Skip to content

Instantly share code, notes, and snippets.

@loftwah

loftwah/feedback.md

Created April 20, 2025 14:24
Show Gist options
  • Save loftwah/8094fbd410176480304490d57c21a40d to your computer and use it in GitHub Desktop.
Save loftwah/8094fbd410176480304490d57c21a40d to your computer and use it in GitHub Desktop.
Download ZIP
techdeck-feedback-2
Raw
feedback.md

TechDeck Feedback 2

Okay, let's get this straight. You're a DevOps guy, knee-deep in some AWS migration mess that sounds like typical corporate over-engineering, and you slapped this together on the side. Right. One-man startup, you're the boss, I'm the... sidekick. Fine. Let's look at this "TechDeck Job Processor" thing running on Cloudflare's playground.

First off, estimating build time. Given you're juggling that AWS migration, which probably means context switching like crazy, and assuming you had to learn some of this Cloudflare Workers/D1/R2 nonsense from scratch... getting this current state? Maybe 3-5 solid days of work, spread out whenever you could steal time. If you already knew the Cloudflare stack reasonably well, maybe 2-3 days. It's not rocket science, but it's fiddly plumbing work connecting APIs and databases asynchronously.

Now, let's talk about the actual code you've written.

H1: Code Review: TechDeck Job Processor - Don't Screw This Up

Alright, listen up. You've got a Cloudflare Worker processing jobs. Fine. Scheduled every minute. Ambitious. Let's tear this apart before it becomes another pile of unmaintainable garbage. I'm looking at index.js and the config. Don't care about your future Puppeteer pipe dreams or Stripe fantasies right now – focus on what's here.

The Good (Surprisingly, Some Exists)

  1. Basic Structure: Using a scheduled worker for background tasks is sane. Decoupling it from the main app? Good. Avoids blocking user requests. Smartest thing here.
  2. Job Status & Retries: You're updating job status (processing, completed, failed) and even have basic retry logic (retries < max_retries). That's table stakes, but at least you did it. Logging status changes is also minimally decent.
  3. API Key Checks: Checking for env variables at the start. Obvious, but necessary. Good.
  4. DB Prepared Statements: Using db.prepare().bind() for SQL. Prevents basic SQL injection. Minimum bar met.
  5. Asset Downloading: The downloadAndUploadImage function actually has better error handling than some other parts. It catches fetch/upload errors, logs a warning, and returns false without killing the entire job. For non-critical assets like avatars/banners, that's arguably the correct behaviour.

The Bad (Plenty To Go Around)

  1. Error Handling - Fragile as Hell:

    • Notification Failures Kill Jobs: You run sendNotification, and then updateJobStatus to completed. If sendNotification throws an error (e.g., Resend API is down, key is invalid, email address bounces), the catch block marks the entire job as failed and increments the retry count. This is STUPID. The core work (card generation, profile update) might have succeeded perfectly! Why retry the whole damn thing just because an email failed? Notifications should be best-effort or have their own separate failure tracking. Don't conflate core task success with notification success. Fix this logic. Send the notification, catch its specific errors, log them, but still mark the main job completed if the actual work was done.
    • External API Brittleness: You check response.ok for fetch. Fine. But what about timeouts? Network glitches? Cloudflare Workers have CPU and duration limits. A slow API (SocialData, Gemini) could make your worker time out, leaving jobs half-finished or in a weird state. Your current retry logic helps, but doesn't solve underlying slowness or hard timeouts. Are you setting timeouts on your fetch calls? Doesn't look like it.
    • JSON Parsing: JSON.parse(job.data). What if the data is garbage? Invalid JSON? Your worker will likely throw an unhandled exception within the job loop. Catch potential JSON.parse errors specifically and fail the job gracefully with a useful error message. Same for parsing the Gemini response.

  2. AI Interaction - Naive:

    • generateCardWithAI: You send a prompt, get a response, and then use a regular expression (/\{[\s\S]*\}/) to find the JSON blob?! Are you kidding me? That's incredibly fragile. What if the API adds introductory text? Or error messages outside the JSON? Or adds multiple JSON blocks? You need to parse the actual API response structure (navigating candidates[0].content.parts[0].text etc.) and then robustly parse the JSON content within that text part, ideally with error handling for invalid JSON. Relying on a loose regex is asking for trouble.

  3. Structure & Complexity:

    • One Giant File: index.js is getting long. All the logic, all the helpers, everything is crammed in here. For a small worker, maybe it's tolerable now, but it shows a lack of discipline. Break down logical units into smaller, testable modules if this grows any further. Where the hell is ProfileService coming from (../../src/utils/profile-service.ts)? That relative path suggests a potentially messy monorepo structure. And why .ts if your entry point is .js? Minor, but sloppy.
    • process...Job Functions Doing Too Much: processCardGenerationJob fetches Twitter data, parses it, calls AI, calculates a card, saves to DB using ProfileService, downloads assets, and calls the placeholder image generator. That's way too many responsibilities. Decompose these into smaller, focused functions.

  4. Database Interactions:

    • Magic Limit: LIMIT 5 in getJobs. Why 5? Is that based on average job duration and the worker's 1-minute schedule / execution limits? Or just a random number? You need to justify this limit based on performance characteristics. What happens if one job takes 30 seconds? You might run out of time before processing all 5.
    • Profile Data: You're storing the profileData as a JSON blob in the profiles table. Fine for D1's limitations, but be aware of the downsides (querying inside the JSON is painful or impossible, schema migrations are harder).

  5. Security (Yeah, I Saw Your Note):

    • SUBMIT_CODE: You know this is garbage, even for testing. Hardcoding secrets or using easily guessable codes is lazy. Use proper authentication/authorization as soon as anyone else might even sniff this thing. Good that you plan to use real API keys eventually, but don't develop bad habits.

  6. Configuration & Dependencies:

    • wrangler.toml: Looks mostly standard. Cron trigger is set. Bindings are declared. Fine.
    • package.json: Only resend listed. What about development dependencies? Linters? Formatters? Test runners? A lack of these suggests a "cowboy coding" approach. Even for a one-man show, basic tooling saves you from yourself.

The Verdict

It's a start. It's functional based on the happy path. But it's brittle. The error handling around notifications is fundamentally flawed. The AI interaction is naive. The structure is monolithic. It reeks of "get it working quickly" without enough thought for robustness or maintainability, which is typical for side projects, but bad if you actually want this to live.

You're a DevOps engineer, you should understand failure modes, idempotency, and resilience better than this. Apply that thinking here. Fix the error handling logic first. Make the external API interactions more robust. Stop parsing AI responses with flimsy regexes.

Don't come back until this is less likely to fall over if someone sneezes on the network connection to Resend. Now get back to work. And stop letting that AWS migration rot your brain.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment