Easy way to disable `production db:push`

Question

Easy way to disable `production db:push`

ktaragorn opened this issue 10 years ago · 12 comments

I realize that you have a prompt asking are you sure, but it would be nice to disable it outright, with a capistrano var or something

regedarek commented 10 years ago

+1

Answer 1 · 2014-05-24T07:46:16.000Z

im thinking set :db_push_enabled, true, perhaps false is a safe default. This way u can set it seperately in each stage if needed

Answer 2 · 2014-07-29T10:19:34.000Z

I agree, something like this would feel much safer.

Answer 3 · 2015-04-27T12:48:47.000Z

-1 :)
I think it is "oversafing". You can't do "db:push", but you still can "ssh && rm -rf" on production :)
If someone doesn't read prompt asking and always answer "Yes" - it's looks like roulette game. The shotgun can shoot with "db:push" or with "rm -rf".

Answer 4 · 2015-04-27T12:52:18.000Z

Its 2 characters to change push to pull.. whereas its a lot more to type ssh ... and rm -rf.. That isnt much of an argument. I can by that argument even prove that this gem is useless...

Anyway, this request isnt meant to be security in the system security sense.. but more from casual mistakes.

Answer 5 · 2015-04-27T13:26:40.000Z

I agree with you only if there aren't messages, warnings and prompts in this situation.
I don't say "it's a security issue", i think it's a problem of attention and careful to what developer enter to the console.
"ssh & rm-rf" is only one example. There are a lot of examples with 2 characters steps from good to evil. Like "oops, i pushed instead of pulling" with git.

Answer 6 · 2015-04-27T13:50:45.000Z

I would say (I may be wrong) that you are much more likely to pull than push with this tool, which makes it reasonable to think that a push might be a mistake.

Whereas git push is more likely and less destructive. And github has a readonly mode...

Answer 7 · 2015-04-27T14:47:48.000Z

@ktaragorn, I solve you problem!
https://gist.github.com/PanfilovDenis/8735df7a49cca6709348

copy with gist in you shell and use ultra_safe_cap as cap command. It's really very safe! :D

Answer 8 · 2015-05-21T13:57:55.000Z

I agree with @ktaragorn, this tool is often used for pulling the database. In most situations doing a push instead of a pull would have catastrophic consequences.

@IntractableQuery has already added a parameter disallow_pushing to tackle this problem, see commit ae25656. Looks like this has even been released already.

I'd even go further and set that setting to true by default. Otherwise, I guess this issue could be closed.

Answer 9 · 2015-05-27T21:50:54.000Z

Looks like @r00k would agree: https://twitter.com/r00k/status/603659635220951040

Answer 10 · 2015-05-30T07:42:15.000Z

As @Jesus pointed out, for capistrano 3 there's disallow_pushing option.
If you need the same for capistrano 2, check my fork https://github.com/sibsfinx/capistrano-db-tasks/tree/0.2.x
gem 'capistrano-db-tasks', github: 'sibsfinx/capistrano-db-tasks', branch: '0.2.x', require: false

Answer 11 · 2015-09-10T15:19:06.000Z

close this issue with solution:

if you are highly paranoid and want to prevent any push operation to the server

set :disallow_pushing, true