Comment on Privacy disaster as LGBTQ+ and BDSM dating apps leak private photos.
sugar_in_your_tea@sh.itjust.works 4 days agoThat would require us to manually remake this user account
That sounds fine? Just add it to the script when down-syncing. Or keep auth details in a separate DB and only sync that as needed (that’s what we do).
The customer is paranoid, as the project is their public facing website, so they want testing against the actual prod environment.
That’s the main problem then, not this testing engineer. We do test directly on prod, but it’s not our QA engineers doing the testing, but our support staff and product owners (i.e. people who already have prod access). They verify that the new functionality works as expected and do a quick smoke test to make sure critical flows aren’t totally busted. This covers the “paranoid customer” issue while also keeping engineers away from prod.
Maybe you’re doing something like that now, idk, but I highly recommend that flow.
yoshman@lemmy.world 4 days ago
We resolved it by making him use pipeline vars for his scripts. Like we told him to do in the beginning.
He fought it because he wanted his scripts the same for all projects. Including hard coded usernames and passwords. So, it was mostly his fault.
sugar_in_your_tea@sh.itjust.works 4 days ago
Ah, makes a ton of sense. We do the same, basically use a
.envfile for local dev and OPs overrides the vars with whatever makes sense for the environment.yoshman@lemmy.world 4 days ago
Yeah. Since he was a subcontractor, he wanted all his scripts to be the same, no matter who the customer was.
I was like jesus christ, I’m lazy too and want to automate everything, but edit your stupid scripts to use env vars.