Edit: so im done with my preliminary research into this codebase.

Our corporate SSO provider is changing, so I’ve been updating our tools to take advantage of the new badges. I found this in a web application that I started on today. The original developer is long gone, and according to our PaaS, this app has been running for just under 3 years without an update.

There is no CI/CD, blue-green deployment, or back ups. The database is an H2 db with ddl-auto set to create-drop on startup, meaning that this database will delete itself if the app is restaged but thanks to this guys code, it won’t populate itself. 🤷

      • Kogasa@programming.dev
        link
        fedilink
        arrow-up
        21
        ·
        1 year ago

        Recovering a database from a backup is often possible but often a pain in the ass, and depending on the application you may not consider it acceptable to lose a day of data

          • Kogasa@programming.dev
            link
            fedilink
            English
            arrow-up
            2
            ·
            1 year ago

            Yeah, of course you want restoring from backups to be as easy as possible. It’s just sometimes not feasible, usually because someone can’t afford the time or equipment to set it up.

          • sci@feddit.nl
            link
            fedilink
            arrow-up
            8
            ·
            edit-2
            1 year ago

            At one of the businesses I worked at, the backup was very slow, and at some point the daily backup started taking more than 24 hours. You can probably guess what happened after that.

        • devil_d0c@lemmy.worldOP
          link
          fedilink
          arrow-up
          6
          ·
          1 year ago

          👃👈

          According to the documentation for the app, they got it classified as a shop aid tool, thereby circumventing production requirements.

          The whole app is written like some college kids hello world mvc app

          • Hawke@lemmy.world
            link
            fedilink
            English
            arrow-up
            5
            ·
            1 year ago

            [mis-]classified as a shop aid tool

            a college kids hello world app

            This hits way too close to home.

            • devil_d0c@lemmy.worldOP
              link
              fedilink
              English
              arrow-up
              5
              ·
              1 year ago

              This job pays sooo well though, so I just do what I can and try to speak up when appropriate. They never take my advice, but I have a long list of cya emails for when it all goes tits up 🤙

    • yamsham
      link
      fedilink
      English
      arrow-up
      42
      ·
      edit-2
      1 year ago

      DO NOT RUN IN PROD

      Found this in production

      Classic

      • devil_d0c@lemmy.worldOP
        link
        fedilink
        English
        arrow-up
        10
        ·
        1 year ago

        When I sat down today I thought I was just going to be updating some properties file with oauth end points.

        This is so blatantly stupid that I now have to pick through the code base and write up a change request and incident avoidance report 😕

      • RvTV95XBeo@sh.itjust.works
        link
        fedilink
        English
        arrow-up
        7
        arrow-down
        1
        ·
        1 year ago

        Actually, this code is also used in their side business manufacturing cattle prods, that line must be excluded from the prods or else they may become sentient and form a cattle prod based skynet.

      • yukichigai@lemmy.world
        link
        fedilink
        English
        arrow-up
        6
        ·
        1 year ago

        Only thing better is finding commented out code below that which would actually prevent it from running in Prod. Bonus if there’s a code comment next to it saying “disabled per email” with no further explanation.

        • Dojan@lemmy.world
          link
          fedilink
          English
          arrow-up
          4
          ·
          1 year ago

          Haha, feel free to! It’s actually a bit of a joke, since the person’s username is shukufuku, 祝福, meaning blessing or celebration.

  • Synthead@lemmy.world
    link
    fedilink
    English
    arrow-up
    32
    arrow-down
    1
    ·
    1 year ago

    Good Lord, this makes my hands sweaty. Why is your entire prod database leaning on one line of code that’s prone to human error? There should be 20 extra accidental steps taken to do something like this.

    • sci@feddit.nl
      link
      fedilink
      English
      arrow-up
      12
      ·
      1 year ago

      what do you mean? there’s 20 lines of comments warning about it!

    • devil_d0c@lemmy.worldOP
      link
      fedilink
      English
      arrow-up
      4
      ·
      1 year ago

      Turns out we were always one copy paste error from a major incident.

      Don’t worry, I’m fixing it 🤷

      • MajorHavoc@lemmy.world
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        Heh. That looks like it has decent odds of being a “company ending event” incident, to be specific.

        But at least there’s lots of comments. And maybe someone already put a safety net in somewhere else and just forgot to update the 20 comments. It could happen.

        • devil_d0c@lemmy.worldOP
          link
          fedilink
          English
          arrow-up
          1
          ·
          1 year ago

          Under different circumstances, sure. As it is, worst they could expect is a fine from our regulators for data retention hits. We could recreate the info easily enough if our suppliers played nicely.

    • devil_d0c@lemmy.worldOP
      link
      fedilink
      English
      arrow-up
      6
      ·
      1 year ago

      👃👈 ding ding ding!

      Dev pushed drop and recreate the dB each time.

      And there is no QA, don’t be silly.

      • MajorHavoc@lemmy.world
        link
        fedilink
        English
        arrow-up
        2
        ·
        edit-2
        1 year ago

        That would be silly. Why pay for QA staff when we can spend customer good-will instead?

        Edit: Sorry, I’ve worked with this kind of stupid so long, I can hear the logic in my bones. The only target that matters is this upcoming quarterly report. The quarterly report after that happens to future me, and he’s never done anything for me.

    • devil_d0c@lemmy.worldOP
      link
      fedilink
      English
      arrow-up
      2
      ·
      1 year ago

      I don’t hate it. The docs are good and it’s very opinionated, which I appreciate. Makes it easier to divy up the work into chunks management can digest.

      I wouldn’t use it for a personal project though.