go

I treat context.Context as the contract between the edge and everything downstream. The pattern here starts by creating a per-request timeout using context.WithTimeout, then storing a requestID in the context so logs and traces can correlate without p

When multiple services call the same upstream, I like a custom http.RoundTripper to centralize cross-cutting behavior: inject headers, measure duration, and apply consistent redaction rules. This keeps call sites clean and prevents copy/paste mistakes

net/http/pprof is incredibly useful during performance incidents, but it should never be open to the public internet. I register the pprof handlers on a separate mux and wrap them with Basic Auth (or, better, your real auth middleware). The important

Clients can lie about Content-Type, so for uploads I prefer sniffing the first bytes with http.DetectContentType. The safe flow is: open the multipart file, read a small prefix, detect type, then rewind (or re-open) before writing to disk or object st

I like explicit response helpers because they prevent subtle inconsistencies: missing Content-Type, forgetting Cache-Control, or writing headers after the body has started. A WriteJSON function centralizes the “happy path” and makes error handling con

A clean shutdown is part of reliability, not an afterthought. The pattern I like is: (1) start servers and workers, (2) listen for SIGINT/SIGTERM, (3) call Shutdown with a deadline, and (4) wait for background goroutines to finish. http.Server.Shutdow

The default http.Server will happily keep connections open longer than you intended, which is how you end up with “mysterious” goroutine growth during partial outages. I set ReadHeaderTimeout to protect against slowloris-style attacks, keep IdleTimeou

When you need to call multiple downstream systems, errgroup is a great way to express “do these in parallel, cancel on first failure.” The key is using errgroup.WithContext, not a plain WaitGroup, so the group can propagate cancellation. Each goroutin

Not every integration payload maps cleanly to a static struct. When I need to accept “mostly known” JSON but preserve unknown fields for auditing or forward compatibility, I use json.RawMessage. That allows me to decode the envelope (event name, versi

Even in Go, panics happen: a nil pointer in an edge case, a bad slice index, or a library bug. I don't want a single request to take down the whole process, so I wrap handlers with a recovery middleware that captures panics, logs them with request con

Scheduled jobs get risky when deploys overlap or when jobs take longer than their interval. I use robfig/cron with a wrapper that creates a per-run context.WithTimeout, adds a bit of jitter to avoid synchronized load across instances, and logs start/f

In production, you want errors that are both human-readable and machine-checkable. I wrap errors with %w so callers can still match them using errors.Is and errors.As. This avoids string comparisons like if err.Error() == ..., which break on refactors