Edit: so im done with my preliminary research into this codebase.
Our corporate SSO provider is changing, so I’ve been updating our tools to take advantage of the new badges. I found this in a web application that I started on today. The original developer is long gone, and according to our PaaS, this app has been running for just under 3 years without an update.
There is no CI/CD, blue-green deployment, or back ups. The database is an H2 db with ddl-auto set to create-drop on startup, meaning that this database will delete itself if the app is restaged but thanks to this guys code, it won’t populate itself. 🤷
Found this in production while migrating SSO providers. Made me chuckle 🙃
You wonder why spaceships have self-destruct option?
I usually tend to leave “written by ChatGPT” so colleagues can feed it back and ask to explain lol.
Dropping the database is not recoverable
This is the real problem
Ohh, valid point. So many organisations not testing their restore procedures.
👃👈
According to the documentation for the app, they got it classified as a shop aid tool, thereby circumventing production requirements.
The whole app is written like some college kids hello world mvc app
Recovering a database from a backup is often possible but often a pain in the ass, and depending on the application you may not consider it acceptable to lose a day of data
Good Lord, this makes my hands sweaty. Why is your entire prod database leaning on one line of code that’s prone to human error? There should be 20 extra accidental steps taken to do something like this.
Look, if you hold the lever tight you can safely put the pin back in the grenade!
Turns out we were always one copy paste error from a major incident.
Don’t worry, I’m fixing it 🤷
Heh. That looks like it has decent odds of being a “company ending event” incident, to be specific.
But at least there’s lots of comments. And maybe someone already put a safety net in somewhere else and just forgot to update the 20 comments. It could happen.