Adapt GDPRify commands
SimonMellerin opened this issue · 2 comments
To be fully GDPR-compatible the workflow needs to be rethink.
We will drop current db-tools:anonymization:run
/db-tools:anonymize
command.
Current db-tools:gdprify
will become db-tools:anonymization:run
/db-tools:anonymize
.
This command will be use like this:
db-tools:anonymize /path/to/my/backup
- backup current database
- import given backup file
- anonymize database
- export database overwriting the given backup file
- restore initial database backup
The documentation will describe a fully GDPR-compatible workflow :
- On your prod env launch :
db-tools:backup
- Download this backup file on a secured environment (like a preprod)
- launch
db-tools:anonymize /path/to/my/backup
on this secured environment - download and restore the anonymized backup on your local machine
The db-tools:anonymize
command will also start by warn user that he should not run this command on an ensecured env.
The command could be run with a --current-database
then it will behavior like the old version of db-tools:anonymize
.
The command will be interactive by default (ask if, you want to backup/restore the current database)but should be launch with -n
if you want to run it the classic way (with a backup and a restore of the current state)
I would name --current-database as --in-place but that's minor nitpik.
Otherwise, I'd always add a confirmation prompt when running db-tools:anonymize
that explains what's its going to do, and informing that both actions exists (anonymizing the local database, or backup-import-anonymize-export-restore).
Otherwise, I'd always add a confirmation prompt when running db-tools:anonymize that explains what's its going to do, and informing that both actions exists (anonymizing the local database, or backup-import-anonymize-export-restore).
Yep ! That's what's currently happened and I also think it should be kept like that.
Currently, to run the command without this prompt, you can use the --force
option.
Also, this command just can't be run when ENV
var is prod
.