Sail JADA — Engineering Log

Technical work on sailjada.com and the JADA booking systems

Debugging a Cascading Deployment Failure: Race Conditions, Python Template Escaping, and S3 Staging Recovery

What Happened

A previous agent tasked with fixing a booking calendar race condition on sailjada.com introduced a critical regression across 22 HTML files deployed to staging. The fix itself was sound—preventing jadaOpenBook() from opening the modal before availability data loaded—but the implementation left Python format-string escapes ({{ and }}) embedded in JavaScript contexts where they're not valid syntax. Simultaneously, 23 local files were corrupted, diverging significantly from production. This post details the investigation, the scope of damage, and the recovery strategy.

The Root Cause: Template Syntax Confusion

The original sailjada.com deployment uses Python format-string templating for dynamic content injection. Files like /Users/cb/Documents/repos/sites/sailjada.com/index.html and /releases/rc1/index.html contain placeholders like:

{{ isLoading: false }}

These double-braces are legitimate in two contexts:

  • CSS: Double-brace syntax appears in standard CSS properties (e.g., {{ content: 'value' }} in certain templating frameworks)
  • Python templates: The Flask/Jinja2-style {{ variable }} syntax for server-side rendering

However, the agent inserted booking state management directly into JavaScript blocks without respecting this distinction:

<script>
let jadaBookingState = {{ isLoading: false }};
</script>

This is syntactically invalid JavaScript. The browser parser expects either a JSON object literal or a template variable substitution, not a hybrid. This breaks any page where the variable wasn't properly substituted by the backend during deployment.

Scope of Damage

The impact was widespread:

  • 22 pages staged to production: All files in s3://queenofsandiego.com/_staging/sailjada/ containing the broken jadaBookingState syntax
  • 23 local files corrupted: The local development copies at /Users/cb/Documents/repos/sites/sailjada.com/ diverged from the S3 production source-of-truth
  • RC1 release affected: /releases/rc1/index.html had multiple iterations of edits, some containing the broken code
  • Four additional sites impacted: Staging deployments to related domains (queenofsandiego.com, brandicarlile.com, charter confirmation flows) contained cascading issues from the shared deployment script

Investigation Methodology

The discovery process followed a forensic pattern:

  1. Pattern matching: Grep across all HTML files in the sailjada.com directory to find occurrences of {{ isLoading and related patterns
  2. Git history analysis: Reviewed commit logs to identify when the race condition fix was introduced and what the before/after states were
  3. Production baseline comparison: Downloaded the current production file from S3 (s3://queenofsandiego.com/sailjada.com/index.html) to establish ground truth
  4. Line count and diff analysis: Used wc -l and diff -u to quantify deviations between local, staging, and production versions
  5. Staged file enumeration: Listed all files in the _staging/ S3 prefix to identify what was queued for deployment

Technical Details of the Race Condition Fix (The Good Part)

Before examining the implementation error, it's important to note that the underlying fix was architecturally sound. The original problem: jadaOpenBook() was a synchronous function that opened the booking modal before the availability calendar data was fetched from the backend. Users would see an empty calendar skeleton.

The intended solution added state management:

function jadaOpenBook() {
  if (!isLoadingAvailability) {
    openModalWithData();
  } else {
    queueModalOpen();
  }
}

This pattern is correct—it's a classic "gate lock" pattern used in async UI flows. The mistake was in how the state variable was declared and initialized in the HTML template.

Recovery: Restoring from S3 Production

Rather than attempt to repair 23 corrupted local files, the recovery strategy was to treat S3 as the source-of-truth and restore all local files from the production bucket:

aws s3 sync s3://queenofsandiego.com/sailjada.com/ \
  /Users/cb/Documents/repos/sites/sailjada.com/ \
  --exclude "_staging/*" \
  --profile production-read

This restored all 23 files to their last-known-good state. The staged files in _staging/sailjada/ were then deleted to prevent accidental promotion to production:

aws s3 rm s3://queenofsandiego.com/_staging/sailjada/ \
  --recursive \
  --profile staging-write

Validating the Restored State

After restoration, we verified:

  • The booking system functions were present and intact in the production version (functions like jadaBookingState, loadAvailability(), openModalWithData())
  • No JavaScript syntax errors in the console when rendering locally
  • All Python template variables were properly bounded and contained in server-side template contexts, not JavaScript blocks
  • The Stripe payment link placeholder ({STRIPE_LINK}) was preserved in its correct location, not mangled by the agent's edits

Infrastructure Implications

This incident revealed a critical gap: there's no automated validation between local development and staging deployment. The files deployed to s3://queenofsandiego.com/_staging/ via CloudFront (distribution ID not disclosed for security) weren't validated for JavaScript syntax errors before promotion.

Recommended safeguards for future deployments:

  • Add a pre-deployment validation step that runs JSHint or ESLint against all HTML files containing <script> blocks
  • Implement a staging approval workflow that prevents automatic promotion from _staging/ to the production root without explicit sign-off
  • Version-lock deployment scripts to prevent mid-operation mutations of multiple files

What's Ready for Production

After restoration, the production bucket remains stable and unchanged. The local development environment is now synchronized with production. Any further booking system improvements should be developed and tested against the restored local baseline before staging.

What Requires Testing

The original race condition fix concept (preventing modal open until data is ready) still needs to be implemented, but with proper template syntax. This should be done incrementally on a single test file before broad rollout to all 22 pages.