`rake coverbands:baseline` dropped production database. about coverband HOT 5 CLOSED

We've just been debugging a very similar issue - fortunately we caught ours in development. BUT! This seems like something that should be rectified or documented. In our case, we have an engine in our lib file with a dummy app and that schema is run by coverband.

A blacklist seems like a good approach to this issue but this is also super dangerous behavior.

from coverband.

WOW, prod DB drop that is terrible. So sorry about that... I am a bit confused what has changed to have two folks hit this recently, as I have never had a report like this in the 4 years the project has been in use.

I will need to ponder a bit... Some quick thoughts:

• I run baseline on dev machine and not on production, I just send it to the same source as when I report from production
  • If that isn't clear from the docs it might be good to make that more clear, there isn't any reason to run baseline on production (or staging, QA stacks, etc) EVER.
• I guess most ruby should 'execute' on load, but generally it shouldn't have any actions. I definitely consider any scripts that do pretty dangerous
• I don't like the blacklist as it would mean you need to know what to avoid before running. So I think we will need to come up with something better and safer than that.
  • That being said since both issues are schema related perhaps skipping all schema files by default would be a smart move.
• I do run Coverband on non Rails apps, so I would like to make sure the eager load approach could accommodate both by checking for availability and falling back to other behavior.

from coverband.

I confirmed that require './db/schema.rb' on standard rails app would do this... since the schema is by default not in app or lib I haven't ever seen this or heard about it being an issue... make sense a bit more related to engines (although engines should still create folders and files in db folder).

Thinking I will add schema.rb to default exclude list and merge the PR from @latazzajones as a first line of defense.

from coverband.

ok @stephenprater coverband 1.5.2 was released with the PR from @latazzajones as well as this commit ( bf34b3b ) which will by default ignore any schema.rb files.

I still think looking at your PR and other ways to avoid this ever happening to anyone else would be good... let me know thoughts on other steps. Also, so sorry again as I have had to be part of multiple production DB recoveries in the past and I know it is a terrible thing.

from coverband.

OK closing this out based on the PR and discussion here

#90

and added warnings to readme: d1218aa

from coverband.