Most systems have multiple configuration profiles one for
production, one for development and often other profiles for staging,
testing etc. Minimising differences between these configurations
is critical but there are inevitably some things that just have to be
different. This then leaves the question, what should the default
settings be?
There are three main options:
- Default to production values
- Default to development values
- Refuse to start unless an environment has been explicitly chosen
My preference is to default to development values. Why?
Development
values should be “safe†in terms of any external integrations. So a
developer isn’t going to accidentally start sending real buy or sell
instructions to your stock broker.
There are more developers than
production systems. If you default to production systems, every
developer needs to remember to switch to development mode whenever they
setup a new checkout. Defaulting to development mode means it just works
for the most common case.
Checking authentication credentials for
external systems into your source control system is generally
considered a bad security practice, so the default values are unlikely
to actually work in production anyway.
The down side with
defaulting to development is it’s possible to accidentally deploy to
production with development values causing an outage. This can be pretty
easily prevented with automated deployments or using tools like RPM
where files can be marked as config and thus avoid overwriting them when
doing updates.
Refusing to start is the worst of all worlds every developer has to specify a configuration mode and you still risk production outages by not specifying a mode.