用 jiracli 做一些基本常見的操作

公司用 Jira 在管理事情,但眾所皆知的是 Jira 的速度實在太慢 (而且沒改善過),只好找些工具來避免使用 web interface...

翻了 GitHub 後看到 toabctl/jiracli 這個用 Python 開發的軟體,可以在 command line 上對 Jira 做些簡單常見的操作 (對我最主要是 issue 與 comment 的操作),另外工具也支援使用 JQL 搜尋,所以可以透過工具拉下來後再用 grep 或是 awk 過濾...

比較需要注意的是,在第一次執行需要設定的三個參數中,password 的部分其實應該使用 API token (我這邊是 Google SSO,所以不確定一般帳號能不能用自己的密碼登入),這個部分可以在個人設定頁面裡面產生 API token。

設定檔會在 ~/.jiracli.ini 裡面,程式應該會設為 0600,不過可以檢查一下就是了...

PagerDuty 向 SEC 遞出 S-1 了 (IPO)

在「pagerdutys-1.htm」這邊可以看到 PagerDuty 遞出 Form S-1 了,翻了一下 TechCrunch 也有報導:「PagerDuty just filed its S-1」。

PagerDuty 主要的服務是監控服務回報狀況後的後續流程,在組織大一點的公司會拿來用,不過不怎麼便宜... 印象中服務品質沒有拉開差距,而同質性的服務低他不少價錢。

有幾個數字可以看,先是估值:

PagerDuty was valued at $1.3 billion last fall when it closed on $90 million in Series D funding led by T. Rowe Price Associates and Wellington Management. Earlier backers Accel, Andreessen Horowitz and Bessemer Venture Partners also joined the round, which brought the company’s total funding to $173 million.

然後 VC 持股 55%:

According to the S-1, venture investors currently own about 55 percent of the company. Andreessen Horowitz owns the biggest stake, with 18.4 percent of its shares sailing into the IPO. Accel meanwhile owns 12.3 recent, Bessemer owns 12.2 percent, Baseline Ventures owns 6.7 percent, and Harrison Metal owns 5.3 percent.

以及獲利問題:

PagerDuty, which employed 500 employees as of last fall, has never been profitable according to its filing, which says it generated a net loss of $38.1 million for the fiscal year ended January 31, 2018. (It saw revenue of $79.6 million during the same period.)

S-1 文件裡有張圖裡也有相關的營運數字:

AWS 的 OpenJDK 11 (Amazon Corretto 11) 推出 General Availability 版

先前在「AWS 決定花力氣支援 OpenJDK (Corretto 計畫)」與「Amazon 版的 OpenJDK 8 進入 GA」後的下一步,就是對 OpenJDK 11 也推出對應的 Amazon Corretto 11:「Amazon Corretto 11 is Now Generally Available」。

這個版本將至少支援到 2024 年 8 月,也就是五年的支援期:

Long-term support (LTS) for Corretto includes performance enhancements and security updates for Corretto 8 until at least June 2023 at no cost. Updates are planned to be released quarterly. Amazon will provide LTS for Corretto 11 with quarterly updates until at least August 2024.

不過先前有些軟體測試時發現 OpenJDK 11 上不能跑,這些軟體還是得暫時用 OpenJDK 8 的版本來養...

RFC8482 廢掉 DNS 查詢的 ANY query 了...

看到 Cloudflare 的「RFC8482 - Saying goodbye to ANY」這篇,裡面提到 RFC8482 廢掉了 ANY 查詢:「Providing Minimal-Sized Responses to DNS Queries That Have QTYPE=ANY」。

The Domain Name System (DNS) specifies a query type (QTYPE) "ANY". The operator of an authoritative DNS server might choose not to respond to such queries for reasons of local policy, motivated by security, performance, or other reasons.

對 Cloudflare 的痛點主要在於營運上的困難,因為 ANY 回應的 UDP packet size 很大,很容易造成放大攻擊:

把拒絕 ANY 查詢變成標準後,讓 DNS provider 手上多了一把武器可以用。

Dropbox 免費版限制三個裝置更新...

Dropbox 決定限制免費版的裝置數量,最多只能有三個裝置同步:「Dropbox adds three-device limit for free users」,對應的頁面是「Is there a limit to the number of devices I can link to my account?」。

既有的裝置不受限,但無法再增加:

If you're a Basic user and you linked more than three devices prior to March 2019, all of your previously linked devices will remain linked, but you can’t link additional devices.

另外一個選擇是付費版,最低是 1TB USD$9.99/month (年繳是 USD$99/year)。

看起來像是養肥了要殺,不過這個領域相關的技術應該是夠成熟,而且也不會用到什麼特別的功能,應該會去看看其他平台的情況,像是 SyncpCloud

其中 Sync 有免費版 (空間限制 5GB,付費版 500GB USD$49/year),不過官方不支援 Linux,有人用 Wine 跑過,但據說穩定性與效能都不太好:「Sync.com in Linux」。

pCloud (500GB EUR$47.88/year) 也是剛剛提到在 Linux 上跑 Sync 的人後來測試的服務,官方有支援 Linux (看起來是透過 AppImage 包裝),也許可以測試看看。

另外一個是自己一直都有在用的 Syncthing,不過設定同步的操作上只有 web interface,而且因為是信任架構,需要多台互相設定,沒那麼方便...

Spotify 向歐盟投訴 Apple Music 的不公平競爭

Spotify 向歐盟提出不公平競爭的投訴,並且發出新聞稿:「Consumers and Innovators Win on a Level Playing Field」。

重點在於 Spotify 服務透過蘋果的平台會有 30% 的抽成,但 Apple Music 因為自家服務而不需要:

To illustrate what I mean, let me share a few examples. Apple requires that Spotify and other digital services pay a 30% tax on purchases made through Apple’s payment system, including upgrading from our Free to our Premium service. If we pay this tax, it would force us to artificially inflate the price of our Premium membership well above the price of Apple Music. And to keep our price competitive for our customers, that isn’t something we can do.

不過裡面好像沒提到超過一年後的費用會降到 15% (參考「Auto-renewable Subscriptions」),應該會是蘋果向歐盟回應的重點?

ACME,RFC 8555

這邊講的是因為 Let's Encrypt 所發明的 ACME 協定,可以協助自動化發憑證的協定。

剛剛看到「Automatic Certificate Management Environment (ACME)」這個頁面,上面標 PROPOSED STANDARD,但點進去的 txt 檔開頭則是 Standards Track 了:

Internet Engineering Task Force (IETF)                         R. Barnes
Request for Comments: 8555                                         Cisco
Category: Standards Track                             J. Hoffman-Andrews
ISSN: 2070-1721                                                      EFF
                                                             D. McCarney
                                                           Let's Encrypt
                                                               J. Kasten
                                                  University of Michigan
                                                              March 2019

不知道是不是兩邊不同步 (或是我對流程有誤會?),但這有一個標準文件可以參考了...

從 StartPage 換回 DuckDuckGo...

把過程記錄下來而已...

前陣子在測試 StartPage (一個後端還是 Google 的搜尋引擎),想看看在沒有個人資訊的前提下是不是能提供夠好的搜尋品質。為了方便切換確認,還寫了 startpage-shortcuts 這個套件,讓我能用快速鍵將同樣的關鍵字傳進 Google。

用了幾個禮拜下來,發現搜尋品質其實很差,有時候甚至跳不出搜尋結果來?(可能是被 Google 擋下?) 先換回 DuckDuckGo 好了...

AWS 對 Elastic Stack 實作免費的開源版本 Open Distro for Elasticsearch

Elasticsearch 的主體是 Apache License 2.0,但 Elastic Stack (以前叫做 X-Pack) 則是需要付費使用的功能,其中包括了不少跟安全有關的項目在裡面,所以其實有不少人抱怨過產品凌駕安全性的問題,像是「ES 6.3: X-Pack Licence is "Expired" on New Install」這篇官方回應的:

A basic license is not entitled to security features. To try out security you need to use a trial license or obtain a subscription.

AWS 這次則是出手實作了他們自己的版本,叫做 Open Distro for Elasticsearch:「New – Open Distro for Elasticsearch」。

如果你看文章說明,他列出來的 feature 全部都是在 Elastic Stack 這頁上列出來的項目,針對性的意思其實很清楚了:

In addition to Elasticsearch and Kibana, the first release includes a set of advanced security, event monitoring & alerting, performance analysis, and SQL query features (more on those in a bit).

而前面提到的安全性功能也包括在內:

Security – This plugin that supports node-to-node encryption, five types of authentication (basic, Active Directory, LDAP, Kerberos, and SAML), role-based access controls at multiple levels (clusters, indices, documents, and fields), audit logging, and cross-cluster search so that any node in a cluster can run search requests across other nodes in the cluster.

目前支援 Docker Image 與 RPM,之後看看有沒有機會出 deb 版本:

In addition to the source code repo, Open Distro for Elasticsearch and Kibana are available as RPM and Docker containers, with separate downloads for the SQL JDBC and the PerfTop CLI.

這樣應該會讓 Elasticsearch 的服務模式受到很大的影響,來看 Elastic N.V. Ordinary Shares Real Time Stock Quotes 這邊會掉多少...