如何打造安全的本地开发环境?
我目前正在与另一位开发人员在集中式开发服务器上进行 Web 开发。在过去,这很有效,因为我们正在开展两个独立的项目,并且很少发生冲突。然而现在,我们正在添加第三个(可能的)开发人员。这显然会给其他开发人员的更改带来问题,影响我的工作,反之亦然。为了解决这个问题,我认为最好的解决方案是创建一个虚拟机,在开发人员之间分发以供本地使用。我遇到的问题是涉及数据库时。
鉴于我们都在笔记本电脑上进行开发,简单地保留实时数据的本地副本是非常愚蠢的。
我考虑过清理数据,但我真的不知道如何替换真实数据,用代表人们实际输入内容的数据,而无需一遍又一遍地重复相同的信息,例如每个人的地址都变成123测试巷,测试镇,华盛顿州,99999 之类的。这真的是值得担心的事情吗?有没有工具可以帮助解决此类问题?我正在使用MySQL。理想情况下,如果我清理数据库,应该通过我可以定期运行的脚本来完成。如果我这样做,我还需要一种方法来减少数据库本身的大小。 (我想我可以选择 x 之后创建的所有记录,然后将它们以及相应表中的所有记录删除,这样这并不是什么大问题。)
我想到的第二个解决方案是加密vm,但我不确定这在速度方面以及在笔记本电脑丢失/被盗的情况下有多实用。如果我这样做,虚拟机硬盘文件本身应该加密还是应该在虚拟机中加密? (我假设后者是因为它是可移植的,并且不需要开发人员在他们选择的操作系统上具有任何类型的加密功能。)
第三个是在我们的开发服务器上为每个开发人员创建数据库的副本然后他们负责通过迁移脚本或您拥有的方式使模式与规范数据库保持同步。这个解决方案似乎是最简单的,但随着更多开发人员的添加,它并不能真正扩展。
你如何处理这个问题?
I'm currently doing web development with another developer on a centralized development server. In the past this has worked alright, as we have two separate projects we are working on and rarely conflict. Now, however, we are adding a third (possible) developer into the mix. This is clearly going to create problems with other developers changes affecting my work and vice versa. To solve this problem, I'm thinking the best solution would be to create a virtual machine to distribute between the developers for local use. The problem I have is when it comes to the database.
Given that we all develop on laptops, simply keeping a local copy of the live data is plain stupid.
I've considered sanitizing the data, but I can't really figure out how to replace the real data, with data that would be representative of what people actually enter with out repeating the same information over and over again, e.g. everyone's address becomes 123 Testing Lane, Test Town, WA, 99999 or something. Is this really something to be concerned about? Are there tools to help with this sort of thing? I'm using MySQL. Ideally, if I sanitized the db it should be done from a script that I can run regularly. If I do this I'd also need a way to reduce the size of the db itself. (I figure I could select all the records created after x and whack them and all the records in corresponding tables out so that isn't really a big deal.)
The second solution I've thought of is to encrypt the hard drive of the vm, but I'm unsure of how practical this is in terms of speed and also in the event of a lost/stolen laptop. If I do this, should the vm hard drive file itself be encrypted or should it be encrypted in the vm? (I'm assuming the latter as it would be portable and doesn't require the devs to have any sort of encryption capability on their OS of choice.)
The third is to create a copy of the database for each developer on our development server that they are then responsible to keep the schema in sync with the canonical db by means of migration scripts or what have you. This solution seems to be the simplest but doesn't really scale as more developers are added.
How do you deal with this problem?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(3)
使用虚假数据——如果必须的话,请投资数据生成器,但请不要在开发环境中使用真实数据,特别是当对数据的访问可能受到损害时。我更熟悉 MS SQL 工具,但在谷歌上搜索“MySQL 数据生成器”调出了 EMS SqlManager 和 Datanamic。
Use fake data -- invest in a data generator if you must, but please don't use real data in a development environment, especially if it's possible that access to it may be compromised. I'm more familiar with tools for MS SQL, but googling for "MySQL data generator" brought up EMS SqlManager and Datanamic.
正如 tvanfosson 提到的,使用假数据而不是实时数据。这样做不仅可以保证实时数据的安全,还可以让您测试不同的场景,例如国际名称等。
至于如何分发数据库,您的架构和创建脚本确实应该处于源代码控制中,因此每个开发人员都可以根据需要创建数据库的本地副本。
As tvanfosson mentioned, use fake data instead of live. Doing so will not only keep the live data safe but also allow you to test different scenarios, such as international names and such.
As for how to distribute your DB, your schema and creation scripts really should be in source control, so each developer can create a local copy of the database as they see fit.
您可以设置一个固定装置(种子数据)系统。您提供一次数据,然后根据需要多次将其放入数据库中。这可以保存在源代码控制中,以便所有用户使用/更新装置。
我认为自动发电机通常不是一个好主意。他们很难生成真实的信息。夹具可以让您获取这些信息并知道这就是您正在寻找的东西。您还可以使用固定装置来突破验证器的界限。
第一次设置可能需要一些时间,但我认为您将获得用于测试的更高质量的数据。
问候,
贾斯汀
You could set up a fixtures (seed data) system. You provide the data once and it gets put into the db as many times as you need. That could be held in source control so that the fixtures are used/updated by all users.
I think that auto-generators are usually a bad idea. It is hard for them to generate information that could be real. Fixtures would allow you to make this information and know that it is what you are looking for. You could also push the bounds of your validators by using fixtures.
It may take a bit of time to set up the first time around, but I think you will get a much higher quality of data that is put in for testing.
Regards,
Justin