on
Easter eggs, I think they call them...
Before the assets were handed off to me I told myself not to dig in to the app’s code right out of the gate. Evidently I have the self control of a five year old because this weekend I went all in. I’ve made it a point not to touch anything in production until I’m fully acquainted with the codebase, but there are a few things I wanted to learn more about and couldn’t help poring over.
While looking at the transactional mail stream in Postmark I noticed a customer – the largest in terms of API calls and emails sent, no less – whom I knew based on their Stripe profile had let their credit card expire a while ago was still receiving their service as if their account was current. Doing some quick math it seems ~25% of all sent emails and ~33% of API calls are on behalf of churned customers whose account details were never updated in the database. Upon further investigation I became aware that canceling a customer’s account was a manual process - the previous owner hard codes the customer’s Stripe ID into the function responsible for shutting down access for delinquent accounts. I found a few similar quirks performing my due diligence so this isn’t a shock. There were other discoveries that were alarming, however:
- Production database access was secured via a 768 bit SSH key. It’s incompatible with any modern SSH client, I had to hop on a Windows box and use PuTTY to access the database.
- API keys exposed in production code.
- API keys and passwords have never been rotated in ~6 years of use.
- Database connection in the production code exposes the db username and password in plain text.
- The binary for the service responsible for making API calls and sending customer alerts runs locally. As in on. your. laptop.
- The go service has never been in version control. That’s 6 years without git!
All legitimate issues but luckily were mostly easy fixes.
This week I’m figuring out to migrate company email accounts from the previous owner’s GSuite account into mine, and – if I have time – standing up development & staging environments on DigitalOcean and thinking about how I want to handle CI/CD.