Welcome onboard. This document will help you prepare your development environment step-by-step.
This should have been covered on a recruitment call, but it is very important, so here is a reminder
- happy customers
- high quality code in the repository
That's it.
Developer working on a project must never discuss deadlines or give estimates (even rough) to a customer. We have project managers for that. Why?
As it turns out, developers are usually optimistic about their estimates. They are also Good People (at least the ones that we hire), so when the customer asks politely if a developer can help him, developer will usually agree. Delivering on such promise is a problem. This fails more often than not.
Enter the project managers. Those are people particularly skilled at risk management, reduction of scope to what is really needed etc. Also, they enjoy talking to the customer. Therefore we let them take responsibility for the deadlines - they take care about availability of developers, risk, schedule and so on. This way everyone is happier. Just to make it clear, if a developer would ever provide an estimate or a deadline, it is considered invalid. The customers know this too, so they shouldn't ask and you shouldn't reply - just redirect them to a project manager, tell them you'll contact him/her and produce an accurate estimate as soon as possible.
We avoid fixed scope projects. TODO: why
We will not accept a project targeted to manipulate and rip people off from their savings such as insurance+retirement funds.
There has been a point here about armed rocket navigation systems, but then someone said a low quality navigation system may cause the rocket to miss (hit something/someone else), then the attacker would fire another one (and maybe miss again due to the same bug). So that point is no longer clearly a no-go.
All data related to company must be stored in the virtual machine, image of which is stored on an encrypted volume. This practice prevents potential data leaks, i.e. when your computer get stolen. There are a few exceptions, you will read about them later.
You should already have an email account in reef.pl
domain. Use this only this email (and associated accounts) on the virtual machine - this way your private and work accounts will never mix access or customer data.
The relatively high security level we keep, gives us a possibility to work for financial institutions (or just any institutions that treat their security seriously). Funny story here: Pawel talked to a bank and they wanted him to work on site. Pawel described our security model and when he finished, an engineer from the bank made a comment "they have more security at their home offices than we have here!". The manager looked at the engineer and he was not happy ;)
The first step you will take is to sign in to your new Google account at reef.pl
. All information including credentials have been sent to your personal e-mail address.
Caution!
First sign in you make is from the host computer, as it is necessary to install the time tracking application. This is the one and only situation when you logging in from your host machine.
We appreciate transparency, so are using the application that takes regular screenshots during your work. Its installation is the first step in preparing your environment to work.
Please install it and then accept the invitation received on your email address.
The application can be downloaded from here: Hubstaff Tracker
As it turns out, people find this document before they sign a contract with us and before their tracker account is created. Then they work on preparing their environment even before they have access to the tracker. If you are one of those people, please, use something (free toptracker maybe?) to track the time you spend on setting the encrypted partition, virtual machine etc, so that you know how much time it took and so that we can later fairly compensate you for this time.
Workaround for window resize (most project names are like Internal / some...
- it is hard to find your project):
you click >>
then you can resize left pane a little bit, then <<
- repeat several times - now you can read full project names.
It tracks time per 10-minute slot per project, so if you log some time in the given 10-minute period, switch to another project and switch back to the first one, it cannot really be distinguished (number and order of such switches is not recorded).
Another issue is that manually logged time in the given slot cannot co-exist with any application-tracked time, so if you work from 14:01 to 14:02 and then log manual time for 14:05 to 14:10, the manual time entry will eat the tracked time. It's quite difficult to run into this, but it happened at least once to us.
We all have hourly rates
You may log some time to INTERNAL / *
, which is paid by the company and not by a customer
Assuming that you somehow logged zero time to INTERNAL / *
, when you work on multiple projects, we want to know how much time was worked for which customer so that we can bill them for it appropriately. Billing a customer inaccurately goes against a foundation of the company ("happy customers", see above).
If a customer is from the same country as we are, the invoice we give him has a non-zero VAT tax. Generally, that doesn't seem to ever happen. Otherwise, when the customer is from a different country, invoice has a zero VAT tax, but the vendors (you) have taxed invoices, so we (as a company) need to reclaim the VAT tax in an appropriate amount. We don't want to attempt to reclaim too much or too little, but just right. Generally, we don't want to mess with the tax agency and prefer to pay a greater tax when in doubt, but there is too much of VAT to ignore it.
Sometimes the work doesn't go as well as it should for an amount of time that cannot be ignored. If you have logs from the tracker that clearly show you've been working on it, then it's a good thing. Customer doesn't see us work in their office, so if there are no results, it is difficult to say whether someone is working hard but is fighting through a challenge, or whether somoene is not trying hard enough. As of writing this, the number of times when tracker was instrumental in preventing a rapid degradation of a relationship with a customer is: 4.
Trust is a fragile thing and the time tracker helps keeping it in a good shape.
We don't really have a choice, it's going to happen whether we want it or not.
Once you have installed time tracking app, it's time to prepeare your environment.
Due to the variety of operating systems used by our team, we do not impose a specific solution. It depends on what software you use. For Linux systems it can be eg LUKS.
Due to the large space utilization of our projects, the minimum partition size is 50 GB (recommended 100 GB).
In case you have no preferences, we recommend using VeraCrypt. The step-by-step instruction for the installation process is located here.
As with encryption software, we do not have specific requirements for what kind of solution you will use. The only requirement is the license. Recommended by us is VirtualBox.
To maintain consistency across all virtual machines, we use the Linux Mint distribution. We would like you to also work on this system. This will help us save time in the future.
A step-by-step guide to creating a virtual machine can be found here.
You will need the following packages to work:
$ sudo apt install \
docker.io \
docker-compose \
git \
python3-pip \
python3-setuptools \
python3-virtualenv \
virtualenvwrapper
First, generate an SSH key. We use Ed25519 which is more secure than default RSA key. We provided simple script that will do it all work for you.
Just download it from this repository and run:
$ ./configure-keychain.sh
Copy the .gitconfig
file included in this repository into your home directory:
$ cp .gitconfig ~/
Complete username and email:
$ git config --global user.name "Imię Nazwisko"
$ git config --global user.email [email protected]
Copy the .bashrc file into your home directory
$ cp .bashrc ~/
Add your user to docker
group:
$ sudo gpasswd -a $USER docker
Note: For ease of use, an alias ** dc ** for docker-compose is added to the .bashrc file. Instead of typing a full name, you can use the shortened version.
Example:
$ dc up
Since having a properly configured virtual machine, any logon to company accounts is done through it.
To improve the security of our accounts, we require you to enable 2-step verification.
Google's 2-step authorization setup
Create a new account for GitHub. The suggested username is the first letter of the first name and the full last name, and the suffix -reef
, eg. jkowalski-reef
.
2-step authorization should enabled aswell.
GitHub's 2-step authorization setup
We use Slack and Skype for business communications. You can also use them in your browser, but for convenience, they are installed on the host computer.
In your company e-mail inbox is waiting for you message with the invitation to the team reeftechnologies.slack.com.
Using the desktop Slack application has a benefit of marking you as "available" on all the slack servers. If you use a browser, you are shown as only on the tab that you currently have on your screen.
Channels:
#announcements
- business arrangements#default
- the default channel (if there is no dedicated channel for something, we use this one)management
- senior non-technical management (hiring etc)#opensource-candidates
- for discussion of what we should the opensource budget go to#random
- all topics not directly related to work. If you read something interesting, don't hesitate to share with us.#reefmerge
- opensource student project related to conflict resolution#reefperf
- opensource student project related to cloud performance benchmarking#sales
- sales team sends notifications there about high quality leads, signed contracts etcstaff
- internal staff channeltpm
- technical project managers (think Senior Developers) (allocation of engineers to projects etc)va
- for delegating things to Virtual Assistants
(private channel names don't start with a #
)
the rest of the channels are customer- or project-specific. Only people involved in those projects are invited to the channels (for compartmentalization of IP).
Slack's 2-step authorization setup
Do not forget to say hello to us on #random :)
For Skype you can use your private account. If you do not want to do this, create a new account in the same format as your GitHub account.
Here are some rules to follow:
- When a meeting starts, decide where to bill it.
- If you are a junior and you get stuck - ask for help. Really, really, really do.
- If there is time where you are working but you are not able to bill it, escalate it immediately. We are trying to avoid it.
- Do not use the company email for RSS, out of work stuff etc. This is to minimize distractions, which is pretty important for us.
- Use pomodoro, pair programming or other time organization method.
The "srm" tool which securely deletes data. We use it to wipe the repos (despite encryption).
apt-get install secure-delete
It's like an office manager for a company that doesn't have an office.
So far we used wercker because it is free for github private, but we are scheduled to try to switch over to GitLab.
In case you billed time to a wrong project, here is a step-by-step guide how to fix it.
If you find some key knowledge (not covered by NDA) useful for the next candidate is missing from this document, please create a pull request. Log time spend on this to INTERNAL / other internal development
.
You've done all the things you need to get started. Good luck!
Now head on to training!