iTranslated by AI

The content below is an AI-generated translation. This is an experimental feature, and may contain errors. View original article
🎓

Productivity Weekly (2022-03-16 Issue)

に公開
ProductivityWeekly
生産性向上
idea

Hello. I'm Hirakiba from the Productivity Improvement Team at Cybozu, Inc.

Our Productivity Improvement Team holds a weekly meeting every Wednesday called "Productivity Weekly," where we share news and topics discovered over the past week related to improving developer productivity.
This article is a compilation of the topics discussed during those meetings.

This is the 66th issue. Previous articles can be found here.

news 📺

Ability to restart individual GitHub Actions CI builds · Discussion #4278 · github/feedback

https://github.com/github/feedback/discussions/4278#discussioncomment-2366450

https://github.blog/2022-03-16-save-time-partial-re-runs-github-actions/

In GitHub Actions, it is now possible to re-run specific jobs or only failed jobs. You can re-run any individual job or just the ones that failed. When re-running, you can also look back at previous execution results[1]. Additionally, you can re-run via the API or the gh command[2].

This was a highly anticipated feature. In large-scale workflows, it was frustrating to have to restart all jobs when a single one failed due to flakiness. I think this is an essential feature for running large workflows.


A re-run button appears when you hover over a job


Alternatively, a re-run button also appears next to "Search logs" on the job execution screen


Downstream jobs in the workflow will also be executed. You can check which jobs will run in the dialog


If there are failed jobs, you can select "Re-run failed jobs" from the "Re-run jobs" menu to re-run only the failed ones


Previous execution logs can also be viewed after a re-run.

Go 1.18 is released! - The Go Programming Language

https://go.dev/blog/go1.18

Go 1.18 has been officially released. Major changes include support for Generics, the addition of Fuzzing tools, and the introduction of Workspaces mode.

Generics is similar to Generics in Java or Templates in C++ (probably). I might say something inaccurate, so if you're unfamiliar, please Google it. Fuzzing is a feature to implement fuzz testing[3], a testing methodology. It feeds randomly generated data into your test code. Workspaces mode is a feature designed to make development across multiple modules easier.

Go has provided official tutorials for these new features, so I recommend checking them out.

Additionally, the following slides and blogs were helpful regarding Go 1.18 in general and its individual features. I recommend these as well.

Personally, I'm particularly happy with both Generics and Fuzzing. I want to make sure I master them.

Tag protection rules | GitHub Changelog

https://github.blog/changelog/2022-03-09-tag-protection-rules/

Tags can now be protected on GitHub (beta). This is a feature similar to Branch protection rules. It is available for all public repositories and for private repositories on Pro, Teams, and Enterprise plans.

By setting a pattern, tags matching that pattern cannot be created or deleted. Just like Branch protection rules, wildcards can be used in the patterns.

Protected tags cannot be created or deleted, but as an exception, Maintainers and Admins can create tags that match the rule. Regarding deletion, only Admins can perform it.


Different permissions are required for creating and deleting tags that match the rule

Without any settings, anyone with Write permission can freely manipulate tags. In repositories where Git tags carry significant meaning—such as those used for package delivery or where Go-style tagging triggers delivery—it is safer if only authorized individuals can manipulate tags.

To help prevent becoming a source of supply chain attacks, even slightly, OSS maintainers should proactively protect their tags.

Ubuntu 14.04 and 16.04 image deprecation - CircleCI Changelog

https://circleci.com/changelog/#ubuntu-14-04-and-16-04-image-deprecation

On CircleCI, support for Ubuntu 14.04 and 16.04 Linux VM images ended on 2022/02/15. They are scheduled to become completely unavailable by the end of May 2022.

Until they are fully removed, several temporary "brownouts" (making them temporarily unavailable) are also planned. Other details can be found in the blog post below.

If you have old, unmaintained CircleCI workflows, please take action (though you might first need to find if you have any).

SSH and Git, meet 1Password 🥰

https://blog.1password.com/1password-ssh-agent/

1Password has implemented an SSH agent, allowing for the management and use of private keys. This is available from 1Password 8 onwards[4].

You can set it up by enabling the SSH agent on the 1Password side and updating IdentityAgent in ~/.ssh/config. When using a private key, 1Password will request authentication, and once authenticated, you can access the target using the private key.

I use personal access tokens for GitHub authentication, but I frequently SSH into remote machines like my home Raspberry Pi, so this feature makes me very happy.
Since I used to prepare private keys for each machine, I'm glad that management has become easier. If you use 1Password, please consider giving it a try.

know-how 🎓

Regarding SlideShare's Viewing Restrictions

https://twitter.com/molmolken/status/1503209856098275328

SlideShare has recently introduced viewing restrictions. Unless you are a paid member, you can only view about five slideshows per month[5]. This makes it harder for people who have been uploading their presentation materials to SlideShare to have them viewed. I actually tried opening various slides myself and was eventually unable to view them.

https://twitter.com/teppeis/status/1503567955665518592

However, it seems that if the uploader configures the setting under Account Settings > Content > "Allow users to read and download your slideshows without a subscription," the viewing restriction can be removed for that specific uploader's slides. In fact, when I checked my own slides with this setting while logged out, no restriction was applied.

SlideShare's parent company has changed before we knew it, and monetization might be a struggle for them. While having a workaround might seem to defeat the purpose, I think it's good for SlideShare users to know that this option exists, whether or not you choose to set it.

Evaluating Security Tools is Difficult - knqyf263's blog

https://knqyf263.hatenablog.com/entry/2022/03/15/064819

This is a post by the maintainer of the vulnerability scanner Trivy about the difficulty of evaluating security tools. It describes the reasons why evaluating security tools (such as "this tool is good, this tool is bad") is hard.

Points like "it often seems like the one that detects more is correct" and "it's actually better if nothing is detected" were perspectives I hadn't realized, and they were very enlightening. While it's difficult to decide what to do next, I felt this was an article well worth knowing for anyone choosing or using security tools.

tool 🔨

We released the Japan Holiday API - Kenall Blog

https://blog.kenall.jp/entry/japan-holiday-api-release

Kenall, a service providing many convenient domestic-focused APIs, has added a Japan Holiday API.

For example, when creating a calendar service, the existence of holidays cannot be ignored. However, Japanese holidays are quite difficult to incorporate into a service as they move around or special ones are added. With the Japan Holiday API, you can retrieve the "name," "date," "week number," and "day of the week" of Japanese holidays[6]. The data is automatically updated as needed, and range specification is also possible. It is available for 2,000 yen per month (Postal Code API plan).

While there are several APIs for holiday determination or retrieving holiday lists, there didn't seem to be many provided by corporations. If you are struggling with holidays, it might be worth using.

koneta 🍘

This is a section for sharing topics that came up in Productivity Weekly but I don't have the energy to introduce in detail, or topics that didn't have much to say.

Afterword

The post is quite late. My apologies.

It was a three-day weekend, but actually, I worked one day for a recruitment event (though I had a compensatory day off on the following weekday). I've been busy with various errands on my days off, so I'm late.

Last week, we held Cybozu Productivity News. It was our first attempt, and I wasn't sure how it would go, but I'm glad we had a decent number of viewers.
Youtube is available for everyone, so please check it out if you're interested.

https://www.youtube.com/watch?v=f3oYZY2Gokk

Cybozu's Productivity Improvement Team is active in improving the development productivity of internal engineers. If you're interested in the Productivity Improvement Team, click the link below!
https://note.com/cybozu_dev/n/n1c1b44bf72f6

Promotion

The Productivity Improvement Team is holding a summer internship again this year

https://twitter.com/Shitimi_613/status/1501360726966878212

The Productivity Improvement Team will be holding a summer internship again this year, so please apply if you're interested! (Entries are scheduled to start on 4/25)

Last year's intern also wrote a blog post about their experience, so please check that out as well.

https://note.com/hysrtr/n/nd13916204c6c

脚注

  1. The ability to look back at previous execution results has been available to some users for a short while. ↩︎

  2. It seems you can re-run with gh run rerun. https://docs.github.com/en/actions/managing-workflow-runs/re-running-workflows-and-jobs#reviewing-previous-workflow-runs ↩︎

  3. I think it's called fuzz testing or fuzzing, but I wrote fuzz testing to avoid confusion with the word "fuzzing" used alone. ↩︎

  4. By the way, when will 1Password 8 for Mac be officially released... it's been in beta for so long... ↩︎

  5. Are they tracking by IP address? ↩︎

  6. https://kenall.jp/docs/API/holidays/ ↩︎

GitHubで編集を提案

Discussion