Add a new strict-mode configuration option #719
Conversation
lib/sqitch-config.pod
Outdated
| @@ -484,6 +484,25 @@ by C<core.top_dir>. | |||
| The file name extension on deploy, revert, and verify SQL scripts. Defaults to | |||
| C<sql>. | |||
|
|
|||
| =item C<core.strict> | |||
There was a problem hiding this comment.
Appreciate the docs here, but I think the option and config need to be documented for every command they apply to. Should include, at least, these files, I think:
lib/sqitch-deploy.pod
lib/sqitch-revert-usage.pod
lib/sqitch-rebase.pod
lib/sqitch-revert.pod
lib/sqitch-deploy-usage.pod
lib/sqitch-checkout-usage.pod
lib/sqitch-checkout.pod
lib/sqitch-rebase-usage.pod
lib/App/Sqitch/Command/revert.pm
lib/App/Sqitch/Command/deploy.pm
The main pod files for each command also include a "Configuration Variables" that should have the strict mode documented -- anywhere the string no_prompt appears.
There was a problem hiding this comment.
I'm happy to extend the documentation of course, but in some of the cases that you listed I'm not sure what I would say.
sqitch-deploy.pod,sqitch-deploy-usage.pod, anddeploy.pm: I don't think this change affects the deploy command at all?sqitch-deploy-usage.pod,sqitch-checkout-usage.pod,sqitch-revert-usage.pod, andsqitch-rebase-usage.pod: These files don't seem to currently describe configuration options at all. Are you proposing to add new sections?deploy.pmandrevert.pm: It looks to me like these are only documenting the attributes, not the configuration, is that wrong? I don't think this PR changes any of the attributes for these two modules.
The main pod files for each command also include a "Configuration Variables" that should have the strict mode documented -- anywhere the string no_prompt appears.
I think this is covered by your suggestions above, but let me know if you disagree.
I will push a change to sqitch-rebase.pod, sqitch-revert.pod, sqitch-checkout.pod in the meantime.
There was a problem hiding this comment.
- Right, not deploy, sorry.
- I see options listed in the
-usage.podfiles; new ones like--strictthat apply to each command should be added (this is related to my other request not to make it a global option I guess). - Yeah, if you move the option to
revert.pmit would then need to be documented.
There was a problem hiding this comment.
Oh, I don't think we are adding new options here, only new configuration variables.
Unless there is something which I don't understand that automatically creates options from configuration settings?
There was a problem hiding this comment.
Oh, right. In that case it should probably follow the cascading configuration pattern of
--strict$cmd.stricttarget.$name.strictengine.$name.strictcore.strict
Most of that resolution is done in App::Sqitch::Target, using the _fetch method:
sqitch/lib/App/Sqitch/Target.pm
Lines 76 to 84 in aace1e8
I think it'd be fine to do so in a subsequent PR.
lib/sqitch-config.pod
Outdated
| @@ -484,6 +484,25 @@ by C<core.top_dir>. | |||
| The file name extension on deploy, revert, and verify SQL scripts. Defaults to | |||
| C<sql>. | |||
|
|
|||
| =item C<core.strict> | |||
There was a problem hiding this comment.
Oh, right. In that case it should probably follow the cascading configuration pattern of
--strict$cmd.stricttarget.$name.strictengine.$name.strictcore.strict
Most of that resolution is done in App::Sqitch::Target, using the _fetch method:
sqitch/lib/App/Sqitch/Target.pm
Lines 76 to 84 in aace1e8
I think it'd be fine to do so in a subsequent PR.
There was a problem hiding this comment.
Okay, did some thinking through of this proposal again, and here's where I'm at:
- Like
no_prompt,strictshould be configured as a revert variable only,revert.strict. And just asno_promptcan be set by-y, so too canstrictbe set by--strict, but also by--no-strict. There is no need forcore.strictbecause it applies to no other actions other than revert. - Why not allow the
rebasecommand to succeed when strict is enabled as long asto_changeis set? - The checkout command always has an implicit target: the most recent common change between the current and target branches. Why disable it?
- The
--strictoption must be documented for every command where it's relevant. Based on the-yoption, that's:- lib/sqitch-checkout-usage.pod
- lib/sqitch-checkout.pod
- lib/sqitch-rebase-usage.pod
- lib/sqitch-rebase.pod
- lib/sqitch-revert-usage.pod
- lib/sqitch-revert.pod
- Likewise, the
revert.strictconfig variable should be documented anywhererevert.no_promptis documented, which appears to be:- lib/sqitch-rebase.pod
- lib/sqitch-revert.pod
- lib/sqitch-checkout.pod
- lib/App/Sqitch/Role/RevertDeployCommand.pm
- lib/App/Sqitch/Command/revert.pm
Depending on where we come down on the affect on rebase and checkout, we may want to also add support for rebase.strict and checkout.strict, again just like no_prompt, but that may be excessive.
What do you think?
|
Hi David, Do you mind saying more about the use case that you imagine for the --strict and --no-strict command line options? In my mind, the purpose of the strict mode is to prevent the accidental use of potentially dangerous features, either by users who are not familiar with Sqitch, or by users who might be familiar with these commands but targeting the wrong environment. In other words, it's to protect users from accidentally doing the wrong thing. From that perspective I don't understand the situation where someone would want to enable or disable this on the command line. If you want the strict behavior, I would think you especially want it in situations where people didn't think to ask for it. Ian |
|
Ah yes, I was working off the assumption that almost every configuration in Sqitch also has an option; overlooked that your PR does not. In that case, though, I think it makes sense to follow the It might be useful to extend these two options to targets, too, as I mentioned earlier, but not necessary here. |
I agree, but maybe we can do that in a subsequent MR? |
Yes, absolutely. |
I guess my belief is that this command is good for rapid development but that when it comes to production deployments (where reverting can cause data loss) it would be better to be more explicit about what changes should be reverted. The whole idea of reverting and then re-deploying seems to me like an exceptional workflow in a production environment — even though it could happen from time to time, it's better to be explicit about it. (Assuming you meant |
It's less about the possibility that all changes would be reverted and more about the possibility than anything could be reverted without the operator having the specific intention to revert those specific changes. In other words, "implied target change" is probably usually better than "revert everything", but still risky. |
functionality that could be perceived as creating risks to production environments.
|
@theory What do you think about this latest attempt? |
Yes, that's what I meant, was thinking about it from the POV of consistency. This is part of why I've been thinking it'd be useful to support the option at the target level, as you would want strict enabled for a prod target but not a dev target. That said, we can leave it as |
Looks good, I think it's almost there. I'll pull it down and give it a through review this weekend. Thanks! |
|
Closing in favor of #735, which includes your commit. |
This new configuration option disables some functionality that could be perceived as creating risks to production environments.
To begin with, that includes: