this post was submitted on 14 Jul 2026
904 points (99.0% liked)

Programmer Humor

32303 readers
2261 users here now

Welcome to Programmer Humor!

This is a place where you can post jokes, memes, humor, etc. related to programming!

For sharing awful code theres also Programming Horror.

Rules

founded 3 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] Zannsolo@lemmy.world 8 points 18 hours ago (1 children)

We have to remote into a management server to access databases outside of our local dev environment. Allowing direct access to production from your development environment seems crazy to me.

[–] zalgotext@sh.itjust.works 2 points 18 hours ago* (last edited 18 hours ago) (2 children)

Some places deploy to prod multiple times a day. Trying to coordinate access through a management server in situations like that can get cumbersome. It's also easier to audit who's doing what if they connect from their personal environment. Different strokes for different folks of course, but it's certainly not uncommon to be able to connect to prod directly from a dev box.

[–] Zannsolo@lemmy.world 9 points 17 hours ago (1 children)

Prod deployments should come from a build server though and if you're deploying multiple times a day you should have a well built CI pipeline to handle it.

Remoting into a management server would still have people using an account on the management server and their personal db login credentials.

We also don't give devs write access to production and all scripts run in production are run by our DBA after they have been approved by the lead Dev, operations and the DBA.

This might be overkill for some systems, but we won't ever accidentally delete our prod data. Our system requires this level of scrutiny due to the nature of our systems.

[–] zalgotext@sh.itjust.works 3 points 16 hours ago (1 children)

Sure, that's a very, very robust way of doing things. And I'm not trying to say what you're describing is wrong either. I'm just saying that some places don't have the knowledge/ability to set things up that way, so they play fast and loose with prod access. Couple that with giving LLMs free reign over the computer with those prod settings, and you end up in situations like in the original post.

It's not unrealistic, is all I'm trying to claim. It's a failure on several levels, but it's not unrealistic.

[–] Zannsolo@lemmy.world 1 points 10 hours ago (1 children)

I didn't say it was unrealistic it's just stupid. I have no doubt thousands of companies are not practicing good access controls to a production db, but it's not smart as seen by this post.

[–] zalgotext@sh.itjust.works 1 points 10 hours ago

I... Yeah, I just said pretty much the same thing lol

[–] pupbiru@aussie.zone 4 points 17 hours ago* (last edited 17 hours ago)

that is absolutely NOT the way that works in any functional environment

your ability to deploy quickly comes directly from your automation, and those automation tools - NOT developers - have the secrets in them

deploy to prod multiple times per day isn’t some win by itself… the ability for large teams (not 1 fuckwit and a goon squad of agents) to deploy without breaking things and in ways that are safe is the win here… anyone can deploy to prod multiple times per day… but anyone isn’t netflix (the originators of the “multiple times per day” line) with the uptime they achieve over years while doing it