Jonathan Lalou's blog

Archive for the ‘en-US’ Category

For a Chief Technology Officer, the composition of the engineering team is a cornerstone of success. The recurring question of whether to cultivate talent internally through hiring or to leverage external expertise via outsourcing is not a mere tactical decision; it’s a strategic imperative that shapes the very DNA of the technology organization. This exploration delves deeper into the multifaceted considerations that guide a CTO’s hand in this critical balancing act.

Building a robust, internal engineering team is often the aspirational ideal for a CTO aiming for sustained innovation and deep product ownership. The advantages extend beyond the simple execution of tasks:

• Deep Contextual Mastery: An in-house team becomes deeply ingrained in the product’s intricacies, the subtle nuances of the business domain, and the overarching strategic vision. This immersive understanding fosters a profound sense of ownership, enabling more insightful problem-solving and the proactive identification of opportunities for innovation that external teams might miss. Consider the long-term impact on product evolution.
• Cultural Resonance and Collaborative Synergy: Hiring individuals who align with the company’s core values and fostering a collaborative environment creates a powerful, unified culture. In-house teams develop shared experiences, establish efficient, often unspoken, communication pathways, and build a foundation of trust, leading to more seamless teamwork and a stronger collective drive towards achieving shared goals. Think about the intangible benefits of a cohesive team.
• Strategic Knowledge Accumulation: Investing in internal talent is a long-term investment in the company’s intellectual capital. Over time, this core team amasses invaluable institutional knowledge, becomes the trusted custodians of the codebase and architectural landscape, and develops the inherent capacity to tackle increasingly complex and strategically vital challenges. They are the foundational pillars upon which future technological advancements are built. Evaluate the importance of retaining core knowledge within the organization.
• Direct Oversight and Agile Iteration: A CTO maintains direct lines of communication and managerial control over an internal team. This facilitates rapid feedback loops, enables swift iterations based on evolving user needs and market dynamics, and ensures a more agile response to strategic pivots. The CTO can directly influence the team’s technical direction, fostering innovation and ensuring tight alignment with overarching business objectives. Assess the need for rapid and direct control over development.
• Intrinsic Intellectual Property Protection: For core technologies, novel algorithms, and innovative solutions that constitute the company’s unique competitive advantage, entrusting development to a carefully vetted in-house team within a secure environment significantly mitigates the inherent risks associated with intellectual property leakage or unauthorized external dissemination. Prioritize the security of your core innovations.

While cultivating a strong in-house core is often the long-term aspiration, a pragmatic CTO recognizes the strategic advantages that outsourcing can offer at various stages of a company’s growth:

• Accelerated Velocity and Scalable Capacity: When confronted with tight deadlines, sudden market opportunities, or temporary surges in workload, outsourcing provides immediate access to a larger and more readily available talent pool. This enables rapid team scaling and faster project completion, crucial for meeting critical milestones or capitalizing on time-sensitive market windows. Consider the urgency and scalability requirements of specific projects.
• Targeted Cost-Efficiency for Specialized Skills: For well-defined, short-to-medium term projects requiring highly specialized skills that are not core to the company’s ongoing operations or are needed only intermittently, outsourcing can often be more cost-effective than the total cost of hiring full-time employees, including salary, benefits, training, and long-term overhead. Analyze the long-term cost implications versus project-based expenses.
• Access to Niche and Emerging Technological Expertise: The ever-evolving technology landscape frequently demands expertise in niche or emerging areas that might not yet reside within the internal team. Outsourcing provides a flexible avenue to tap into this specialized knowledge, explore cutting-edge technologies, and gain valuable insights without the long-term commitment of a permanent hire. Evaluate the need for specialized skills not currently present in-house.
• Operational Flexibility and Resource Agility: Outsourcing offers the agility to scale resources up or down based on fluctuating project demands, providing a more flexible approach to resource allocation without the long-term financial and administrative commitments associated with permanent headcount adjustments. Assess the need for flexible resource allocation.
• Strategic Focus on Core Strengths: By strategically delegating non-core development tasks or peripheral projects to external partners, a CTO can liberate the internal team to concentrate their finite resources and expertise on the company’s core technological strengths, strategic initiatives, and the development of key differentiating features that directly contribute to the company’s competitive advantage. Determine which tasks are truly core to your competitive edge.

The decision to hire or outsource is rarely a straightforward choice. A strategic CTO will meticulously analyze a multitude of interconnected factors:

• The Complexity and Expected Lifespan of the Project: Highly complex, long-term initiatives often benefit from the deep understanding and sustained commitment of an in-house team. Shorter, more modular projects might be well-suited for outsourcing.
• The Stringency of Budgetary Constraints: Early-stage startups often operate with razor-thin margins, making cost-effectiveness a paramount consideration. A detailed cost-benefit analysis is crucial.
• The Urgency of Delivery and Time-to-Market Pressures: In fast-paced markets, the ability to rapidly deploy solutions can be a critical differentiator. Outsourcing can sometimes accelerate timelines.
• The Strategic Significance and Sensitivity of Intellectual Property: Core innovations and proprietary technologies demand the security and control afforded by an internal team.
• The Availability, Cost, and Quality of Local and Global Talent Pools: The geographical location of the company and the accessibility of specific skill sets will influence the feasibility and cost-effectiveness of both hiring and outsourcing.
• The Potential Impact on Company Culture, Team Morale, and Internal Knowledge Sharing: Integrating external teams requires careful management to avoid disrupting internal dynamics and hindering knowledge transfer.
• The Long-Term Technological Vision and the Importance of Building Internal Expertise for Future Innovation: A CTO must consider the long-term implications for the company’s technological capabilities and avoid over-reliance on external resources for core competencies.
• The Maturity of the Company and its Internal Processes for Managing External Vendors: Effectively managing outsourced teams requires established processes for communication, quality control, and performance monitoring.

In today’s dynamic technological landscape, the most effective strategy for a CTO often involves a carefully considered hybrid approach. Building a strong, innovative in-house team for core product development and long-term strategic initiatives, while strategically leveraging external partners to augment capacity, access specialized skills, or accelerate the delivery of specific, well-defined projects, can provide the optimal balance of control, agility, and cost-effectiveness. The key is not to view hiring and outsourcing as mutually exclusive options, but rather as complementary tools in the CTO’s strategic arsenal. Continuous evaluation of the company’s evolving needs, resource constraints, and long-term vision is paramount to making informed and impactful decisions about team composition.

If you’re working with the AWS SDK for Java and you’ve seen the following log message:

WARN --- AmazonS3Client : No content length specified for stream data. Stream contents will be buffered in memory and could result in out of memory errors.

…you’re not alone. This warning might seem harmless at first, but it can lead to serious issues, especially in production environments.

What’s Really Happening?

This message appears when you upload a stream to Amazon S3 without explicitly setting the content length in the request metadata.

When that happens, the SDK doesn’t know how much data it’s about to upload, so it buffers the entire stream into memory before sending it to S3. If the stream is large, this could lead to:

• Excessive memory usage
• Slow performance
• OutOfMemoryError crashes

✅ How to Fix It

Whenever you upload a stream, make sure you calculate and set the content length using ObjectMetadata.

Example with Byte Array:

byte[] bytes = ...; // your content
ByteArrayInputStream inputStream = new ByteArrayInputStream(bytes);

ObjectMetadata metadata = new ObjectMetadata();
metadata.setContentLength(bytes.length);

PutObjectRequest request = new PutObjectRequest(bucketName, key, inputStream, metadata);
s3Client.putObject(request);

Example with File:

File file = new File("somefile.txt");
FileInputStream fileStream = new FileInputStream(file);

ObjectMetadata metadata = new ObjectMetadata();
metadata.setContentLength(file.length());

PutObjectRequest request = new PutObjectRequest(bucketName, key, fileStream, metadata);
s3Client.putObject(request);

What If You Don’t Know the Length?

Sometimes, you can’t know the content length ahead of time (e.g., you’re piping data from another service). In that case:

• Write the stream to a ByteArrayOutputStream first (good for small data)
• Use the S3 Multipart Upload API to stream large files without specifying the total size

Conclusion

Always set the content length when uploading to S3 via streams. It’s a small change that prevents large-scale problems down the road.

By taking care of this up front, you make your service safer, more memory-efficient, and more scalable.

Got questions or dealing with tricky S3 upload scenarios? Drop them in the comments!

From the trenches of an early-stage startup, a CTO’s gaze is fixed on the horizon, but the immediate focus must remain sharply on the ground beneath our feet. The siren song of building a perfectly scalable and architecturally pristine system can be deafening, promising a future of effortless growth. However, for most young companies navigating the volatile landscape of product validation, this pursuit can be a perilous detour. The core imperative? **Relentlessly deliver valuable product features to your initial users.**

In these formative months and years, the paramount goal is **validation**. We must rigorously prove that our core offering solves a tangible problem for a discernible audience and, crucially, that they are willing to exchange value (i.e., money) for that solution. This validation is forged through rapid iteration on our fundamental features, the diligent collection and analysis of user feedback, and the agility to pivot our product direction based on those insights. A CTO understands that time spent over-engineering for a distant future is time stolen from this critical validation process.

Dedicating significant and scarce resources to crafting intricate architectures and achieving theoretical hyper-scalability before establishing a solid product-market fit is akin to constructing a multi-lane superhighway leading to a town with a mere handful of inhabitants. The infrastructure might be an impressive feat of engineering, but its utility is severely limited, representing a significant misallocation of precious capital and effort.

The Early-Stage Advantage: Why the Monolith Often Reigns Supreme

From a pragmatic CTO’s standpoint, the often-underappreciated monolithic architecture presents several compelling advantages during a startup’s vulnerable early lifecycle:

The CTO’s Caution: Resisting the Siren Call of Premature Complexity

The pervasive industry discourse surrounding microservices, Kubernetes, and other distributed technologies can exert considerable pressure on a young engineering team to adopt these paradigms prematurely. However, a seasoned CTO recognizes the inherent risks and advocates for a more pragmatic approach in the early stages:

The Tipping Point: When a CTO Strategically Considers Advanced Architectures

A pragmatic CTO understands that the architectural landscape isn’t static. The transition towards more sophisticated architectures becomes a strategic imperative when the startup achieves demonstrable and sustained traction:

The CTO’s Guiding Principle: Feature Focus Now, Scalability When Ready

As a CTO navigating the turbulent waters of an early-stage startup, the guiding principle remains clear: empower the engineering team to build and iterate rapidly on product features using the most straightforward and efficient tools available. For the vast majority of young companies, a well-architected monolith serves this purpose admirably. A CTO will continuously monitor the company’s growth trajectory and performance metrics, strategically considering more complex architectures like microservices and their associated infrastructure *only when the business need becomes unequivocally evident and the financial resources are appropriately aligned*. The unwavering focus must remain on delivering tangible value to users and rigorously validating the core product in the market. Scalability is a future challenge to be embraced when the time is right, not a premature obsession that jeopardizes the crucial initial progress.

Having recently absorbed my esteemed colleague Danish Javed’s insightful piece on Docker Networking (https://www.linkedin.com/pulse/docker-networking-danish-javed-rzgyf) – a truly worthwhile read for anyone navigating the container landscape – I felt compelled to further explore a critical facet: the intricate security considerations surrounding Docker networking. While Danish laid a solid foundation, let’s delve deeper into how we can fortify our containerized environments at the network level.

Beyond the Walls: Understanding Default Docker Network Isolation

As Danish aptly described, Docker’s inherent isolation, primarily achieved through Linux network namespaces, provides a foundational layer of security. Each container operates within its own isolated network stack, preventing direct port conflicts and limiting immediate interference. Think of it as each container having its own virtual network interface card and routing table within the host’s kernel.

However, it’s crucial to recognize that this isolation is a boundary, not an impenetrable fortress. Containers residing on the *same* Docker network (especially the default bridge network) can often communicate freely. This unrestricted lateral movement poses a significant risk. If one container is compromised, an attacker could potentially pivot and gain access to other services within the same network segment.

Architecting for Security: Leveraging Custom Networks for Granular Control

The first crucial step towards enhanced security is strategically utilizing **custom bridge networks**. Instead of relying solely on the default bridge, design your deployments with network segmentation in mind. Group logically related containers that *need* to communicate on dedicated networks.

docker network create frontend-network
docker network create backend-network
docker network create payment-network
        

docker run --name frontend --network frontend-network -p 80:80 frontend-image
docker run --name auth --network backend-network -p 8081:8080 auth-image
docker run --name users --network backend-network -p 8082:8080 users-image
docker run --name payment --network payment-network -p 8083:8080 payment-image
docker network connect frontend-network auth
docker network connect frontend-network users
docker network connect backend-network users
docker network connect payment-network auth
        

The Fine-Grained Firewall: Implementing Network Policies with CNI Plugins

For truly granular control over inter-container traffic, **Docker Network Policies**, facilitated by CNI (Container Network Interface) plugins like Calico, Weave Net, Cilium, and others, are essential. These policies act as a micro-firewall at the container level, allowing you to define precise rules for ingress (incoming) and egress (outgoing) traffic based on labels, network segments, and port protocols.

apiVersion: networking.k8s.io/v1 # (Calico often aligns with Kubernetes NetworkPolicy API)
kind: NetworkPolicy
metadata:
  name: allow-web-to-db
spec:
  podSelector:
    matchLabels:
      app: db
  ingress:
  - from:
    - podSelector:
        matchLabels:
          app: web
    ports:
    - protocol: TCP
      port: 5432
  policyTypes:
  - Ingress
        

Essential Best Practices for a Secure Docker Network

Beyond network segmentation and policies, a holistic approach to Docker network security involves several key best practices:

• Apply the Principle of Least Privilege Network Access: Just as you would with user permissions, grant containers only the necessary network connections required for their specific function. Avoid broad, unrestricted access.
• Isolate Sensitive Workloads on Dedicated, Strictly Controlled Networks: Databases, secret management tools, and other critical components should reside on isolated networks with rigorously defined and enforced network policies.
• Internal Port Obfuscation: While exposing standard ports externally might be necessary, consider using non-default ports for internal communication between services on the same network. This adds a minor layer of defense against casual scanning.
• Exercise Extreme Caution with --network host: This mode bypasses all container network isolation, directly exposing the container’s network interfaces on the host. It should only be used in very specific, well-understood scenarios with significant security implications considered. Often, there are better alternatives.
• Implement Regular Network Configuration Audits: Periodically review your Docker network configurations, custom networks, and network policies (if implemented) to ensure they still align with your security posture and haven’t been inadvertently misconfigured.
• Harden Host Firewalls: Regardless of your internal Docker network configurations, ensure your host machine’s firewall (e.g., iptables, ufw) is properly configured to control all inbound and outbound traffic to the host and any exposed container ports.
• Consider Network Segmentation Beyond Docker: For larger and more complex environments, explore network segmentation at the infrastructure level (e.g., using VLANs or security groups in cloud environments) to further isolate groups of Docker hosts or nodes.
• Maintain Up-to-Date Docker Engine and CNI Plugins: Regularly update your Docker engine and any installed CNI plugins to benefit from the latest security patches and feature enhancements. Vulnerabilities in these core components can have significant security implications.
• Implement Robust Network Monitoring and Logging: Monitor network traffic within your Docker environment for suspicious patterns or unauthorized connection attempts. Centralized logging of network events can be invaluable for security analysis and incident response.
• Secure Service Discovery Mechanisms: If you’re using service discovery tools within your Docker environment, ensure they are properly secured to prevent unauthorized registration or discovery of sensitive services.

Conclusion: A Multi-Layered Approach to Docker Network Security

Securing Docker networking is not a one-time configuration but an ongoing process that requires a layered approach. By understanding the nuances of Docker’s default isolation, strategically leveraging custom networks, implementing granular network policies with CNI plugins, and adhering to comprehensive best practices, you can significantly strengthen the security posture of your containerized applications. Don’t underestimate the network as a critical control plane in your container security strategy. Proactive and thoughtful network design is paramount to building resilient and secure container environments.

Overview

This Python script (rss_to_ebook.py) converts RSS or Atom feeds into EPUB format eBooks, allowing you to read your favorite blog posts and news articles offline in your preferred e-reader. The script intelligently handles both RSS 2.0 and Atom feed formats, preserving HTML formatting while creating a clean, readable eBook.

Key Features

• Dual Format Support: Works with both RSS 2.0 and Atom feeds
• Smart Pagination: Automatically handles paginated feeds using multiple detection methods
• Date Range Filtering: Select specific date ranges for content inclusion
• Metadata Preservation: Maintains feed metadata including title, author, and description
• HTML Formatting: Preserves original HTML formatting while cleaning unnecessary elements
• Duplicate Prevention: Automatically detects and removes duplicate entries
• Comprehensive Logging: Detailed progress tracking and error reporting

Technical Details

The script uses several Python libraries:

• feedparser: For parsing RSS and Atom feeds
• ebooklib: For creating EPUB files
• BeautifulSoup: For HTML cleaning and processing
• logging: For detailed operation tracking

Usage

python rss_to_ebook.py <feed_url> [--start-date YYYY-MM-DD] [--end-date YYYY-MM-DD] [--output filename.epub] [--debug]

Parameters:

• feed_url: URL of the RSS or Atom feed (required)
• --start-date: Start date for content inclusion (default: 1 year ago)
• --end-date: End date for content inclusion (default: today)
• --output: Output EPUB filename (default: rss_feed.epub)
• --debug: Enable detailed logging

Example

python rss_to_ebook.py https://example.com/feed --start-date 2024-01-01 --end-date 2024-03-31 --output my_blog.epub

Requirements

• Python 3.x
• Required packages (install via pip):

  pip install feedparser ebooklib beautifulsoup4

How It Works

1. Feed Detection: Automatically identifies feed format (RSS 2.0 or Atom)
2. Content Processing:
   • Extracts entries within specified date range
   • Preserves HTML formatting while cleaning unnecessary elements
   • Handles pagination to get all available content
3. EPUB Creation:
   • Creates chapters from feed entries
   • Maintains original formatting and links
   • Includes table of contents and navigation
   • Preserves feed metadata

Error Handling

• Validates feed format and content
• Handles malformed HTML
• Provides detailed error messages and logging
• Gracefully handles missing or incomplete feed data

Use Cases

• Create eBooks from your favorite blogs
• Archive important news articles
• Generate reading material for offline use
• Create compilations of related content

Gist: GitHub

Here is the script:

#!/usr/bin/env python3

import feedparser
import argparse
from datetime import datetime, timedelta
from ebooklib import epub
import re
from bs4 import BeautifulSoup
import logging

# Configure logging
logging.basicConfig(
    level=logging.INFO,
    format='%(asctime)s - %(levelname)s - %(message)s',
    datefmt='%Y-%m-%d %H:%M:%S'
)

def clean_html(html_content):
    """Clean HTML content while preserving formatting."""
    soup = BeautifulSoup(html_content, 'html.parser')
    
    # Remove script and style elements
    for script in soup(["script", "style"]):
        script.decompose()
    
    # Remove any inline styles
    for tag in soup.find_all(True):
        if 'style' in tag.attrs:
            del tag.attrs['style']
    
    # Return the cleaned HTML
    return str(soup)

def get_next_feed_page(current_feed, feed_url):
    """Get the next page of the feed using various pagination methods."""
    # Method 1: next_page link in feed
    if hasattr(current_feed, 'next_page'):
        logging.info(f"Found next_page link: {current_feed.next_page}")
        return current_feed.next_page
    
    # Method 2: Atom-style pagination
    if hasattr(current_feed.feed, 'links'):
        for link in current_feed.feed.links:
            if link.get('rel') == 'next':
                logging.info(f"Found Atom-style next link: {link.href}")
                return link.href
    
    # Method 3: RSS 2.0 pagination (using lastBuildDate)
    if hasattr(current_feed.feed, 'lastBuildDate'):
        last_date = current_feed.feed.lastBuildDate
        if hasattr(current_feed.entries, 'last'):
            last_entry = current_feed.entries[-1]
            if hasattr(last_entry, 'published_parsed'):
                last_entry_date = datetime(*last_entry.published_parsed[:6])
                # Try to construct next page URL with date parameter
                if '?' in feed_url:
                    next_url = f"{feed_url}&before={last_entry_date.strftime('%Y-%m-%d')}"
                else:
                    next_url = f"{feed_url}?before={last_entry_date.strftime('%Y-%m-%d')}"
                logging.info(f"Constructed date-based next URL: {next_url}")
                return next_url
    
    # Method 4: Check for pagination in feed description
    if hasattr(current_feed.feed, 'description'):
        desc = current_feed.feed.description
        # Look for common pagination patterns in description
        next_page_patterns = [
            r'next page: (https?://\S+)',
            r'older posts: (https?://\S+)',
            r'page \d+: (https?://\S+)'
        ]
        for pattern in next_page_patterns:
            match = re.search(pattern, desc, re.IGNORECASE)
            if match:
                next_url = match.group(1)
                logging.info(f"Found next page URL in description: {next_url}")
                return next_url
    
    return None

def get_feed_type(feed):
    """Determine if the feed is RSS 2.0 or Atom format."""
    if hasattr(feed, 'version') and feed.version.startswith('rss'):
        return 'rss'
    elif hasattr(feed, 'version') and feed.version == 'atom10':
        return 'atom'
    # Try to detect by checking for Atom-specific elements
    elif hasattr(feed.feed, 'links') and any(link.get('rel') == 'self' for link in feed.feed.links):
        return 'atom'
    # Default to RSS if no clear indicators
    return 'rss'

def get_entry_content(entry, feed_type):
    """Get the content of an entry based on feed type."""
    if feed_type == 'atom':
        # Atom format
        if hasattr(entry, 'content'):
            return entry.content[0].value if entry.content else ''
        elif hasattr(entry, 'summary'):
            return entry.summary
    else:
        # RSS 2.0 format
        if hasattr(entry, 'content'):
            return entry.content[0].value if entry.content else ''
        elif hasattr(entry, 'description'):
            return entry.description
    return ''

def get_entry_date(entry, feed_type):
    """Get the publication date of an entry based on feed type."""
    if feed_type == 'atom':
        # Atom format uses updated or published
        if hasattr(entry, 'published_parsed'):
            return datetime(*entry.published_parsed[:6])
        elif hasattr(entry, 'updated_parsed'):
            return datetime(*entry.updated_parsed[:6])
    else:
        # RSS 2.0 format uses pubDate
        if hasattr(entry, 'published_parsed'):
            return datetime(*entry.published_parsed[:6])
    return datetime.now()

def get_feed_metadata(feed, feed_type):
    """Extract metadata from feed based on its type."""
    metadata = {
        'title': '',
        'description': '',
        'language': 'en',
        'author': 'Unknown',
        'publisher': '',
        'rights': '',
        'updated': ''
    }
    
    if feed_type == 'atom':
        # Atom format metadata
        metadata['title'] = feed.feed.get('title', '')
        metadata['description'] = feed.feed.get('subtitle', '')
        metadata['language'] = feed.feed.get('language', 'en')
        metadata['author'] = feed.feed.get('author', 'Unknown')
        metadata['rights'] = feed.feed.get('rights', '')
        metadata['updated'] = feed.feed.get('updated', '')
    else:
        # RSS 2.0 format metadata
        metadata['title'] = feed.feed.get('title', '')
        metadata['description'] = feed.feed.get('description', '')
        metadata['language'] = feed.feed.get('language', 'en')
        metadata['author'] = feed.feed.get('author', 'Unknown')
        metadata['copyright'] = feed.feed.get('copyright', '')
        metadata['lastBuildDate'] = feed.feed.get('lastBuildDate', '')
    
    return metadata

def create_ebook(feed_url, start_date, end_date, output_file):
    """Create an ebook from RSS feed entries within the specified date range."""
    logging.info(f"Starting ebook creation from feed: {feed_url}")
    logging.info(f"Date range: {start_date.strftime('%Y-%m-%d')} to {end_date.strftime('%Y-%m-%d')}")
    
    # Parse the RSS feed
    feed = feedparser.parse(feed_url)
    
    if feed.bozo:
        logging.error(f"Error parsing feed: {feed.bozo_exception}")
        return False
    
    # Determine feed type
    feed_type = get_feed_type(feed)
    logging.info(f"Detected feed type: {feed_type}")
    
    logging.info(f"Successfully parsed feed: {feed.feed.get('title', 'Unknown Feed')}")
    
    # Create a new EPUB book
    book = epub.EpubBook()
    
    # Extract metadata based on feed type
    metadata = get_feed_metadata(feed, feed_type)
    
    logging.info(f"Setting metadata for ebook: {metadata['title']}")
    
    # Set basic metadata
    book.set_identifier(feed_url)  # Use feed URL as unique identifier
    book.set_title(metadata['title'])
    book.set_language(metadata['language'])
    book.add_author(metadata['author'])
    
    # Add additional metadata if available
    if metadata['description']:
        book.add_metadata('DC', 'description', metadata['description'])
    if metadata['publisher']:
        book.add_metadata('DC', 'publisher', metadata['publisher'])
    if metadata['rights']:
        book.add_metadata('DC', 'rights', metadata['rights'])
    if metadata['updated']:
        book.add_metadata('DC', 'date', metadata['updated'])
    
    # Add date range to description
    date_range_desc = f"Content from {start_date.strftime('%Y-%m-%d')} to {end_date.strftime('%Y-%m-%d')}"
    book.add_metadata('DC', 'description', f"{metadata['description']}\n\n{date_range_desc}")
    
    # Create table of contents
    chapters = []
    toc = []
    
    # Process entries within date range
    entries_processed = 0
    entries_in_range = 0
    consecutive_out_of_range = 0
    current_page = 1
    processed_urls = set()  # Track processed URLs to avoid duplicates
    
    logging.info("Starting to process feed entries...")
    
    while True:
        logging.info(f"Processing page {current_page} with {len(feed.entries)} entries")
        
        # Process current batch of entries
        for entry in feed.entries[entries_processed:]:
            entries_processed += 1
            
            # Skip if we've already processed this entry
            entry_id = entry.get('id', entry.get('link', ''))
            if entry_id in processed_urls:
                logging.debug(f"Skipping duplicate entry: {entry_id}")
                continue
            processed_urls.add(entry_id)
            
            # Get entry date based on feed type
            entry_date = get_entry_date(entry, feed_type)
            
            if entry_date < start_date:
                consecutive_out_of_range += 1
                logging.debug(f"Skipping entry from {entry_date.strftime('%Y-%m-%d')} (before start date)")
                continue
            elif entry_date > end_date:
                consecutive_out_of_range += 1
                logging.debug(f"Skipping entry from {entry_date.strftime('%Y-%m-%d')} (after end date)")
                continue
            else:
                consecutive_out_of_range = 0
                entries_in_range += 1
                
                # Create chapter
                title = entry.get('title', 'Untitled')
                logging.info(f"Adding chapter: {title} ({entry_date.strftime('%Y-%m-%d')})")
                
                # Get content based on feed type
                content = get_entry_content(entry, feed_type)
                
                # Clean the content
                cleaned_content = clean_html(content)
                
                # Create chapter
                chapter = epub.EpubHtml(
                    title=title,
                    file_name=f'chapter_{len(chapters)}.xhtml',
                    content=f'<h1>{title}</h1>{cleaned_content}'
                )
                
                # Add chapter to book
                book.add_item(chapter)
                chapters.append(chapter)
                toc.append(epub.Link(chapter.file_name, title, chapter.id))
        
        # If we have no entries in range or we've seen too many consecutive out-of-range entries, stop
        if entries_in_range == 0 or consecutive_out_of_range >= 10:
            if entries_in_range == 0:
                logging.warning("No entries found within the specified date range")
            else:
                logging.info(f"Stopping after {consecutive_out_of_range} consecutive out-of-range entries")
            break
            
        # Try to get more entries if available
        next_page_url = get_next_feed_page(feed, feed_url)
        if next_page_url:
            current_page += 1
            logging.info(f"Fetching next page: {next_page_url}")
            feed = feedparser.parse(next_page_url)
            if not feed.entries:
                logging.info("No more entries available")
                break
        else:
            logging.info("No more pages available")
            break
    
    if entries_in_range == 0:
        logging.error("No entries found within the specified date range")
        return False
    
    logging.info(f"Processed {entries_processed} total entries, {entries_in_range} within date range")
    
    # Add table of contents
    book.toc = toc
    
    # Add navigation files
    book.add_item(epub.EpubNcx())
    book.add_item(epub.EpubNav())
    
    # Define CSS style
    style = '''
    @namespace epub "http://www.idpf.org/2007/ops";
    body {
        font-family: Cambria, Liberation Serif, serif;
    }
    h1 {
        text-align: left;
        text-transform: uppercase;
        font-weight: 200;
    }
    '''
    
    # Add CSS file
    nav_css = epub.EpubItem(
        uid="style_nav",
        file_name="style/nav.css",
        media_type="text/css",
        content=style
    )
    book.add_item(nav_css)
    
    # Create spine
    book.spine = ['nav'] + chapters
    
    # Write the EPUB file
    logging.info(f"Writing EPUB file: {output_file}")
    epub.write_epub(output_file, book, {})
    logging.info("EPUB file created successfully")
    return True

def main():
    parser = argparse.ArgumentParser(description='Convert RSS feed to EPUB ebook')
    parser.add_argument('feed_url', help='URL of the RSS feed')
    parser.add_argument('--start-date', help='Start date (YYYY-MM-DD)', 
                        default=(datetime.now() - timedelta(days=365)).strftime('%Y-%m-%d'))
    parser.add_argument('--end-date', help='End date (YYYY-MM-DD)',
                        default=datetime.now().strftime('%Y-%m-%d'))
    parser.add_argument('--output', help='Output EPUB file name',
                        default='rss_feed.epub')
    parser.add_argument('--debug', action='store_true', help='Enable debug logging')
    
    args = parser.parse_args()
    
    if args.debug:
        logging.getLogger().setLevel(logging.DEBUG)
    
    # Parse dates
    start_date = datetime.strptime(args.start_date, '%Y-%m-%d')
    end_date = datetime.strptime(args.end_date, '%Y-%m-%d')
    
    # Create ebook
    if create_ebook(args.feed_url, start_date, end_date, args.output):
        logging.info(f"Successfully created ebook: {args.output}")
    else:
        logging.error("Failed to create ebook")

if __name__ == '__main__':
    main()