloud sync, perhaps the language could change to something like "Each of these teams should limit growth to X" - which might cover both?

tsenart

comment created time in 2 days

Pull request review commentsourcegraph/careers

Initial draft of the full stack engineer job description

+![logo](https://sourcegraph.com/.assets/img/sourcegraph-light-head-logo.svg)++# Full Stack Engineer+Sourcegraph is seeking an engineer that thrives on owning big problems across domains and different levels of the stack — you grok how the ultimate measure of your work is how users experience the work you do, and that means you wear any hat necessary to that end, from product, to developer, and everything in between. You are a polyglot, quick learner and fearless into diving into unknown areas of the systems you work with. You believe that communicating clearly and empathetically and your relationships with others is critical to our success.+## Qualifications++We are looking for a full stack engineer who has strong fundamentals in good software development techniques, design patterns and best practices. In your career you have worked with and refactored existing code bases. You are both productive and pragmatic because you believe software is only useful if it is used. Collaborating with small high performing teams, you have built and deployed production-ready software that delivers value to customers.+* Strong working knowledge with API design and architecture.+* Skilled at building and testing end-to-end applications (e.g., unit testing, integration and e2e testing).+* Good knowledge of Git in particular and other version control systems in general.+* Single page applications or progressive web apps and Web APIs.+* Understanding of core web technologies (HTTP, HTML, CSS, Javascript)+* Strong experience with at least one web framework such as React, Angular, Polymer, Closure or Backbone.+* Strong experience in at least one server side language such as Java, Python, PHP, Ruby.

Perhaps this could highlight the preference for Go and Typescript, but experience with Java, Python, etc. is also viable?

aidaeology

comment created time in 2 days

push eventsourcegraph/careers

withdavidli

commit sha eafd8993e9b0aa3f4a07b844f5f3ee314405479c

Update software-engineer-security.md (#116) Suggest changing Qualification section to the following instead of leaving it open to all experiences. This will cut down on the number of applicants that are not qualified, do not have any security experience, or do not have experience developing software.

view details

push time in 2 days

delete branch sourcegraph/careers

delete branch : withdavidli-patch-1

delete time in 2 days

PR merged sourcegraph/careers

Reviewers
Update software-engineer-security.md

Suggest changing Qualification section to the following instead of leaving it open to all experiences. This will cut down on the number of applicants that are not qualified, do not have any security experience, or do not have experience developing software.

+5 -6

0 comment

1 changed file

withdavidli

pr closed time in 2 days

push eventsourcegraph/sourcegraph

Chayim

commit sha cf49dc0a5a49b38cb9ccba17db69e6982a3e4d2f

event logs, external account that should use encryptifpossible (#12668) Co-authored-by: Chayim I. Kirshen <chayim@gnupower.net>

view details

push time in 2 days

delete branch sourcegraph/sourcegraph

delete branch : rfc196/ck-elogs

delete time in 2 days

create barnchsourcegraph/sourcegraph

branch : rfc196-repoupdater

created branch time in 2 days

PR opened sourcegraph/careers

Reviewers
possible process change on security hire

The potential process change is highlighted here. I'm thinking that we can ask new hires to explain a vulnerability, in plain English, and assess it's impact. This will allow us to both gauge their understanding of security, and their ability to communicate. To wit, we would be relying on an existing, public vulnerability, already disclosed in the mitre database, and asking for a two to three paragraph response.

+4 -5

0 comment

1 changed file

pr created time in 3 days

create barnchsourcegraph/careers

branch : ck-processchange

created branch time in 3 days

Pull request review commentsourcegraph/careers

Initial draft of the full stack engineer job description

+![logo](https://sourcegraph.com/.assets/img/sourcegraph-light-head-logo.svg)++# Full Stack Engineer+Sourcegraph is seeking an engineer that thrives on owning big problems across domains and different levels of the stack — you grok how the ultimate measure of your work is how users experience the work you do, and that means you wear any hat necessary to that end, from product, to developer, and everything in between. You are a polyglot, quick learner and fearless into diving into unknown areas of the systems you work with. You believe that communicating clearly and empathetically and your relationships with others is critical to our success.+## Qualifications++We are looking for a full stack engineer who has strong fundamentals in good software development techniques, design patterns and best practices. In your career you have worked with and refactored existing code bases. You are both productive and pragmatic because you believe software is only useful if it is used. Collaborating with small high performing teams, you have built and deployed production-ready software that delivers value to customers.+* Strong working knowledge with API design and architecture.+* Skilled at building and testing end-to-end applications (e.g., unit testing, integration and e2e testing).+* Good knowledge of Git in particular and other version control systems in general.+* Single page applications or progressive web apps and Web APIs.

The others are statements of wants, whereas this is a thing. For example "Good knowledge of git..."; perhaps:

Experience developing single page applications or progressive web applications and APIs.

aidaeology

comment created time in 3 days

push eventsourcegraph/sourcegraph

Chayim I. Kirshen

commit sha acc21bbf29d51922aa156c0babf38c94cff5ff02

Beginning key rotation by ensuring environment variable accepts comma delimited keys. We accept two and only two keys, no more.

view details

push time in 3 days

push eventsourcegraph/sourcegraph

Chayim I. Kirshen

commit sha 3cae0f9e1e0d36c45df0ac0377a02b8089e5617b

database name reverted

view details

push time in 4 days

PR opened sourcegraph/sourcegraph

Reviewers
Instructions on configuring the development environment for read-only

Instructions for read-only database access.

+12 -1

0 comment

1 changed file

pr created time in 4 days

create barnchsourcegraph/sourcegraph

branch : read-only-db

created branch time in 4 days

PR opened sourcegraph/sourcegraph

Reviewers
event logs, external account that should use encryptifpossible

Found some stragglers.

+14 -3

0 comment

2 changed files

pr created time in 4 days

create barnchsourcegraph/sourcegraph

branch : rfc196/ck-elogs

created branch time in 4 days

pull request commentsourcegraph/about

cloud: document manual migrations we're performing

@tsenart It's much as @pecigonzalo mentioned. In conversation it came out that we have 3-4 customers we support who don't have access to their underlying Database Management System (DBMS). This means that if we do this as a pure migration (my preference) we'd break environments, with migrations that have to manually recorded.

However, I also agree that in general a read-only connection to the database would be great. I'd generally like to encourage Principle of Least Principle.

slimsag

comment created time in 4 days

issue commentsourcegraph/sourcegraph

Security: 3.19 Tracking issue

This week Dax and I are ongoingly pairing to work through encryption. This arose from having also discussed with @keegancsmith a better approach. The result is that database access (#12267 ) is no longer needed. This allowed us to migrate several types, and get far ahead in encrypting storage as part of #12263. Also isolated a PR for read-only database access, and pruned issues in security.

Next week I'd like to complete the encryption of data (#12263) in its entirety, add at least start on support for automatically migrating secrets to the encrypted backend (#12265), whilst rotating secrets (#12269). Similarly, I'll at least get started on (#12264) and have pairing with @keegancsmith as part of it. Finally, the read-only database access change should go into production.

chayim

comment created time in 7 days

issue closedsourcegraph/sourcegraph

Separate Secrets Access from Secrets Storage

RFC 196 outlines a new implementation for secrets storage.

Separating secrets access from storage will allow us to change secrets providers based on need. The first provider being implemented is in-database PostgreSQL.

closed time in 7 days

chayim

issue closedsourcegraph/sourcegraph

Generate unique keys on a per deployment basis

We will generate per-deployment (i.e per installation) keys, that are unique to each customer instance. This will support our three supported installations: docker, docker compose, and k8s.

closed time in 7 days

chayim

issue commentsourcegraph/sourcegraph

Generate unique keys on a per deployment basis

Completed as part of pairing.

chayim

comment created time in 7 days

Pull request review commentsourcegraph/sourcegraph

Add index on repo name column

+BEGIN;++DROP INDEX repo_name_idx;

DROP INDEX IF EXISTS repo_name_idx

efritz

comment created time in 7 days

issue openedsourcegraph/sourcegraph

We need to support cloud only migrations

Supporting cloud means the need for running migrations against the cloud only instance of Sourcegraph. Today we have two manually run migrations that are inherently separate from the on-premise installation of Sourcegraph.

created time in 7 days

push eventsourcegraph/sourcegraph

Chayim I. Kirshen

commit sha 7ad278a76c8142151e7a3352da4cd23d26aded52

repo-updater now uses the encryption code.

view details

push time in 7 days

create barnchsourcegraph/sourcegraph

branch : rfc196/repoupdater

created branch time in 7 days

delete branch sourcegraph/sourcegraph

delete branch : rfc196/dax-testing

delete time in 7 days

push eventsourcegraph/sourcegraph

Dax McDonald

commit sha 79fdc6ac749c20eeff04c60b45f3fb7a1b32e110

Add init Adds an init function to read the encryption token from either from the SOURCEGRAPH_CRYPT_KEY env var or SOURCEGRAPH_SECRET_FILE location. Panics if no secret key is found.

view details

Dax McDonald

commit sha eeeb3d12e2aa46e6488351fa0b3cc6dcef975b1b

Fmt

view details

Chayim

commit sha 2bd78802fb52bfd6aedb2d0a97870510c0a214b0

Encrypting tokens (#12415) Adding token encryption, and the associated unit tests.

view details

Dax McDonald

commit sha 63ca7fefa4dce9b6719500abe76077655ae17f90

Merge remote-tracking branch 'origin/tracking-rfc196' into rfc196/dax-testing

view details

Dax McDonald

commit sha 432c6524428c801ae9cc297e56fcc0984560b149

Refactor EncryptionStore to Encrypter

view details

Dax McDonald

commit sha fb937a0bff397873b8128a89e8c8e6aa5e5de2fb

Add generated keys For non-k8s deployments, we generate the keys if none are provided. Keys are written to /var/lib/sourcegraph/token

view details

Chayim I. Kirshen

commit sha 99be9cd11a4887bedd5825033c3a4006c3dcbed3

Cleaning up secret initialization and ensuring that kubernetes is a first order citizen.

view details

Chayim I. Kirshen

commit sha 118ba1722cbfca986c991b74cce3080a7845e52f

temporarily checking for dev environment until we learn how to disable in CI. Adding secret token object for #4 and #5 in the RFC

view details

Dax McDonald

commit sha 51d5fe617fc320fed1a9b74ef3ac1e9942d4cfb4

Remove unneeded err check

view details

Dax McDonald

commit sha a30e11a2c43459c1c715474fd3f3cd82b969d994

Update panic If we are in dev mode or CI, do not panic.

view details

Dax McDonald

commit sha 57815abd8a8865da17b5846293a7689540c71d54

Add EncryptIfPossible and DecryptIfPossible Also add test

view details

Dax McDonald

commit sha 907182ea7cea592bf42d4fb2366834086f077f68

Add encryption and decryption to external service DB functions

view details

Dax McDonald

commit sha 48a4f25406b0e1469e24f73a980e9001304efa3e

Added support for external accounts and a byte encryption wrapper

view details

push time in 7 days

PR merged sourcegraph/sourcegraph

Add init

Adds an init function to read the encryption token from either from the SOURCEGRAPH_CRYPT_KEY env var or SOURCEGRAPH_SECRET_FILE location. Panics if no secret key is found.

+349 -46

5 comments

6 changed files

daxmc99

pr closed time in 7 days

delete branch sourcegraph/sourcegraph

delete branch : rfc196/ck-token-12436

delete time in 7 days

push eventsourcegraph/sourcegraph

Eric Fritz

commit sha d98bedffc34e86605910672ca90fb96b6c5430ff

workerutil: Fix nil-deref in when using worker store transactionally (#12407)

view details

Keegan Carruthers-Smith

commit sha 4ad852548c256b82e8ee6ed4fd31c0b7d5074095

ci: skip db-backcompat check if branch is out of date (#12326)

view details

Eric Fritz

commit sha 8031e562ca8d0f132584b485bbf4faa6cf01cc3c

codeintel: Add tables for denormalizing nearest upload data (#12406)

view details

Rijnard van Tonder

commit sha 5d9aa988facb8af99745718d2220b4e26fe06e74

search: move search.Uppercase logic (#12386)

view details

Rijnard van Tonder

commit sha 3b82bd486a036172bdbf2fd65458642f8f6a6d38

search: add prometheus labels to search alerts (#12384)

view details

Dax McDonald

commit sha d708886a9e5a8802f5e53e7642029e14e656d798

Update changelong for 3.18 (#12413)

view details

Eric Fritz

commit sha 5c42d6954211dde1e74d601602f9cedb51919212

codeintel: Add CommitGraph to gitserver client (#12404)

view details

Eric Fritz

commit sha 8af9002ca940c8b064f32322ee717013040329a3

codeintel: Add commit graph utilities (#12402)

view details

Eric Fritz

commit sha 4db05a84e89d9115a7fcee2ac868a2a09d3b67b2

codeintel: Add Lock to store (#12401)

view details

Rijnard van Tonder

commit sha 568ad90e70537450358f39783c9ced70d27d43f7

search: add additional alert for comby out of memory (#12385)

view details

Rijnard van Tonder

commit sha 7814eca4dc3feb4b7fa06e88f4575061c8cc7ea6

search: add DNF conversion for hierarchical search (#12381)

view details

Keegan Carruthers-Smith

commit sha c22422b05c57a70afee1674a99db922e28f2820e

schema: cleanup schema gen (#12394) Moved logic into a shell script and deduplicated it a bit.

view details

Ryan Slade

commit sha f085ae76798b6c7f8351875fb4587d3a564a0923

go: Update our graphql-go dependency (#12430)

view details

Felix Becker

commit sha e7f82155835102cebed818e9aaa4f55a0ecb9e5e

Update info color to a lighter cyan (#12433)

view details

Keegan Carruthers-Smith

commit sha 62738b92764866c3b3d77e26dff35e1a69014672

search: limit indexed branches per repository to 64 (#12431) Zoekt only supports indexing up to 64 repositories. This commit enforces this in the JSON schema for "search.index.branches". Enforcing this for Version Contexts will require adding a custom validator, which I'll leave for a later improvement. Since we don't enforce this everywhere, the options we generate will deterministically only return up to 64 branches. If an admin specifies more, it is likely better to index 64 branches than index none and fail.

view details

Keegan Carruthers-Smith

commit sha c03c8d475820912385372d7502fdace795847aa5

endpoint: prom metric and debug logs for k8s service discovery (#12434)

view details

Rijnard van Tonder

commit sha 9d4818686873846ec6268801b0f38fc72168711b

search: update parser fuzzer harness (#12438)

view details

Dan Adler

commit sha 3f383db8a6757c9616a1bad36fa1c08403d8df0b

Add link to saved searches page in email (#11651) * Add link to saved searches page in email * Add changelog * Update changelog

view details

Dax McDonald

commit sha f04c93047b6317d88d0985730a774a122dc88f04

Add cleanup step to Grafana and Prometheus ignored files (#12428) * Add cleanup step to Grafana and Prometheus ignored files * Handle path err & use const

view details

Keegan Carruthers-Smith

commit sha 971f0eca42806e7ea042e95ef0879c9541feb809

debugproxies: clearer debug logs for watchEndpointEvents (#12427) We log errors for /-/debug endpoint's use of k8s service discovery as debug logs. This can look like real problems in our cluster when you spot the log messages. This commit updates the log message to be more informative, as well as to differentiate between expected errors vs unexpected errors.

view details

push time in 7 days

PR merged sourcegraph/careers

Update software-engineer-security.md

Updated the JD. Changed the language to be a bit more security focused, while highlighting that we code.

+6 -17

1 comment

1 changed file

chayim

pr closed time in 8 days

push eventsourcegraph/careers

Chayim

commit sha 6e4f00b2319c13a98c572481bacea3af6d8f2abc

Update software-engineer-security.md (#113) Updated job description for security engineer. Included link back to the handbook. Co-authored-by: Chayim I. Kirshen <chayim@gnupower.net> Co-authored-by: Nick Snyder <nick@sourcegraph.com>

view details

push time in 8 days

delete branch sourcegraph/careers

delete branch : security-jd-change

delete time in 8 days

push eventsourcegraph/about

Chayim

commit sha d1168b14d3fe7968c91348acceeeea9d2752f978

Security roles and responsibilities (#1302) * Roles and resposibilities Moving the roles and responsibilities from the job description and into the team page. I also took the opportunity to remove deplicates. Co-authored-by: Nick Snyder <nick@sourcegraph.com>

view details

push time in 8 days

delete branch sourcegraph/about

delete branch : ck-roles

delete time in 8 days

PR merged sourcegraph/about

Security roles and responsibilities

Moving the roles and responsibilities from the job description and into the team page. I also took the opportunity to remove deplicates.

+6 -3

0 comment

1 changed file

chayim

pr closed time in 8 days

push eventsourcegraph/about

Chayim

commit sha bb33a8e58450762d94eef97168e5752824e0935f

Update handbook/engineering/security/index.md Co-authored-by: Nick Snyder <nick@sourcegraph.com>

view details

push time in 8 days

push eventsourcegraph/about

Chayim

commit sha 79cc7dd0ed2a6f9132e58ccef9752d529f7bdcde

Update handbook/engineering/security/index.md Co-authored-by: Nick Snyder <nick@sourcegraph.com>

view details

push time in 8 days

push eventsourcegraph/sourcegraph

Chayim I. Kirshen

commit sha 1a7c5e24c96d2efaf14d5909aaa203f143cf135d

bindata

view details

push time in 8 days

Pull request review commentsourcegraph/sourcegraph

Adding a readonly database user

++BEGIN;++CREATE USER sgreader with PASSWORD 'sgreader';+GRANT CONNECT ON DATABASE sourcegraph TO sgreader;+GRANT USAGE ON SCHEMA public to sgreader;+GRANT SELECT ON ALL TABLES IN SCHEMA public to sgreader;+ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT SELECT ON TABLES TO sgreader;

I'll does@ But @efritz mentioned there might be a better way to do this for cloud only, and that our customers don't always use the database "sourcegraph" - so I'm still in drawing mode, hence the draft status.

chayim

comment created time in 8 days

push eventsourcegraph/sourcegraph

Chayim I. Kirshen

commit sha 7d2d99b2e93a7c53ef1335b3ab0cf0008d36007a

removed hardcoded database name, because in many deployments users create their own database

view details

push time in 8 days

pull request commentsourcegraph/sourcegraph

Adding a readonly database user

I'll does@ But @eric mentioned there might be a better way to do this for cloud only, and that our customers don't always use the database "sourcegraph" - so I'm still in drawing mode, hence the draft status.

chayim

comment created time in 8 days

push eventsourcegraph/sourcegraph

Chayim I. Kirshen

commit sha 6990d19aa9c4a93b035fdf63969060429260d062

bindata

view details

push time in 8 days

PR opened sourcegraph/sourcegraph

Adding a readonly database user

Currently we allow read-write connections to the database, and our development practices and manual reflect that. This change creates a read-only user to the database, so that in rare cases where we need to access the production database we can, but don't have to worry about modifying data.
This approach could also be used within the product itself to separate connections that need read-only access, in the future. But that is out of scope for this change.

Discussion context: https://sourcegraph.slack.com/archives/C07KZF47K/p1595872914482100

+65 -0

0 comment

3 changed files

pr created time in 8 days

create barnchsourcegraph/sourcegraph

branch : ck-readonly-dbuser

created branch time in 8 days

PR opened sourcegraph/about

Roles and resposibilities

Moving the roles and responsibilities from the job description and into the team page. I also took the opportunity to remove deplicates.

+6 -3

0 comment

1 changed file

pr created time in 9 days

push eventsourcegraph/careers

Chayim I. Kirshen

commit sha 342f6a169407495a1f4ff19f63695687ed9214af

jd update with handbook link

view details

push time in 9 days

create barnchsourcegraph/about

branch : ck-roles

created branch time in 9 days

Pull request review commentsourcegraph/careers

Update software-engineer-security.md

  # Software Engineer - Security -We are looking for an engineer who specializes in security to help us proactively secure our product. This includes the security of Sourcegraph Cloud as well as making it easy for our customers to secure their own private Sourcegraph instances that they deploy on-premise. You will be one of the first security hires at Sourcegraph and will have the opportunity to build a world-class security culture and team from the ground up.+We are looking for an engineer who is passionate about security, and wants to proactively secure our product and our customers.  You will help our customers secure their on-premise versions of Sourcegraph, and contribute to the security of our product and Sourcegraph cloud.  You will be one of the early security hires at Sourcegraph, helping to build a world-class security team, where everyone contributes, from writing code to running vulnerability scans.

I struggled with that - a lot. The best version I hit on is below, but I'd love something more clean. The first sentence is particularly troublesome.

We are looking for an engineer who is passionate about security, wanting to proactively secure our product and our customers. You will help our customers secure their on-premise versions of Sourcegraph, while contributing to the security of our product and Sourcegraph cloud.

chayim

comment created time in 9 days

Pull request review commentsourcegraph/careers

Update software-engineer-security.md

  # Software Engineer - Security -We are looking for an engineer who specializes in security to help us proactively secure our product. This includes the security of Sourcegraph Cloud as well as making it easy for our customers to secure their own private Sourcegraph instances that they deploy on-premise. You will be one of the first security hires at Sourcegraph and will have the opportunity to build a world-class security culture and team from the ground up.+We are looking for an engineer who is passionate about security, and wants to proactively secure our product and our customers.  You will help our customers secure their on-premise versions of Sourcegraph, and contribute to the security of our product and Sourcegraph cloud.  You will be one of the early security hires at Sourcegraph, helping to build a world-class security team, where everyone contributes, from writing code to running vulnerability scans.  ## Responsibilities  - Identify what our security needs are and develop a roadmap to improve and ensure the security of our product.-- Execute on that roadmap through a mix of directly contributing to our codebase (i.e., Go, TypeScript, Kubernetes, Docker, Google Cloud Platform), and helping other engineers on our team make the necessary changes. You should expect that at least 75% of your effort will be direct contributions to start.+- Execute on that roadmap through a mix of directly contributing to our codebase (i.e., Go, TypeScript, Kubernetes, Docker, Google Cloud Platform), and helping other engineers on our team make the necessary changes. - Promptly respond to and address security issues reported to us by third parties.+- Increasing our security posture by running traditional security tools such as vulnerability scanners and SAST and DAST tools. - Create a culture of security at Sourcegraph that empowers all of our engineers to write secure code.  ## Qualifications -- Broad knowledge of possible attack vectors for on-premise and cloud applications, like Sourcegraph, and an understanding of how to eliminate and/or mitigate those security risks. This knowledge generally comes from having many years of experience in the domain of security.-- Ability to define, plan, and prioritize security work that needs to be done (and then go do that work).+- Experience identifying and remediating the full life cycle of vulnerabilities, both through external packages and in code.+- Broad knowledge of attack vectors and threat actors for the life cycle of on-premise and cloud applications, including triage, remediation, and continuous improvement. - Ability to understand, debug, and write Go and TypeScript to fix security issues.-- Ability to secure cloud applications that use our tech stack: Kuberentes, Docker, Google Cloud Platform.+- Ability to secure cloud applications that use our tech stack: Kubernetes, Docker, Google Cloud Platform.+- Ability to define, plan, and prioritize security work that needs to be done (and then go do that work). - Ability to communicate clearly and empathetically, especially in writing and documentation.  ## Nice-to-haves -- Experience leading security teams (as a people manager or as a technical leader). - Published blog posts and/or tech talks about your work. - Experience working on high-performing teams, preferably tech startups.+- Experience improving the security posture of a small team, and helping that team carry the baton themselves.+- Experience working in an ops environment.

I'm trying to indicate that the ideal security candidate can experience managing infrastructure. Now that I've stepped away from it a better point could be: Experience managing and securing infrastructure

chayim

comment created time in 9 days

PR opened sourcegraph/careers

Reviewers
Update software-engineer-security.md

Updated the JD. Changed the language to be a bit more security focused, while highlighting that we code.

+9 -6

0 comment

1 changed file

pr created time in 10 days

create barnchsourcegraph/careers

branch : security-jd-change

created branch time in 10 days

push eventsourcegraph/about

Chayim

commit sha 9c2b20a21460ca44d2a4ea0cfb325bc487f42a48

Update index.md

view details

push time in 10 days

create barnchchayim/terrarist

branch : master

created branch time in 10 days

created repositorychayim/terrarist

A wrapper script for terraform.

created time in 10 days

startedtsenart/vegeta

started time in 10 days

issue closedsourcegraph/sourcegraph

Chayim Kirshen On-boarding

Week 1

  • [x] General onboarding
  • [x] Engineering onboarding
  • [x] Read https://docs.sourcegraph.com/dev/architecture
  • [x] Chat with everyone in your own team.
  • [x] Chat with each team and understand what they own / do.
    • [x] Cloud: @keegancsmith
    • [x] Campaigns: @mrnugget
    • [x] Web: @lguychard
    • [x] Code Intelligence: @efritz
    • [x] Distribution: @slimsag
    • [x] Sales: @juliasourceress
    • [x] Marketing: @adamfrankl2015
    • [x] Business Ops: @dadlerj

Week 2 - 4

  • [x] Write an RFC for a sub-part of the “Storing Secrets Securely” roadmap item and execute together with the Cloud and Distribution teams. Start small to get your feet wet, understand how things are put together but still make a meaningful contribution.
  • [x] Review RFC 52: State of security
  • [x] Understand how our authorization and authentication systems work. @unknwon is the right person to get a brain dump from. Could we convert that into technical documentation?
  • [x] Work with distribution and cloud teams on expanding / adjusting their 3 month roadmaps on security related work as appropriate.
  • [x] Mentor E. S..

Week 4 - 8

  • Continue writing RFCs and delivering on “Storing Secrets Securely”
  • ... TBD

closed time in 14 days

tsenart

issue commentsourcegraph/sourcegraph

Chayim Kirshen On-boarding

Onboarded and contributing. Closing accordingly.

tsenart

comment created time in 14 days

issue commentsourcegraph/sourcegraph

Cloud: 3.19 Tracking issue

Trying something new. For work on Goal #2, please see the @sourcegraph/security tracking issue. The short version involved @daxmc99 and I pairing together.

tsenart

comment created time in 14 days

issue commentsourcegraph/sourcegraph

Security: 3.19 Tracking issue

Last Week

@ElizabethStirling onboarding! Ran static code analysis against the codebase to search for security hotspots. Paired with @daxmc99 to get #12409 into the review state, and completed #12410. That leaves us with #1-3 complete in RFC-196, meaning generating unique per-deployment security keys, data storage, and key usage are all ready. The key generating pieces work well for @sourcegraph/distribution to use in the three environment types, and I reviewed (and changed the feature!) with @pecigonzalo.

This Week

Continue on with RFC-196. We'll start integrating the database backend (#12267) and plan the json blob integration for a single code host (#12263). By the end of the week I'd like to have at least one code-host fully integrated into encryption backend.

chayim

comment created time in 14 days

issue closedsourcegraph/sourcegraph

Create a dedicated token object for returning the raw and masked tokens

Only when the decrypted token is requested from the object, does the decrypted secret even exist in memory

closed time in 14 days

chayim

pull request commentsourcegraph/about

Update security team page

Content approved - but I don't see why CI failed.

ElizabethStirling

comment created time in 14 days

issue closedsourcegraph/sourcegraph

Create a dedicated token object that can be used as part of the per deployment encryption

This handles the encryption and decryption of secrets, while at the same time supporting #12409 goals of per deployment keys.

closed time in 14 days

chayim

push eventsourcegraph/sourcegraph

Chayim I. Kirshen

commit sha 118ba1722cbfca986c991b74cce3080a7845e52f

temporarily checking for dev environment until we learn how to disable in CI. Adding secret token object for #4 and #5 in the RFC

view details

push time in 14 days

push eventsourcegraph/sourcegraph

Chayim I. Kirshen

commit sha 99be9cd11a4887bedd5825033c3a4006c3dcbed3

Cleaning up secret initialization and ensuring that kubernetes is a first order citizen.

view details

push time in 14 days

create barnchsourcegraph/sourcegraph

branch : rfc196/ck-token-12436

created branch time in 15 days

delete branch sourcegraph/sourcegraph

delete branch : rfc196/ck-encrypt-tokens

delete time in 15 days

push eventsourcegraph/sourcegraph

Chayim

commit sha 2bd78802fb52bfd6aedb2d0a97870510c0a214b0

Encrypting tokens (#12415) Adding token encryption, and the associated unit tests.

view details

push time in 15 days

PR merged sourcegraph/sourcegraph

Encrypting tokens

This code implements AES encryption and decryption of strings, based on a token we provide. We use a nonce on a per action basis, in order to ensure that the encryption is both reproducible and separate. Similarly, this includes tests to validate the encryption/decryption cycle, and the contra-positive - an invalid key cannot decrypt.

+233 -0

1 comment

3 changed files

chayim

pr closed time in 15 days

Pull request review commentsourcegraph/sourcegraph

Encrypting tokens

+package secrets++import (+	"reflect"+	"testing"++	"github.com/sourcegraph/sourcegraph/internal/randstring"+)++// Test that encrypting and decryption the message yields the same value+func TestDBEncryptingAndDecrypting(t *testing.T) {

No - modified.

chayim

comment created time in 15 days

Pull request review commentsourcegraph/sourcegraph

Encrypting tokens

+package secrets++import (+	"crypto/aes"+	"crypto/cipher"+	"crypto/rand"+	"encoding/base64"+	"io"+)++type EncryptionError struct {+	Message string+}++func (err *EncryptionError) Error() string {+	return err.Message+}++type EncryptionStore struct {

Changed to Encrypter. I'd called it store purely because it stored the key and nothing else.

chayim

comment created time in 15 days

Pull request review commentsourcegraph/sourcegraph

Encrypting tokens

+package secrets++import (+	"reflect"+	"testing"++	"github.com/sourcegraph/sourcegraph/internal/randstring"+)++// Test that encrypting and decryption the message yields the same value+func TestDBEncryptingAndDecrypting(t *testing.T) {+	// 32 bytes means an AES-256 cipher+	key := []byte(randstring.NewLen(32))+	e := EncryptionStore{EncryptionKey: key}+	toEncrypt := "i am the super secret string, shhhhh"++	encrypted, err := e.Encrypt(toEncrypt)+	if err != nil {+		t.Errorf(err.Error())+	}++	// better way to compare byte arrays+	if reflect.DeepEqual(encrypted, []byte(toEncrypt)) {+		t.Fatal(err)+	}++	decrypted, err := e.Decrypt(encrypted)+	if err != nil {+		t.Fatal(err)+	}++	if decrypted != toEncrypt {+		t.Fatalf("failed to decrypt")+	}++}++// Test the negative result - we should fail to decrypt with bad keys+func TestBadKeysFailToDecrypt(t *testing.T) {+	key := []byte(randstring.NewLen(32))+	e := EncryptionStore{EncryptionKey: key}++	message := "The secret is to bang the rocks together guys."+	encrypted, _ := e.Encrypt(message)+	decrypted, _ := e.Decrypt(encrypted)++	notTheSameKey := []byte(randstring.NewLen(32))+	e.EncryptionKey = notTheSameKey+	decryptAgain, err := e.Decrypt(encrypted)+	if err != nil {+		t.Fatal(err)+	}++	if decrypted == decryptAgain {+		t.Fatal("Should not have been able to decrypt string with a second set of secrets.")+	}++}++// Test that different strings encrypt to different outputs+func TestDifferentOutputs(t *testing.T) {+	key := []byte(randstring.NewLen(32))+	e := EncryptionStore{EncryptionKey: key}+	messages := []string{+		"This may or may",+		"This is not the same as that",+		"The end of that",+		"Plants and animals",+		"Snow, igloos, sunshine, unicords",+	}++	var crypts []string+	for _, m := range messages {+		encrypted, _ := e.Encrypt(m)+		crypts = append(crypts, encrypted)+	}++	for _, c := range crypts {+		if isInSliceOnce(c, crypts) == false {

Right - go isn't python :(.

chayim

comment created time in 15 days

Pull request review commentsourcegraph/sourcegraph

Encrypting tokens

+package secrets++import (+	"reflect"+	"testing"++	"github.com/sourcegraph/sourcegraph/internal/randstring"+)++// Test that encrypting and decryption the message yields the same value+func TestDBEncryptingAndDecrypting(t *testing.T) {+	// 32 bytes means an AES-256 cipher+	key := []byte(randstring.NewLen(32))+	e := EncryptionStore{EncryptionKey: key}+	toEncrypt := "i am the super secret string, shhhhh"++	encrypted, err := e.Encrypt(toEncrypt)+	if err != nil {+		t.Errorf(err.Error())+	}++	// better way to compare byte arrays+	if reflect.DeepEqual(encrypted, []byte(toEncrypt)) {

Thanks, the blog I saw pointed to DeepEqual, I went with bytes.Equal.

chayim

comment created time in 15 days

push eventsourcegraph/sourcegraph

Chayim I. Kirshen

commit sha 93b13fbaa038c3359169f8c412700c494455566c

PR comments

view details

push time in 15 days

issue commentsourcegraph/sourcegraph

Update product documentation

Need to update to support variables SOURCEGRAPH_CRYPT_KEY and SOURCEGRAPH_SECRET_FILE from #12409

chayim

comment created time in 15 days

issue closedsourcegraph/sourcegraph

RFC 196 Tracking Issue

Tracks work on RFC 196

Workload

<!-- BEGIN WORK --><!-- END WORK -->

Legend

  • 👩 Customer issue
  • 🐛 Bug
  • 🧶 Technical debt
  • 🛠️ Roadmap
  • 🕵️ Spike
  • 🔒 Security issue
  • :shipit: Pull Request

closed time in 15 days

chayim

issue commentsourcegraph/sourcegraph

RFC 196 Tracking Issue

Tracked elsewhere - closing.

chayim

comment created time in 15 days

push eventsourcegraph/about

Chayim

commit sha 28427692710a52f495d7f7b397d14a706504a02e

Reordering page as per pull request comments Philosophy replaces vision at the top.

view details

push time in 15 days

more