Image

For a number of years, since getting more and more into management, I've had less time to do any real programming. So a highlight of the year, for the first few years at least, was to take time during the Christmas break to do some work, mostly on this blog and for a few other odd projects. In 2016 I wrote the platform for this site in Flask, migrating from WordPress (I think? It's been so long I can't remember!). At the time I was doing a lot of work with Flask for work, building a dashboard for our vulnerability management and incident response processes.

However in 2018, the demands on my time for work were less programming and more leading, so the amount of code I was able to write became significantly less. And for the last few years it has been nearly non-existant.

As I talk to customers and others about the risk of updating software and why an enterprise Linux vendor like Red Hat performs backporting of patches (and why our customers love it), I often use this blog as an example. Every time I try to update python modules or dependencies, things ultimately break.

Well, it had been two years since I did anything with the Flask application that powered this site. So a few days ago I spent the day upgrading Flask and it's dependencies, which included a deprecated Flask-Security module (so upgraded to Flask-Security-Too) and a whole host of dependencies. After an entire day's worth of effort, the site ran but I couldn't log in. There were some issues with the CSRF handling, where the tokens weren't matching and after quite a few hours trying to figure it out I just gave up. The example I'd been using all year with customers just became a very real reality. I had updated my dependencies like a good security professional and a whole lot of nothing worked (well, the site worked but no ability to add new content, such as this blog post, which for me is a bit of a big deal).

The next day, yesterday, I was ready to roll up my sleeves and dive in again when it struck me that the old site had a lot of fancy things I had implemented because I was using it for work. Well, that old work dashboard is long gone and I'm no longer really working with Flask at all -- my programming these days tends to be quick and dirty scripts to solve small problems. So I spent some time thinking, to figure out what I really needed from this site.

Do I need comments? Well not really, most of them are spam. Do I need a login? Probably not, I'm the only author here. Do I need something that looks slick? It'd be nice, but not necessary. So rather than diving into why Flask-Security-Too had become my number one enemy, I started looking for static site generators and stumbled on Pelican.

Pelican is a pretty slick static site generator that uses RST or Markdown as source content. Pretty quickly I realized that the content here was probably what was most interesting to people, not all the other fancy-shmancy features that I had added. So I decided to focus on the content, in particular old arcticles I'd written (that still get a ridiculous number of hits for things that are so old!) and the blog posts.

Within a few hours I'd written a quick and dirty script to iterate through the MySQL database and output a number of Markdown files for both articles and blog posts, setup Pelican, and troubleshooted it quite a bit as I wanted the links to blog posts and others to be consistent with the old site.

The look and feel is ok, it's not exactly what I wanted but it'll do for now and I may monkey around with it later. But the maintenance is effectively zero. I don't need all the fancy modules since it's not an interactive site. With it being 100% static, a lot of concerns about old python modules, updating code when it breaks, and so forth is just plain old gone.

It feels rather refreshing! And this is the first post written for this new site. And with three days to Christmas, I'm humming the twelve days of Christmas but there's no partridge around here... there's a Pelican in my pear tree ;)