Octopus Hackathon - Project Overview
๐ Executive Summary
This project is a microservice API built for the Octopus Hackathon - a global innovation sprint celebrating the intelligent multitasking spirit of the octopus. The project simulates a real-world file download system with variable processing times (10-120 seconds), demonstrating how to handle long-running operations that exceed typical reverse proxy timeouts (Cloudflare: 100s, nginx: 60s default).
Project Type: Backend microservice with focus on observability, cloud integration, and production-ready infrastructure
Hackathon Theme: Demonstrating agile, creative, and multitasking capabilities - just like an octopus reaching across multiple domains (AI, distributed systems, cloud infrastructure, and observability)
๐ฏ Problem Being Solved
Core Challenge: Long-Running Download Operations Behind Reverse Proxies
The Scenario: Modern cloud infrastructure uses reverse proxies (Cloudflare, nginx, AWS ALB) that have strict timeout limits. When a file download takes 2+ minutes to process, connections are terminated, resulting in:
- โ 504 Gateway Timeout errors for slow operations
- โ Poor user experience with no progress feedback
- โ Resource exhaustion from holding HTTP connections open
- โ Retry storms when clients automatically retry failed requests
Real-World Example:
# Server processes download in 95 seconds
# But Cloudflare timeout = 100 seconds
# Request timeout setting = 30 seconds
# Result: User sees timeout, but server continues processing
Processing Time Distribution
| Download Speed | Time Range | Frequency |
|---|---|---|
| Fast Downloads | ~10-15s | Common |
| Medium Downloads | ~30-60s | Regular |
| Slow Downloads | ~60-120s | Challenging |
๐๏ธ Architecture & Tech Stack
Technology Stack
| Layer | Technology | Purpose |
|---|---|---|
| Runtime | Node.js 24 | Native TypeScript support |
| Framework | Hono | Ultra-fast web framework (Express alternative) |
| Validation | Zod | Schema validation with OpenAPI integration |
| Storage | MinIO | Self-hosted S3-compatible object storage |
| Metrics | Prometheus | Metrics collection and time-series database |
| Visualization | Grafana | Dashboards and data visualization |
| Logging | Elasticsearch + Kibana | Log aggregation, search, and analysis |
| Error Tracking | Sentry | Real-time error monitoring |
| Documentation | Scalar OpenAPI | Interactive API docs |
Current Architecture
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โ Client Layer โ
โ (Frontend, Mobile App, External Services) โ
โโโโโโโโโโโโโโโโโโโโโโโฌโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โ
โ HTTP/HTTPS
โผ
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โ Reverse Proxy (Cloudflare/nginx) โ
โ Timeout: 60-100s (Problem Zone!) โ
โโโโโโโโโโโโโโโโโโโโโโโฌโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โ
โ
โผ
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โ Hono API Server (Port 3000) โ
โ โ
โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ โ
โ โ Middleware Stack: โ โ
โ โ โข Request ID Tracking โ โ
โ โ โข Security Headers (HSTS, X-Frame-Options, etc.) โ โ
โ โ โข CORS โ โ
โ โ โข Request Timeout (30s default) โ โ
โ โ โข Rate Limiting (100 req/min) โ โ
โ โ โข Prometheus Metrics Instrumentation โ โ
โ โ โข Sentry Error Tracking โ โ
โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ โ
โ โ
โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ โ
โ โ API Endpoints: โ โ
โ โ GET / - Welcome message โ โ
โ โ GET /health - Health check โ โ
โ โ POST /v1/download/initiate - Queue bulk download โ โ
โ โ POST /v1/download/check - Check file status โ โ
โ โ POST /v1/download/start - Start download (LONG!) โ โ
โ โ GET /docs - API documentation โ โ
โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ โ
โโโโโโโโโโโโโโโโโโโโโโโฌโโโโโโโโโโโโโฌโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โ โ
โ โ
โโโโโโโโโโโโโโโผโโโโโ โโโโโผโโโโโโโโโโโโโโโโโโโ
โ MinIO โ โ Observability Stack โ
โ S3-Compatible โ โ โโโโโโโโโโโโโโโโโโ โ
โ Object Storage โ โ โ Prometheus โ โ
โ โ โ โ (Metrics) โ โ
โโโโโโโโโโโโโโโโโโโโ โ โโโโโโโโโโโโโโโโโโ โ
โ โโโโโโโโโโโโโโโโโโ โ
โ โ Grafana โ โ
โ โ (Dashboards) โ โ
โ โโโโโโโโโโโโโโโโโโ โ
โ โโโโโโโโโโโโโโโโโโ โ
โ โ Elasticsearch โ โ
โ โ (Logs) โ โ
โ โโโโโโโโโโโโโโโโโโ โ
โโโโโโโโโโโโโโโโโโโโโโโโ
Observability Stack
Core Monitoring Stack:
- ๐ง Prometheus - Metrics collection and time-series database
- ๐ง Grafana - Visualization dashboards and alerting
- ๐ง Elasticsearch + Kibana - Log aggregation, search, and analysis
- โ Sentry - Real-time error tracking and monitoring
Storage:
- ๐ง MinIO - Self-hosted S3-compatible object storage
Note: This project uses a comprehensive observability stack with Prometheus for metrics, Grafana for visualization, and Elasticsearch for centralized logging.
๐ Project Structure
devpost_hackathon/
โโโ src/
โ โโโ index.ts # Main application (all-in-one file)
โ # - Environment config with Zod validation
โ # - S3 client setup
โ # - OpenTelemetry SDK initialization
โ # - Hono app with middleware stack
โ # - API route definitions
โ # - Graceful shutdown handler
โ
โโโ scripts/
โ โโโ e2e-test.ts # Comprehensive E2E test suite
โ โ # - 30+ test cases
โ โ # - Health checks, security headers, CORS
โ โ # - Download endpoints validation
โ โ # - Rate limiting verification
โ โโโ run-e2e.ts # Test runner with server lifecycle
โ # - Starts dev server
โ # - Waits for health check
โ # - Runs tests, cleans up
โ
โโโ docker/
โ โโโ Dockerfile.dev # Development image (hot reload)
โ โโโ Dockerfile.prod # Production image (multi-stage, optimized)
โ โโโ compose.dev.yml # Dev stack with Jaeger UI
โ โโโ compose.prod.yml # Production stack
โ
โโโ .github/
โ โโโ workflows/
โ โโโ ci.yml # GitHub Actions CI pipeline
โ
โโโ package.json # Dependencies & scripts
โโโ tsconfig.json # TypeScript configuration
โโโ eslint.config.mjs # ESLint rules
โโโ problemset.md # Hackathon problem statement
โโโ README.md # Quick start guide
๐ API Endpoints
Core Endpoints
| Method | Endpoint | Description | Response Time |
|---|---|---|---|
| GET | / |
Welcome message | Instant |
| GET | /health |
Health check with storage status | ~100ms |
| GET | /docs |
Interactive API documentation | Instant |
| GET | /openapi |
OpenAPI spec (JSON) | Instant |
Download API
| Method | Endpoint | Description | Response Time |
|---|---|---|---|
| POST | /v1/download/initiate |
Queue bulk download job | Instant (returns jobId) |
| POST | /v1/download/check |
Check single file availability | ~200ms |
| POST | /v1/download/start |
Start download (LONG-RUNNING!) | 10-120 seconds โ ๏ธ |
Testing Sentry Integration
# Trigger intentional error for Sentry dashboard
curl -X POST "http://localhost:3000/v1/download/check?sentry_test=true" \
-H "Content-Type: application/json" \
-d '{"file_id": 70000}'
๐ง Environment Configuration
Required Environment Variables
# Server Configuration
NODE_ENV=development|production|test
PORT=3000
# S3 Storage (MinIO)
S3_REGION=us-east-1
S3_ENDPOINT=http://localhost:9000 # MinIO endpoint
S3_ACCESS_KEY_ID=minioadmin
S3_SECRET_ACCESS_KEY=minioadmin
S3_BUCKET_NAME=downloads
S3_FORCE_PATH_STYLE=true # Required for self-hosted S3
# Observability
SENTRY_DSN= # Optional: Sentry error tracking
PROMETHEUS_PORT=9090 # Prometheus metrics endpoint
GRAFANA_PORT=3001 # Grafana dashboard port
ELASTICSEARCH_URL=http://localhost:9200 # Elasticsearch endpoint
# Rate Limiting & Timeouts
REQUEST_TIMEOUT_MS=30000 # 30 seconds
RATE_LIMIT_WINDOW_MS=60000 # 1 minute window
RATE_LIMIT_MAX_REQUESTS=100 # 100 requests per window
# CORS
CORS_ORIGINS=* # Or comma-separated list
# Download Delay Simulation
DOWNLOAD_DELAY_ENABLED=true
DOWNLOAD_DELAY_MIN_MS=10000 # 10 seconds (dev: 5s)
DOWNLOAD_DELAY_MAX_MS=200000 # 200 seconds (dev: 15s)
Delay Configuration per Environment
| Environment | Min Delay | Max Delay | Purpose |
|---|---|---|---|
Development (npm run dev) |
5s | 15s | Fast iteration |
Production (npm run start) |
10s | 120s | Real-world simulation |
| E2E Tests | Mock | Mock | Fast test execution |
๐ฏ Project Features & Challenges
Note: This project was initially designed for a structured hackathon but is now being enhanced for Octopus Hackathon with additional features and capabilities.
Feature 1: MinIO Storage Integration โ TODO
Objective: Add MinIO (self-hosted S3-compatible storage) to Docker Compose
Requirements:
- [ ] Add MinIO service to
docker/compose.dev.ymlandcompose.prod.yml - [ ] Auto-create
downloadsbucket on startup - [ ] Configure networking between services
- [ ] Pass
/healthendpoint check:{"status":"healthy","checks":{"storage":"ok"}} - [ ] Pass all E2E tests (
npm run test:e2e) - [ ] MinIO Console accessible at http://localhost:9001
Hints:
- Services communicate via service name:
http://minio:9000 - Use MinIO's
mcclient or init script to create bucket - Set
S3_FORCE_PATH_STYLE=truefor self-hosted S3 - Default credentials: minioadmin/minioadmin
Feature 2: Architecture Design โ TODO
Objective: Design a solution to handle variable download times (10-120s) gracefully
Deliverable: Create ARCHITECTURE.md with:
- Architecture Diagram - Visual representation of system components
Technical Approach - Choose and justify one pattern:
- Polling Pattern (REST with periodic checks)
- WebSocket/SSE Pattern (real-time updates)
- Webhook/Callback Pattern (async notifications)
- Hybrid Approach
Implementation Details:
- API contract changes
- New endpoints needed
- Database/cache schema
- Background job processing (BullMQ, Redis, SQS)
- Error handling & retry logic
- Timeout configuration per layer
Proxy Configuration - Example configs for:
- Cloudflare (WebSocket support, timeouts)
- nginx (proxy_timeout, buffering)
Frontend Integration - React/Next.js implementation:
- Initiate downloads
- Show progress
- Handle completion/failure
- Retry logic
Feature 3: CI/CD Pipeline โ COMPLETE
Status: โ GitHub Actions CI pipeline already implemented!
Existing Pipeline:
Lint โ Test โ Build โ (Deploy)
Features:
- โ Runs on push to main/master
- โ Runs on pull requests
- โ Linting (ESLint)
- โ Format check (Prettier)
- โ E2E tests
- โ Docker image build
- โ Build caching (GitHub Actions cache)
Possible Enhancements:
- Add automatic deployment (Railway, Render, Fly.io)
- Security scanning (Snyk, CodeQL, Trivy)
- Branch protection rules
- Slack/Discord notifications
Feature 4: Observability Dashboard ๐ง IN PROGRESS
Objective: Build comprehensive observability with full monitoring stack
Stack Components:
- Prometheus - Metrics collection & alerting
- Grafana - Visualization dashboards
- Elasticsearch + Kibana - Log aggregation & search
- Sentry - Error tracking (pre-configured)
Requirements:
React Dashboard Application:
- [ ] Connect to download API
- [ ] Display download job status
- [ ] Real-time error tracking (Sentry)
- [ ] Embed Grafana dashboards for metrics visualization
Prometheus Integration:
- [ ] Add Prometheus client to API
- [ ] Export metrics:
- Request duration (histogram)
- Request count by endpoint
- Error rate
- S3 operation latency
- Download processing time distribution
- [ ] Prometheus scrape configuration
Grafana Dashboards:
- [ ] API performance dashboard
- [ ] Download metrics dashboard
- [ ] Error rate & SLA monitoring
- [ ] System resource usage
Elasticsearch Integration:
- [ ] Ship application logs to Elasticsearch
- [ ] Structured logging with trace IDs
- [ ] Log correlation with traces
- [ ] Kibana dashboard for log search
End-to-End Correlation:
User Action โ API Request โ S3 Operation โ Response โ โ โ โ โโโโโโโโโโโโโโโโดโโโโโโโโโโโโโโโดโโโโโโโโโโโโโ request_id: abc-123
Logs (Elasticsearch): {"request_id":"abc-123", "level":"info", "msg":"Download started"} Metrics (Prometheus): download_duration_seconds{file_id="70000"} 95.2 Errors (Sentry): Event tagged with request_id=abc-123
**Deliverables:**
- `frontend/` directory with React app
- Updated Docker Compose with:
- MinIO service (object storage)
- Prometheus service (metrics collection)
- Grafana service (with datasources pre-configured)
- Elasticsearch & Kibana services (logging)
- Frontend service
- Documentation on setup and usage
---
## ๐ Security Features
| Feature | Implementation |
|---------|---------------|
| Request ID Tracking | UUID for each request (custom or auto-generated) |
| Rate Limiting | 100 requests per minute per IP |
| Security Headers | HSTS, X-Frame-Options, X-Content-Type-Options |
| CORS | Configurable allowed origins |
| Input Validation | Zod schemas with strict type checking |
| Path Traversal Prevention | Sanitized S3 keys (no user-controlled paths) |
| Graceful Shutdown | SIGTERM/SIGINT handlers with cleanup |
| Non-root User | Docker runs as `node` user |
| Health Checks | Docker healthcheck with retry logic |
---
## ๐งช Testing
### E2E Test Suite (`npm run test:e2e`)
**Test Coverage:**
- โ
Root endpoint
- โ
Health check (healthy/unhealthy states)
- โ
Security headers (HSTS, X-Frame-Options, etc.)
- โ
CORS headers
- โ
Rate limiting
- โ
Request ID tracking (custom & auto-generated)
- โ
Download initiate endpoint
- โ
Download check endpoint
- โ
Input validation (file_id bounds)
- โ
Content-Type validation
- โ
Method validation (404/405 responses)
**Test Output Example:**
=== Root Endpoint === โ PASS: Root returns welcome message
=== Health Endpoint === โ PASS: Health returns valid status code (200 or 503) โ PASS: Health status matches response code โ PASS: Storage check returns valid status
==============================
TEST SUMMARY
Total: 30 Passed: 30 Failed: 0
All tests passed!
---
## ๐ Running the Project
### Local Development
```bash
# Install dependencies
npm install
# Create .env file
cp .env.example .env
# Development mode (5-15s delays, hot reload)
npm run dev
# Production mode (10-120s delays)
npm run start
# Run tests
npm run test:e2e
# Format & Lint
npm run format
npm run lint:fix
Docker
# Development stack (with full observability)
npm run docker:dev
# Access:
# - API: http://localhost:3000
# - MinIO Console: http://localhost:9001
# - Grafana: http://localhost:3001
# - Prometheus: http://localhost:9090
# - Kibana: http://localhost:5601
# Production stack
npm run docker:prod
Scripts
| Script | Description |
|---|---|
npm run dev |
Start dev server (5-15s delays, hot reload) |
npm run start |
Start production server (10-120s delays) |
npm run test:e2e |
Run E2E tests with server management |
npm run lint |
Run ESLint |
npm run lint:fix |
Fix linting issues |
npm run format |
Format code with Prettier |
npm run format:check |
Check code formatting |
npm run docker:dev |
Start Docker dev stack |
npm run docker:prod |
Start Docker production stack |
๐ CI/CD Pipeline
GitHub Actions Workflow
File: .github/workflows/ci.yml
Pipeline Stages:
โโโโโโโโโโโโโโโ
โ Lint โ โข ESLint
โ โ โข Prettier format check
โโโโโโโโฌโโโโโโโ
โ
โผ
โโโโโโโโโโโโโโโ
โ Test โ โข E2E tests
โ โ โข Health checks
โ โ โข API validation
โโโโโโโโฌโโโโโโโ
โ
โผ
โโโโโโโโโโโโโโโ
โ Build โ โข Docker image build
โ โ โข Multi-stage optimization
โ โ โข Layer caching
โโโโโโโโโโโโโโโ
Triggers:
- Push to
mainormasterbranch - Pull requests to
mainormaster
Features:
- Parallel job execution where possible
- Dependency caching for faster builds
- Fail-fast on errors
- Clean test environment (Ubuntu 24.04 + Node 24)
Environment:
- Container:
node:24-slim - Mock S3 mode (no external dependencies)
- CI environment variable automatically set
๐ Key Metrics to Monitor
Application Metrics (Prometheus)
| Metric | Type | Description |
|---|---|---|
http_request_duration_seconds |
Histogram | Request latency by endpoint |
http_requests_total |
Counter | Total requests by method/endpoint/status |
download_processing_duration_seconds |
Histogram | Download processing time distribution |
s3_operation_duration_seconds |
Histogram | S3 API call latency |
active_downloads |
Gauge | Current in-progress downloads |
download_failures_total |
Counter | Failed downloads by reason |
Logs (Elasticsearch + Kibana)
- Structured JSON logs with trace IDs
- Download start/completion events
- Error logs with context
- Performance warnings (>30s operations)
Errors (Sentry)
- Uncaught exceptions
- API errors (4xx, 5xx)
- S3 connection failures
- Timeout errors
๐ Learning Objectives & Hackathon Alignment
This project aligns with Octopus Hackathon themes by teaching:
Handling Long-Running Operations
- Async job processing patterns
- Queue systems (BullMQ, Redis, SQS)
- WebSocket/SSE for real-time updates
- Polling strategies
Observability & Monitoring
- Metrics collection with Prometheus
- Dashboard creation with Grafana
- Log aggregation with Elasticsearch + Kibana
- Error tracking with Sentry
- Correlation between logs, metrics, and errors
Cloud Infrastructure
- S3-compatible object storage
- Docker multi-stage builds
- Container orchestration
- Health checks & graceful shutdown
Production Best Practices
- Input validation & sanitization
- Security headers
- Rate limiting
- CORS configuration
- CI/CD automation
- E2E testing
API Design
- RESTful endpoints
- OpenAPI specification
- Error handling
- Request correlation
๐ Project Milestones
Core Features
- [ ] Feature 1: S3 storage integrated, health check passes
- [ ] Feature 2: Architecture document with solution design
- [ ] Feature 3: โ CI/CD pipeline (already complete!)
- [ ] Feature 4: Observability dashboard with Grafana/Prometheus/Elasticsearch
Future Enhancements
Additional features will be added throughout the Octopus Hackathon to showcase agile development and multitasking capabilities across multiple domains (AI, Web3, cybersecurity, health tech, etc.)
๐ฆ Dependencies
Production Dependencies
| Package | Purpose |
|---|---|
hono |
Web framework |
@hono/node-server |
Node.js adapter for Hono |
@hono/zod-openapi |
Zod + OpenAPI integration |
@hono/otel |
OpenTelemetry middleware |
@hono/sentry |
Sentry error tracking |
@aws-sdk/client-s3 |
S3 client |
hono-rate-limiter |
Rate limiting |
@scalar/hono-api-reference |
API documentation UI |
zod |
Schema validation |
Development Dependencies
| Package | Purpose |
|---|---|
typescript |
Type checking |
@hono/eslint-config |
Linting rules |
prettier |
Code formatting |
@types/node |
Node.js type definitions |
๐ Common Issues & Solutions
Issue 1: Download Timeout
Problem: Request times out before download completes Solution: This is the intended challenge! Implement Challenge 2 architecture.
Issue 2: S3 Storage Not Available
Problem: Health check returns "storage":"error"
Solution: Ensure MinIO service is running and configured correctly in Docker Compose.
Issue 3: Prometheus Metrics Not Showing
Problem: No metrics appear in Grafana dashboards Solution: Ensure Prometheus is scraping the API endpoint and Grafana datasource is configured.
Issue 4: Rate Limit Exceeded
Problem: Getting 429 Too Many Requests
Solution: Adjust RATE_LIMIT_MAX_REQUESTS or wait for the window to reset.
๐ Next Steps
Complete Core Features:
- Set up MinIO in Docker Compose
- Configure S3 client with MinIO endpoint
- Implement Prometheus metrics instrumentation
- Set up Grafana dashboards
- Configure Elasticsearch for logging
- Design async architecture
Add Octopus Hackathon Enhancements:
- Integrate AI/ML capabilities (potential)
- Add Web3 features (potential)
- Implement advanced security features
- Build comprehensive monitoring dashboards
Production Readiness:
- Complete testing suite
- Add deployment automation
- Performance optimization
- Security hardening
๐ Resources
Official Documentation
Recommended Reading
- Long-Running Operations in REST APIs
- BullMQ Queue System
- WebSocket vs SSE vs Long Polling
- Distributed Tracing Best Practices
๐ค Contributing
While this is a hackathon project, the codebase follows best practices:
- Code Style: Prettier + ESLint
- Commits: Descriptive commit messages
- Testing: E2E tests must pass
- Documentation: Update relevant docs
๐ License
MIT License - See LICENSE file
๐ Conclusion
This project demonstrates a production-ready microservice handling real-world challenges, embodying the Octopus Hackathon spirit of intelligent multitasking:
โ Long-running operations with timeout handling โ Comprehensive observability (multi-domain monitoring) โ Cloud-native architecture (Docker, S3) โ Security best practices โ Automated CI/CD pipeline โ Interactive API documentation โ Extensible architecture for future enhancements
Embrace the octopus spirit - agile, creative, and always reaching! ๐๐
Built With
- aws-sdk-for-javascript-v3
- aws-sdk/client-s3
- cors
- docker
- docker-compose
- elasticsearch
- eslint
- github-actions
- grafana
- hono
- hono-rate-limiter
- hono/node-server
- hono/sentry
- hono/zod-openapi
- javascript
- kibana
- minio
- node.js-24
- openapi-3.0
- prettier
- prometheus
- scalar
- sentry
- typescript
- zod
Log in or sign up for Devpost to join the conversation.