Before setting up your development environment, make sure you have completed the initial onboarding for every talent at Fluid Attacks.
Basic machine configuration
This is the minimum configuration required for your machine
- Make sure to enable disk encryption during the installation process. Refer to online documentation of your chosen distribution for additional details.
Run TimeDoctor using the following command,
$ export QTWEBENGINE_DISABLE_SANDBOX=1 && ~/timedoctor2/timedoctor2
Follow the recommended multi-user installation.
In case you have an eventual issue running nix commands, and you receive an output like the following:
version `GLIBC_2.36' not found
Then, try typing in your shell:
$ unset LD_LIBRARY_PATH
For making this solution persistent, run the following from your home directory:
$ echo "unset LD_LIBRARY_PATH" >> .bashrc
$ nix-env -iA nixpkgs.git nixpkgs.direnv nixpkgs.sops
$ NIXPKGS_ALLOW_UNFREE=1 nix-env --install --attr vscode --file https://github.com/nixos/nixpkgs/archive/5fa16cffe329c93aa514db6bf3553e70326df6f7.tar.gz
Create a GitLab account.
The username must follow the syntax
usernameatfluid, where the username is the one before
@fluidattacksin your credentials.
Configure the SSH key in your Gitlab preferences.
Configure Git to sign commits using SSH.
If you did not do it, run the following command to automatically sign your commits.
$ git config --global commit.gpgsign true
Write and email to [email protected] with your GitLab username requesting access to our repository.
This section will guide you through setting up a terminal with AWS credentials and a code editor in an automated way every time you enter your local checkout of the Universe repository.
After this section you will have:
- A terminal with AWS credentials for the specific product you are developing.
- An editor with:
- The source code of the Universe repository.
- Recommended development extensions.
- Automatic code formatters on save.
- Auto completion and go to definition.
- OS libraries required.
We'll configure the terminal first. Once the terminal is configured, all of the applications you open from it will inherit the development environment and credentials.
At this point you should have Nix and Makes already installed in your system, so we won't go into those details.
For maximum compatibility, we suggest you use GNU Bash as the command interpreter of your terminal.
Please follow the following steps:
Make sure you have the following tools installed in your system:
If you are missing any of the previous tools, refer back to the machine configuration
Use SSH to clone the Fluid Attacks universe repository into the path of your preference.
$ git clone [email protected]:fluidattacks/universe.git
Enter the root of the repository and configure your Git username and email.
universe $ git config user.name "Your Name"
universe $ git config user.email "[email protected]"
The email must be the corporate email. The username must only contain the first name started in capitals and the last name started in capitals. For example,
universe $ git config user.name "Aureliano Buendia"
universe $ git config user.email "[email protected]"
Bashconfiguration file, or the configuration file of your preferred terminal,
$ code ~/.bashrc
Add the following variables to your terminal configuration file, or to a file at
# Automatically fill Okta login form to retrieve AWS credentials
# Define your remote branch for processes like git hooks
You can optionally omit the
OKTA_PASS. In that case, it will be asked interactively on the terminal.
Add the following to the end of your
# Configure direnv
source <(direnv hook bash)
Load the newly applied configuration,
$ source ~/.bashrc
Change directory to the universe repository:
$ cd universe
Run the command,
universe $ direnv allow
Pick the AWS role you want to load AWS credentials for. The options may change depending on your assigned permissions:
Select AWS Role:
Account: fluidsignal (205810638802)
[ 1 ] dev
[ 2 ] prod_airs
[ 3 ] prod_docs
[ 4 ] prod_integrates
[ 6 ] prod_observes
[ 7 ] prod_skims
[ 8 ] prod_sorts
Selection: <type a number here>
This prompt will be shown only if you have multiple roles assigned.
If you see an authentication error, make sure your email and password are correct.
If you see the following error:
Error: Status Code: 404
Error: Summary: Not Found: Resource not found: me (Session)
ERROR: SAMLResponse tag was not found!
Please remove your AWS Okta processor configuration directory by running:
$ rm -rf ~/.aws-okta-processor/
$ rm -rf ~/.aws/boto/cache
And then try again. This error happens when AWS Okta processor tries to reuse a cached expired session.
Pick the development environment you want to load:
Select the development environment you want to load:
Once the environment has finished loading,
please close your code editor if it is open,
and then open it by invoking it from this terminal.
You can reload the environment at any moment with: $ direnv allow
1) airs 3) docs 5) integratesForces 7) melts 9) sorts
2) common 4) integratesBack 6) integratesStreams 8) skims 10) none
Selection: <type a number here>
AWS commands run from this terminal will be authenticated to AWS now. If you need to get the value of the secrets explicitly, you can echo any of the AWS variables exported, namely:
(Optional) Some tools are used occasionally, so they are not part of the development environment, for instance:
awscli, among others.
If you require any extra tools, you can search them here and install them with Nix. If you happen to use them very frequently, you can add them to the development environment. The development environment is yours and for your benefit, help us take care of it.
At this point,
you can open a new terminal,
and all of the applications you open
by calling them from this terminal
will inherit the development environment
This works because every command
that you execute on the terminal
kubectl, or your code editor)
is spawned as a child process,
and environment variables like PATH, AWS_*, among others,
are inherited by the child process
from the parent process.
For specific last steps to have each product running in local please refer to Components page.
We highly recommend you use Visual Studio Code because most of the team uses it, and it works very well for our purpose.
To install it, refer back to the machine configuration
Now, you can open the universe directory, either using the File > Open Folder option in the menu or from a terminal
universe $ code .
You will probably see a popup to install the recommended extensions, please install them:
If you didn't see the popup,
please go to the extensions tab (
and install the recommended extensions for the workspace.
You can click on the small cloud button
to the right of
and to the left of the pencil
to download them all at the same time:
You can test if everything works correctly by opening a JSON file, adding empty lines between elements, and then saving the file. The empty lines should be removed, and the keys sorted alphabetically. In other words, the file should be automatically formatted on save.
For further customization,
you can install other extensions
or open the settings with
to configure things like the font, font size, or theme.
If you think an extension or setting can be useful
to other developers,
please add it to the workspace configuration.
Take into account that certain extensions
or settings can prevent the environment from working.
Feel free to ask for help
engineering space on Google Workspace
if something doesn't work.
You have almost finished the onboarding.
Read the Contributing section carefully.
Create a new issue following the onboarding template and assign it to you.
Create your local branch.
- Branch name must be equal to Gitlab username.
All changes that you are going to upload must be from your branch.
Add your name, username and email to the .mailmap.
Add your name in alphabetical order,
Add your changes in Git.
Create a commit following the syntax.
Check if the commit message is valid, using Makes:
universe $ m . /lintGitCommitMsg
Push your commit to the repository.
If the pipeline fails, you can see the logs of the failed jobs to get feedback about what went wrong.
When the pipeline succeeds, you can then proceed to create a Merge Request.
Once the Merge Request is approved and merged, and every other item in the issue is done, you can go ahead and close the issue.
Daily Progress Report
The daily progress report is sent when you want to track your daily tasks (issues), where you can communicate with your teammates about the progress of your work. Also, you can share difficulties or doubts you have.
The report should be filled out at the end of the day if you were not able to upload at least one commit to the production branch, that is, if you did not have a MR that was approved and merged.
We know that it is vital that you are aware of how to make a progress report, so here we show you how to do it.
First you have to access the progress report URL.
In the Progress type item, click on Standard. It will display other fields.
The following information to be filled in:
- Group: Here you have to click on the work team you are part of; in this case, click on Production.
- Talent: Corporate email of the person sending the report.
- Progress date: The date you send the report.
- Organization: The name of the company which is Fluid Attacks.
- Interested: The email address of your immediate supervisor who will receive your report.
To fill the report, you need to address three topics,
What did I do today?: Here you write your progress report for the day.
What will I do tomorrow?: You write what your next tasks will be.
I would need help with any difficulties: You write here if you are having trouble with something that is not allowing you to make progress, and the support you require to fix it.
When you have finished filling out this questionnaire, click on the Submit button, and this report will be sent to your immediate supervisor.