I Accidentally wiped the entire dataset in Production database. Here's what happened next

One of the tragic accident in my job turned out to be good learning for me in recent days. Yes, I accidentally wiped the entire dataset in the production database.

Before, getting into the details of it. let me tell you a bit about myself, I am a Full Stack Engineer specialized in React, Nodejs. I am working in a startup where we use Nodejs, Postgres in production.

Recently, i was working in an API which updates the database table. table has structure like this

1module.exports = (sequelize, Sequelize) => {
2 const User = sequelize.define("user", {
3 name: {
4 type: Sequelize.STRING
5 },
6 email: {
7 type: Sequelize.STRING
8 },
9 data : Sequelize.JSON,
10 });
11
12 return User;
13 };

an important thing to note here is the data that is in the JSON structure. API that I built should update the data object in the table.

To give you an example, Here's the structure of data on GET request

https://s3-us-west-2.amazonaws.com/secure.notion-static.com/e5e7311e-94da-4c4c-8509-2677132790fd/GET_API.png

it contains the data in JSON structure which has fields such as phone, address, country, and postal code.

So, I need to write an API to change the phone number inside of the data. I thought it's kind of easy one to do and did that in a few steps.

1app.post('/phone-number/update/:id',async (req,res) => {
2 try {
3 const id = req.params.id;
4 const phonenumber = req.body.phonenumber
5
6 const user = await User.update({ "data.phone" : phonenumber },{
7 where : {
8 id
9 }
10 })
11
12 res.status(200).json(user)
13 }
14 catch(e){
15 res.status(500).json(null)
16 }
17})

it updates the phone number inside of the data object. everything looks good so far. After that, I wrote a test-case to cover the scenario where the updated phone number is stored in the DB and it passed.

Everything looks good so far. So, it went to production. i didn't realize the disaster that is going to happen on production. i was in my home like,

Chill

Here's what happened in production, the API entirely wiped the JSON data replacing them with just phone number. i was shocked to see this,

To give you an example, Here's the data before and after the API

https://s3-us-west-2.amazonaws.com/secure.notion-static.com/cdc7b99b-6e0d-413f-b713-b6f511dbb464/Before.png

After the API update,

https://s3-us-west-2.amazonaws.com/secure.notion-static.com/dbe90ce0-f94f-40f3-9f74-daf496b2d7bb/After.png

Then, i realized that postgres update on JSON shouldn't work like this. Luckily, our database took a backup exactly before this came up. so, i just rolled back the database data and commented out the functionality in this API.

but, my CTO noted this issue and helped me to resolve this one. In the meantime, I found an another way to fix the API functionality. it will be something like,

1app.post('/phone-number/update/:id',async (req,res) => {
2 try {
3 const id = req.params.id;
4 const phonenumber = req.body.phonenumber
5
6 let user = await User.findOne({ id })
7
8 user.data = { ...user.data,phone : phonenumber }
9 await user.save()
10
11 res.status(200).json(user)
12 }
13 catch(e){
14 res.status(500).json(null)
15 }
16})

I know it doesn't look like an effective solution. but at that moment, I wanted a working solution that should be deployed. I quickly wrote test-cases to cover the scenario and raised a PR. CTO personally looked into this code and reviewed it and gave some feedback. finally, the patch was merged into production that day.

Relief

it may look like a small & silly issue. but, it has the potential to wipe out the entire dataset. Instead of worrying about this incident. I took it as good learning for me. they are,

  • Even if we write test cases to cover the situation. it's always one step better if we can manually test the situation.
  • Never get stressed if your code broke the production server. I know it shouldn't happen. In some worst cases, it will. So, take it as a learning curve and avoid that mistake in the future.
  • Things like this will happen, At that moment, Having a supporting colleague or seniors will help a lot. That comes along in our careers.

I hope you learned something from this real-world experience. I wanted to share my experience so that you can get that experience without you need to undergo the same situation. we will see in another real-time experience. until then, Happy Coding :-)

To Read More

I Accidentally wiped the entire dat...

One of the tragic accident in my job turned out to be good learning for me in re...

List of Docker Container Commands y...

This article covers list of commands that you should know to manage docker conta...

Everything you need to know about d...

Docker volume is a persistent data storage mechanism to store the data in docker...