Where possible we need to disable the test infrastructures access to the production databases and environment. This is part security and part best practices. This won't be fun for everyone but we need to do it.
For the moment, I'd like to munge data from FAS1 and replicate it onto the test boxes. By munge, I mean: remove all identifying information. So all keys, passwords, comments, phone numbers, etc are removed. username/human_name/email are set to new random values. I'll attach a quick python script that can do that.
This allows us to continue to test some of our apps against live application data when that depends on information contained in the FAS (userid to username mapping).
For FAS2, we'll have to re-evaluate this. The plan is to change from numeric id's in the databases to username ids. This presents both a problem and an opportunity:
1) Problem: We cannot munge the data to the same extent on a test server. We will need to keep the username, at which point there's little to be gained in clearing the human_name or email. However, we can still clear keys, passwords, phone numbers, etc. It depends on how paranoid we want to be.
2) Opportunity: For most lookups into FAS we just want to be able to display a nice name instead of userid. Human_name is ideal, but username, which would then be in the application's database, can be used as a fallback. So we might be able to get rid of the need to connect to the FAS for most things.
However, this might all be moot. If we're going to be connecting directly to the LDAP server in order to authenticate instead of our current sync scripts the test boxes will already have access to that production data. There might not be any security gain from creating a second, test FAS in that setup.
Script to anonymize FAS1 data
we actually did do a lot of this, but it's not going to get done by the change freeze. F10!
This is done now, publictest is now out of PHX and we have a staging server with identical data to production for us to test with. I think this meets all the requirements.
to comment on this ticket.