• Overview
    Frameworks
    • Drupal
    • WordPress
    • Symfony
    • Magento
    • See all frameworks
    Features
    • Observability
    • Auto-scaling
    Solutions
    • Marketing Teams
    • Retail
    • Higher Education
  • Pricing
  • Featured articles
    • Switching to Platform.sh can help IT/DevOps organizations drive 219% ROI
    • Organizations, the ultimate way to manage your users and projects
  • Support
  • Docs
  • Contact
  • Login
  • Free Trial
Blog

Automatically sanitize your database on development environments

drupalphp
May 19, 2016
Augustin Delaporte
Augustin Delaporte
VP Product

You’re developing your site on Platform.sh and you love the fact that you get exact copies of your production site for every Git branch that you push.

But now that you think about it, you realize that all those copies used by your development team to implement new features or fixes contain production data (like user emails, user passwords…). And that all the people working on the project will have access to that sensitive data.

So you come up with the idea to write a custom script to automatically sanitize the production data every time you copy the production site or synchronize your development environments. Next you think of a way to automatically run that script. Possibly a custom Jenkins job that you will maintain yourself. But, of course, you will need to update this Jenkins job for every new project you work on. Plus, you will have to figure out the permissions for this script to give proper access to your site.

So Simple

But wait, what if I told you that all this hassle can be handled in a simple deployment hook that Platform.sh provides?

Indeed, with Platform.sh, every action will trigger specific hooks where you can interact either with the build phase or the deployment phase of the process.

For example with Drupal, you can use the  drush sql-sanitize  command to sanitize your database and get rid of sensitive live information.

Also you need to make sure that the sanitization only runs on the development environments and never on the master environment (you will hate me if that happens):

type: php:7.0
build:
flavor: drupal
hooks:
build: |
# Whatever you want to do during the build phase.
deploy: |
cd /app/public
if [ $PLATFORM_ENVIRONMENT = "master" ]; then
# Do whatever you want on the production site.
else
drush -y sql-sanitize --sanitize-email=user_%uid@example.com --sanitize-password=custompassword
fi
drush -y updatedb

If you are not working with Drupal, you can even run your own sanitization script. Read more about build and deployment hooks on our public documentation.

To access the deploy hook logs on the server:

$ platform ssh
web@kjh43kbobssae-development--php:~$ cat /var/log/deploy.log
[2016-05-18 10:14:13.872085] Launching hook 'cd /app/public
if [ $PLATFORM_ENVIRONMENT = "master" ]; then
# Do whatever you want on the production site. 
else
drush -y sql-sanitize --sanitize-email=user_%uid@example.com --sanitize-password=custompassword
fi
drush -y updatedb
The following operations will be done on the target database:
* Reset passwords and email addresses in users table
* Truncate Drupal's sessions table
Do you really want to sanitize the current database? (y/n): y
No database updates required                                           [success]

That’s it! Sleep well now ;)

Get the latest Platform.sh news and resources
Subscribe

Related Content

Cover image

PHP 8.1 lays new ground on Platform.sh

Company

AboutSecurity and complianceTrust CenterBoard and investorsCareersPressContact us
System StatusPrivacyTerms of ServiceImpressumWCAG ComplianceManage your cookie preferencesReport a security issue
© 2022 Platform.sh. All rights reserved.
Supported by Horizon 2020's SME Instrument - European Commission 🇪🇺