Open nrdevau opened 1 month ago
Hello @nrdevau
All functions except generate
are dry run mode by default and require --force
.
The generate
one is bit more fun, because we fall back to the magento core to handle the crypt key generation and application. It is tightly coupled to the process of redoing core_config data and sales_order_payment data.
Figuring something out to make generate
actually give you an indication of what its going to do, before it does it would be nice.
Thoughts
changeEncryptionKey
and go down a completley different journey in dry run mode, not do any key handling but only the db queries?_reEncryptSystemConfigurationValues
more fully, so that we can do the querying of data without the manipulation? same for _reEncryptCreditCardNumbers
Ok, so it's dry run by default, nice! I just get used to the --dry-run
flag, but I too prefer the --force
mentality :+1:
Yeah it flips it around in this way, to ensure no side effects by default.
None of the documentation includes --force to ensure no copy/paste mess ups
For the dry run, maybe it's going to be better as some gene:analyse
command. That could be pretty nice.
For now I am using the following to understand what I'm working with
echo "core config values that will change"
php bin/magento gene:encryption-key-manager:reencrypt-unhandled-core-config-data | grep path
echo "TFA Values to change $(php bin/magento gene:encryption-key-manager:reencrypt-tfa-data | grep config_id | wc -l)"
echo "db tables to look at"
zgrep -P "VALUES\s*\(.*\d:\d:...*'" /not/public_html/please/database.sql | awk '{print $3}' | uniq
I think this would be seen as a feature request?
It would be great to be able to get a sense of the amount that would change, specific to my codebase before actually changing it, that way we can plan downtime windows as accurately as possible.
This is more of a nice to have, but it would be nice to have ;)