Hehe yes, having too many users is a bit of a luxury we don’t have to concern ourselves with right now, but I will try to make it as auto-correcting as possible, so while there might be SOME spam, hopefully it will be at the bottom of the list.
My plan for scoring, is to have each campaign manager set up feature promises, that tells the tester what they can expect.
This could be “Guided tests”, “Direct developer access”, “Behind the scenes look at artwork” or “Early access to release” or whatever.
Each feature promise will then slightly affect the project initial ranking in a positive way as well as the potential number of “karma points” for a completed campaign.
This way we can encourage well executed testing campaigns, but the tester will be asked to review the execution of each feature afterwards (just a single 1-5 stars), so there is more potential for getting downranked as well.
Hey there. I know we discussed design in the last meeting. Michael said he could design if needed and would put the word out. I heard him mention needing back end developers, but not front end designers. I am more a junior level coder. If I get the design, I can help code it up, and am happy to help design if needed. I would love to get the experience on designing.
Did we get as far as discussing what front end frameworks we might use or fully custom? Using SASS code or pure CSS?
Also, is it too early to begin thinking about setting out a project plan and to determine if we are wanting to follow a more Waterfall or Agile method for task completion, or maybe something looser for now since it is still so early? Breaking this project into sections with milestones and target dates?
Sorry I had to leave early this past meeting. I will be at the next one.
Right this moment a 2nd back-end developer to compliment kobber or lead a NodeJS backend is sorely needed but we can proceed without one. Anyone from any background will be very useful, it’s just timing for what stage we’re at. @MichaelTunnell only works off what our communicated needs are.
There’ll be a time soon when the frontend devs will be worth their weight in gold.
From last meeting:
“Kobberholm gave overview of current PHP Laravell stack and architecture; server-side rendered with minimal front-end javascript, mainly plain HTML + CSS (shared repo, needs to be added to project Gitlab).” https://devops.destinationlinux.network/index.php/s/xiB5KKdQ5LSgAKZ
I’d tend to agree, i’m strongly in favor of a lightweight, minimal viable product. if we can just use a basic template like what @kobberholm’s Laravel stack provides it’d be the easiest to maintain and simplest to build but I think that decision really needs to lean to the people putting in the time on the frontend, it’d be to you and @goldfish92 what you’re most comfortable with.
I like it! i’ll add it to the itinerary to get the ball rolling if there’s thoughts. If you have something in mind I want to hear it.
Meetings are never a requirement, people are strongly encouraged to have a life , recordings are available to the team in the NextCloud and thanks to @goldfish92 we have excellent notes so anyone can get caught up.
I don’t know how to do the fancy quote thing sorry but in reply to you @demotep agile all the way. Being agile doesn’t mean it’s a free for all with not process just that it doesn’t have to follow a strict order of “development phases”. If we can start to capture designs and user stories that should allow anyone to come in and see what features we require and then to have a kick off session with whoever is “assigned” to those stories to get enough context to start on the right foot.
I was thinking of putting something in the meeting agend about this for the next meeting although I’m not sure if I can make it so if that’s the case I’ll post my thoughts on here.
I’ve been pointed in the direction of a tool called Balsamiq as a nice minimal wireframing tool so if you would like to take a look at that (I’ll try and do the same) and feedback if you thi k it seems appropriate for capturing designs that would be useful?
I’m also happy to pair program with people (time zones allowing) to share knowledge and get quicker feedback. Again, might be something that’s worth raising at the meeting if people would like to publish their availability during the week for some collaborative work?
As for node js development, I have discussed with @kobberholm about creating a JS variant of his work so far although we would have to discus the pros and cons of such a solution as the framework I am currently using (NextJS) is certainly more JS heavy for clients as it uses React for client view rendering. It does however support static sight generation and server-side rendering to help speed up initial page load and reduce server load where possible.
That would give us a full JS stack with node js for the backend API. I’ll present a proof of concept for discussion as soon as possible.
Hey Everyone! I am new to the DLN Community and saw this post on the forums. I would love to contribute to this effort.
I have over 15+ years using Linux and about 10 years working in InfoSec (it’s my career). I am very passionate about both of them. I am not a developer or pen tester (Red Team), but I am very skilled in leveraging Blue Team tactics which consist of multiple security layers, 2FA, hardening techniques, deploying & configuring web application firewalls (WAFs), running vulnerability scans, firewall zoning, honeypots, etc, etc. etc. I am very skilled in configuring and securing Nextcloud…I say this because I see you guys are using it for collaboration. I always strive to stick to security fundamentals because when infrastructure and network designs becomes too complex, that’s how you get owned by an adversary.
One of my mentors taught me that, “If security negatively impacts the business, then the security is wrong!” With that said, I never deploy any sort of security control if it will cause a negative impact to things. This concept has worked quite well for me throughout my career and for the organizations that I have served.
Anyway…I just wanted to introduce myself and offer my skills and expertise to this project if you guys are interested. Take care!
Sorry for being AWOL, I’ve been busy getting ready to emigrate to a new country.
Just a quick thought I had that address some previous concerns about new users having a difficult time navigating the different Linux distros: we could create a tool that grabs the information from their system and exports it to a text file, or even directly to the website.
Maybe it would be a bit more work, but it would make this much more user friendly and open the project to be used by many more people while making things easier on the devs who would then have the kind of information they need to start tackling the issues.
Cheers!
P. S. I’m looking forward to having some more time for this after I move.
I’ve added you to the signups, please edit as desired it’s an open document. This is yet to be proposed but i’m thinking of a security team that shares well documented setup procedures on a need-to-know and similarly has and offers access on an as-needed basis. I have our comms server which runs the NextCloud documented which i’m sure you’ll find quaint given your background :), would love to hear your thoughts and as much as you’d like to be involved i’ll get you what you need. https://devops.destinationlinux.network/index.php/s/e5QnZ9Wo76JaKEz
+1 on @kobberholm discussing that first meeting, (meeting 0?) and he’s working generally in the background.
As soon as anyone puts up code, collaboration can start happening. @kobberholm you have a preference on language and output format?
I’d only add the shorter and easier it is for someone with low experience to verify:
The more comfortable they’ll be running it
The more effective eyes on the code will be
The easier it’ll be to maintain
The easier it’ll be to collaborate
Suggesting: bash with a push via a wget post or a bash hybrid. Up to whomever gets the best job done.
Once we know that people can submit snippets to be included in the final.
On that topic, Javascript can pull a bit of information like screen resolution and user agent and my recommendation is a way to copy commands from the website into terminal if it’s the user’s preference. These should be very simple commands and the output when pasted into a textarea can be parsed by Javascript for the user to verify and omit things they don’t want to share.
I won’t be able to make today’s meeting unfortunately but sounds like there is good progress being made there @kobberholm. Really interesting and useful ideas all-round.
I’ll link a couple repositories bellow with some work in progress:
Node User Testing Spike - gnoeley / Node User Testing · GitLab
Early port of the PHP work @kobberholm has been doing to a JS stack for discussion. Not done much except lift and shift yet so not 100% idiomatic/clean but starter if anyone wants a nosey.
Auth Architecture Example - gnoeley / Auth Architecture Example · GitLab
Follow up to my earlier post/suggestion of a possible auth architecture. I know there has been some discussion around how we will handle identity providers (forum, etc.) so there could be other options available, this is just one.
I’ll catch up on the meeting notes when I can but be radio silence for the next week as I’m otherwise engaged. Look forward to catching up once I’m back!
I remember that one of the discussions that lead to this project was related to the easy user feedback.
Something that is not just Bug/Crash reporter but more of an alternative to Feedback Hub that Windows 10 has. A place where users could provide any kind of feedback. At least I believe that was the idea.
Would something like this still be within the Quality Control Platform scope or has the scope been narrowed down to be just testing-by-request platform?
Since anyone can create an organization, even people not related to software development and every organization can choose to create projects for any piece of software, even software that they do not own or control, I would say that the platform ALLOWS for general feedback, but it is not something we explicitly design for.
The problem is that if the organization is not in direct communication with the developers, there is no guarantee that the feedback ever reaches them.
It will therefor be up to the managers of the specific tester organization, to reach out to the developers, to show them what the community has come up with.
The site is organizing every test into time-limited testing campaigns, but I do have the idea in the back of my mind, that there might be a desire for long-running campaigns or at least automatically reoccurring campaigns, that automatically moves the users from the previous campaign to the new campaign. This way the same tester group will automatically be notified when a new version of the software is out and ready to be tested and with some additional work, we can analyze trends for the same piece of software over time.
This raises an interesting point about what issue we all see this project as solving. I know @dasgeek who opened this thread with a project brief has his idea, @testman you stated yours and others (myself included) probably have our own ideas!
Suggestion for the next meeting; everyone prepares their own “mission statement” for the project. This should be one sentence (two if you reallllly have to) at most and summarise what it is we are adressing and want to achieve.
We can then collect these and use them to form a shared banner which we can all march under knowing we are all pulling in the same direction.
If nothing else, should make for an interesting freeform discussion around each of our own focuses and interpretations of the project.
The next steps from this could then be outlining the objectives (OKRs/SMART) for how we will achieve that mission.
Thoughts?
Edit As a community project, recording these things will also help newcomers see what the project is about and frame their own thoughts on how they can help us achieve those objectives
The frontend portion of the team was indisposed for various good reason. Given the open items on the itinerary were for the frontend, Kobber and I met early and just had casual chat before and through the meeting hours. Nothing specific to report.
@demotepProposes: Setting a project plan and determining if we want to follow a more Waterfall or Agile method for task completion, or maybe something looser for now since it is still so early? Breaking this project into sections with milestones and target dates?
@goldfish92Proposes: Balsamiq as a nice minimal wire-framing tool for planning the Website flow.
@UlfnicRaising issue: It appears to require payment to use?
@UlfnicSuggests:draw.io which I can integrate with NextCloud and can be made public as read-only. Up to frontend team on what serves them best, just needs to be screenshoted for forum consumption)
@goldfish92Proposes: NextJS as possible frontend framework, built on ReactJS.
Location && Instructions to Join:
Same place unless otherwise mentioned below (there needs to be testing of NextCloud’s VOIP). For anyone new please add your information to the sign up form and PM me for details.
Had a brilliant overview discussion with @Shaderoit Sunday over project security and concepts including several actionable items I was able to deploy right away and lots of ideas for moving out from there. With Shaderoit’s help and assistance we can start generating a SecOps team proposal that’ll support the DevOps team.
A very warm welcome to Shaderoit and thank you for the help.
Big thank you to DL and @dasgeek’s lightning email reply guiding Shaderoit to the community project.
@mudlight48 initially proposed a “simple HTML/CSS/JS/PHP/MYSQL website” and is skilled in backend development. Should be an excellent discussion with @kobberholm.
@Shaderoit bringing considerable SecOps experience allowing us to build out our SecOps team.