Easy way to disable `production db:push`
ktaragorn opened this issue · 12 comments
I realize that you have a prompt asking are you sure, but it would be nice to disable it outright, with a capistrano var or something
im thinking set :db_push_enabled, true
, perhaps false
is a safe default. This way u can set it seperately in each stage if needed
I agree, something like this would feel much safer.
+1
-1 :)
I think it is "oversafing". You can't do "db:push", but you still can "ssh && rm -rf" on production :)
If someone doesn't read prompt asking and always answer "Yes" - it's looks like roulette game. The shotgun can shoot with "db:push" or with "rm -rf".
Its 2 characters to change push to pull.. whereas its a lot more to type ssh ... and rm -rf.. That isnt much of an argument. I can by that argument even prove that this gem is useless...
Anyway, this request isnt meant to be security in the system security sense.. but more from casual mistakes.
I agree with you only if there aren't messages, warnings and prompts in this situation.
I don't say "it's a security issue", i think it's a problem of attention and careful to what developer enter to the console.
"ssh & rm-rf" is only one example. There are a lot of examples with 2 characters steps from good to evil. Like "oops, i pushed instead of pulling" with git.
I would say (I may be wrong) that you are much more likely to pull than push with this tool, which makes it reasonable to think that a push might be a mistake.
Whereas git push is more likely and less destructive. And github has a readonly mode...
@ktaragorn, I solve you problem!
https://gist.github.com/PanfilovDenis/8735df7a49cca6709348
copy with gist in you shell and use ultra_safe_cap
as cap
command. It's really very safe! :D
I agree with @ktaragorn, this tool is often used for pulling the database. In most situations doing a push instead of a pull would have catastrophic consequences.
@IntractableQuery has already added a parameter disallow_pushing
to tackle this problem, see commit ae25656. Looks like this has even been released already.
I'd even go further and set that setting to true
by default. Otherwise, I guess this issue could be closed.
Looks like @r00k would agree: https://twitter.com/r00k/status/603659635220951040
As @Jesus pointed out, for capistrano 3 there's disallow_pushing
option.
If you need the same for capistrano 2, check my fork https://github.com/sibsfinx/capistrano-db-tasks/tree/0.2.x
gem 'capistrano-db-tasks', github: 'sibsfinx/capistrano-db-tasks', branch: '0.2.x', require: false
close this issue with solution:
if you are highly paranoid and want to prevent any push operation to the server
set :disallow_pushing, true