GH-46: Syncdb with #42#50
Conversation
…arams, reduce container calls
Remove unnecessary confirmation prompts since the command is deliberately invoked by the user. Build the import-db command as an array instead of using eval, and pass --skip-hooks flag through to ddev import-db when requested. Remove post-run hints that are redundant when hooks handle deployment steps.
|
|
||
| # Sanitize imported database (remove sensitive data). | ||
| drush sqlsan -y || { display_error_message "Database sanitization failed"; exit 1; } | ||
| drush deploy -y || { display_error_message "Drupal deploy failed"; exit 1; } |
There was a problem hiding this comment.
This shouldn't be on by default. Let's introduce --deploy flag instead with drush deploy and drush uli included.
There was a problem hiding this comment.
With the --skip-hooks these are not executed so no need for flag on it, i rather would keep this since on a normal workflow i want to have dev at the latest configs
There was a problem hiding this comment.
95% of time I also need to import configs and update db right after import so I would enable deploy by default too. In rare cases I need to debug production db locally, there's the --skip-hooks
Only thing against deploy is the the fact that it relies on drush version. It seems in rare cases running clear cache first can cause db errors and that's done in 12.x
https://www.drush.org/12.x/deploycommand/
In newer versions config import is first:
https://www.drush.org/14.x/deploycommand/
If we can't agree on this here, then maybe meeting is needed.
| # --- 6. Read remote alias details from Drush --- | ||
| if ! alias_details=$(ddev drush sa "$SITE_ALIAS" 2>&1); then | ||
| # --- 5. Read remote alias details from Drush --- | ||
| if ! alias_details=$(ddev drush sa "$SITE_ALIAS" --format=yaml 2>&1); then |
| fi | ||
|
|
||
| # --- 4. Prepare dumps directory --- | ||
| # --- 3. Prepare dumps directory --- |
There was a problem hiding this comment.
Dropping a database should always be accompanied by a warning, I would keep it and the --force flag.
There was a problem hiding this comment.
Warning is okay but extra steps for just to import is kinda tedious. If that would be needed i suggest you promote this feature to be added upstream to ddev
There was a problem hiding this comment.
Ok, let's remove --force. I'll commit the change.
| PROJECT_ROOT="$PWD" | ||
| fi | ||
| # Ensure DDEV_APPROOT is set for any downstream consumers. | ||
| DDEV_APPROOT="$PROJECT_ROOT" |
| ddev syncdb <alias> # e.g. ddev syncdb prod | ||
| ddev syncdb prod --backup # Back up local DB before overwriting | ||
| ddev syncdb prod --force # Skip confirmation prompt | ||
| ddev syncdb prod --skip-hooks # Skip ddev hooks |
|
Thanks again for the work on this! I still have concerns about the The issue
ddev syncdb prod --skip-hooks # No sanitization!The local database would then contain:
If a developer's laptop is lost, stolen, or compromised - that's a GDPR violation. Additionally, the current approach doesn't support a common use case: running sanitization WITHOUT deployment. With Safer alternativeThis PR is based on my GH-46 branch (PR #47), which intentionally takes a different approach:
# PR #47 (GH-46) approach
ddev syncdb prod # imports + sanitizes (safe default, no deploy)
ddev syncdb prod --deploy # imports + sanitizes + deploysSuggestionCould we consider merging the improvements from this PR (alias parsing, error handling) back into PR #47, but:
Happy to discuss further! |
Skip hooks has much higher value since there even might be some project specific hooks to run which are not always wanted. I would rather take this another way. Add sanitation into syncdb script and keep the |
|
So |
3 participants
Overview