Edit: so im done with my preliminary research into this codebase.
Our corporate SSO provider is changing, so I’ve been updating our tools to take advantage of the new badges. I found this in a web application that I started on today. The original developer is long gone, and according to our PaaS, this app has been running for just under 3 years without an update.
There is no CI/CD, blue-green deployment, or back ups. The database is an H2 db with ddl-auto set to create-drop on startup, meaning that this database will delete itself if the app is restaged but thanks to this guys code, it won’t populate itself. 🤷
Dropping the database is not recoverable
This is the real problem
Its Happy Fun Function!
You wonder why spaceships have self-destruct option?
Found this in production while migrating SSO providers. Made me chuckle 🙃
DO NOT RUN IN PROD
Found this in production
Classic
When I sat down today I thought I was just going to be updating some properties file with oauth end points.
This is so blatantly stupid that I now have to pick through the code base and write up a change request and incident avoidance report 😕
Only thing better is finding commented out code below that which would actually prevent it from running in Prod. Bonus if there’s a code comment next to it saying “disabled per email” with no further explanation.
Good Lord, this makes my hands sweaty. Why is your entire prod database leaning on one line of code that’s prone to human error? There should be 20 extra accidental steps taken to do something like this.