Dear OpenStack devs, A recent review [1] dragged into spotlight how damaging improper use of external code inside migrations can be.
Basically in my mind the incident raises 2 issues that I think we should look into: 1) How can we make reviewing changes with db migrations more robust Since we use sqlalchemy-migrate to version our database, the package's documentation [2] states how care needs to be taken when importing code inside a db migration script. It seems like this can be taken care of with a hacking rule that will fail the patch if anything outside a subset of modules is imported and used. I might be missing an angle where such an approach could cause issues, so feel free to comment in replies. IIUC - this is something we might want to enforce even when/if we move to using Alembic for migrations. 2) What are acceptable changes The patch also raised the question of what is acceptable level of changes. The only guidelines I could find are [3] and they seem fuzzy enough that we might want to be more specific, or introduce stricter testing guidelines. All comments are more than welcome, Thanks, Nikola [1] https://review.openstack.org/#/c/39929/ [2] https://sqlalchemy-migrate.readthedocs.org/en/v0.7.2/versioning.html#edit-the-change-script [3] https://wiki.openstack.org/wiki/DbMigrationChangeGuidelines _______________________________________________ OpenStack-dev mailing list [email protected] http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
