2 months ago
I just read this and wanted to flag it. Does Railway have plans on changing these infrastructure issues that helped make this worse for the client (AI agent deleting their database along with backups on Railway)? https://x.com/lifeof_jer/status/2048103471019434248?s=46&t=cytcyeeGSA_8IV4PW3nBEA
7 Replies
2 months ago
Not a perfect solution, but after reading that post I added this template to my project, in addition to the standard volume backups.
I hope RLWY looks at the CLI tokens scope, it is pretty dangerous
2 months ago
As long as you don't have your prod API key in a random file like this guy did, you should be fine.
2 months ago
Scoped API keys would be nice though.
2 months ago
I also saw somewhere that they made it so that using volumeDelete doesnt immediately delete the volume content.
2 months ago
We did, two-day grace period.
Though, for context, prior to this incident, we have had grace periods for volume deletes for some time now. All volume deletes via the dashboard go through that path, but in this instance, their API called the mutation that deletes a volume without a grace period, and that mutation is what we have updated to have the same grace period as volume deletions done through the dashboard.