Jobleads Releases Review (283 - 285)
Infrastructure Team

Shai Hulud 2

• Problem: On November 24, the attack on the supply chain began. Hundreds of npm packages have been infected, including some used by JobLeads.

• Solution: We identified potentially affected environments and disabled processes that used infected packages. We rotated access keys and rebuilt Docker images. 2FA is now enabled for AWS CLI.

• Effect: No signs of data leaks, infrastructure abuse or any similar problems. We will create additional solutions to prevent attacks like this in next weeks.

ARM-based Docker images

• Problem: Not all images have an ARM version, which makes local development problematic on Apple.

• Solution: We extended the pipeline build and made sure the image is built.

• Effect: Images are available. We found potential improvement for stability of the build.

Data fixtures for local / QA

• Problem:
  • Our data fixtures weren't updated according to the latest changes. It creates a problem in developing and testing features.
  • Reindexing of the full job dataset was time-consuming.

• Solution:
  • We changed the export and import procedure, and a new file is available for everyone.
  • We introduced a parameter where you can declare how many jobs should be imported.

• Effect: Easier and faster developing and testing.

Bye bye XmpFive

• Problem: Unused XmpFive integration was present in the codebase. It was confusing, and we were losing resources.

• Solution: We dropped all connected code.

• Effect: Less confusion for devs and hardware available for next challanges.

Other

• Recruitment
• Team support
• FIX: Marigold aka Cheetah export error handling improvment
• FIX: User activation Cypress tests
• Data dumps for AI team

• FIX: OutOfMemory & OutOfCPU Kubernetes errors on Corpex staging cluster

• Preparing actions after a database audit

• Investigations about GDPR deletion and potential session mismatch

• Cloudflare logs available