Development database credentials best practices?

StackOverflow https://stackoverflow.com/questions/21721705

Question

What are the best practices for handling credentials for internal development databases? Both for applications and developers?

Currently we create a separate user/password for every development database and we commit these credentials in our code repository. But we want to move away from storing credentials in our repositories. The problem is that both our developers and the applications need access to the databases.

  • Is it good practice to give developers their own personal account that gives them access to all dev databases? Maybe even all dev and production databases?
  • Should developers use their own personal account in their development environment? Or should they use a different one?
  • If they should use a different account, should every dev database have a separate set of credentials? Or should we create one account that can access all dev databases that developers can use in all their applications?
  • If we should use separate accounts for every dev database, how should developers get these credentials when they set up a new dev environment for themselves? We have found that trying to manually track these (e.g. a wiki) is very error prone and quickly becomes out-of-date.

If it matters, we use MySQL (Percona, to be exact).

No correct solution

OTHER TIPS

First of all make sure that development, staging and production environments are 100% independent. Therefore MySQL accounts should be separate too. It helps to make version upgrades smoothly and it's more secure. In Percona I did a dozen of recovery cases where a developer dropped a production database just because the production and development databases shared his account.

Having said that a developer should have a read-write account on the development database, read-only account on the staging database and read-only on the production.

Create the accounts for each developer, so they are responsible for storing them in secure place. Thus, you don't need to bother how to store/share accounts in safe manner.

Obviously passwords shouldn't be stored in a repository. Keep config templates in the source code tree:

    # cat config.php
    <?php

    $mysql_user="@@MYSQL_USER@";
    $mysql_password="@@MYSQL_PASSWORD@";
    $mysql_host="@@MYSQL_HOST@";
    $mysql_db="@@MYSQL_DB@";

    ?>

To make sure it's not overwritten during an upgrade tell that in .spec file

    %files www
    %config(noreplace) %attr(640, root, apache)  %{_sysconfdir}/%{project_name}/config.php
Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top