cybex/laravel-protector 问题修复 & 功能扩展

解决BUG、新增功能、兼容多环境部署,快速响应你的开发需求

邮箱:yvsm@zunyunkeji.com | QQ:316430983 | 微信:yvsm316

cybex/laravel-protector

Composer 安装命令:

composer require cybex/laravel-protector

包简介

Protect Databases by generating Backups and Import those on non-productive Environments.

README 文档

README

Latest Version on Packagist

This package allows you to download, export and import your application's database backups.

Important

This package will not work if you have disabled "proc_open" in your PHP configuration.

Common usage scenarios

  • Store your local database in a file
  • Non-productive developer machines can download the live server database
  • A central backup server can collect backups from multiple live servers

Feature set

  • Download and optionally import databases from a server
  • Import existing database files
  • Export the local database to a file
  • User authentication through Laravel Sanctum tokens
  • Transport encryption using Sodium

Supported databases

Protector supports the following databases:

Database Driver Dump tool Import tool
MariaDB mariadb mariadb-dump mariadb
PostgreSQL pgsql pg_dump psql

MySQL is no longer officially supported, but the Protector still has capabilities to work with Laravel's mysql driver. If this should break in the future, feel free to submit a PR.

Note

  • Source and destination databases are not validated. Make sure you run compatible software versions to prevent issues.
  • Because of different dump formats, dumps will not able to be imported into a different database engine, > e.g. a MariaDB dump will fail to be imported into PostgreSQL, and vice versa.

Notes

  • Enabling Laravel Telescope will prevent remote files from being downloaded, as it opens and discards the HTTP stream!

Table of contents

Usage

Export to file

To save a copy of your local database, run

php artisan protector:export

By default, dumps are stored in storage/app/protector on your default project disk. You can configure the target disk, filename, etc. by publishing the protector config file to your project

artisan vendor:publish --tag=protector.config

Import

Run the following command for an interactive shell

php artisan protector:import

Importing a specific source

To download and import the server database in one go, run

php artisan protector:import --remote

When used with other options, remote will serve as fallback behavior.

To import a specific database file that you downloaded earlier, run

php artisan protector:import --file=<absolute path to database file>

Or just reference the database file name relative to the protector dump directory (default is storage/app/private/protector)

php artisan protector:import --file=<name of database file>

To import the latest existing database file, run

php artisan protector:import --latest

Options

If you want to run migrations after the import of the database file, run

php artisan protector:import --migrate

For automation, also consider the flush option to clean up older database files, and the force option to bypass user interaction.

php artisan protector:import --remote --migrate --flush --force

To learn more about import options, run

php artisan protector:import --help

Setup instructions

Find below three common scenarios of usage. These are not mutually exclusive.

Setup for storing the local database

If you only want to store a copy of your local database to a disk, the setup is pretty straightforward.

Installing protector in your local Laravel project

Install the package via composer.

composer require cybex/laravel-protector

You can optionally publish the protector config to set the following options

  • fileName: the file name of the database dump
  • baseDirectory: where files are being stored
  • diskName: a dedicated Laravel disk defined in config/filesystems.php. These can point to a specific local folder or a cloud file bucket like AWS S3
artisan vendor:publish --tag=protector.config

Local usage

You can now use the artisan command to write a backup to the protector storage folder.

php artisan protector:export

By default, the file will be stored in storage/protector and have a timestamp in the name. You can also specify the filename.

You could also automate this by

  • installing a cronjob on linux
  • running it when you deploy to your server
  • creating a Laravel Job and queueing it
php artisan protector:export --file=storage/database.sql

Setup for importing the database of a remote server

This package can run on both servers and client machines of the same software repository. You set up authorized developers on the server and give them the key for their local machine.

Installing protector in your Laravel project

Install the package via composer.

composer require cybex/laravel-protector

In your User model class, add the following trait.

use Laravel\Sanctum\HasApiTokens;

class User extends Authenticatable
{
    use HasApiTokens;

    ...
}

Publish the protector database migration and optionally modify it to work with your project.

php artisan vendor:publish --tag=protector.migrations

Publish the Laravel Sanctum migration, to make the personal_access_tokens table available.

php artisan vendor:publish --tag=sanctum-migrations

Run the migrations on the client and server repository.

php artisan migrate

You can optionally publish the protector config to set options regarding the storage, access and transmission of the files.

php artisan vendor:publish --tag=protector.config

On the client machine

Run the following command to receive

  • the public key to give to your server admin
  • the private key to save in your .env file
php artisan protector:keys

Important

Do not give your private key to anyone and keep it protected at all times!

Your server admin will then give you the token and dump endpoint URL to save in your .env file.

PROTECTOR_CLIENT_AUTH_TOKEN=
PROTECTOR_CLIENT_DUMP_ENDPOINT_URL=

See Usage on how to import the remote database.

Note

Downloaded database dump files are stored unencrypted.

On the server

Make sure that the server is accessible to the client machine via HTTPS.

When one of your developers gives you their public key, you can authorize them with:

php artisan protector:token --publicKey=<public key> <user id>

You will receive the token and dump endpoint URL to give back to the developer, who has to save them in their .env file.

The developer can then download and import the server database on their own.

Setup for collecting backups from multiple servers

You can develop a custom client that can access and store remote server backups. The servers can be different Laravel projects that have the protector package installed.

See the previous chapter on how to give your backup client access to all servers. The backup client will need an according user on each target server.

  • All the backup users on the target servers will have the same public key from the client
  • For each target server, the client will store the according url and token

See cybex-gmbh/collector for an example implementation.

Configuration

The protector.php config file sets initial settings for the Protector instance.

Generally, you should keep the Protector singleton instance as is. To create a new instance with different settings, use the ProtectorConfigurator class. For all available configuration options, take a look at the ProtectorConfiguratorContract.

For example, to configure a specific auth token and dump endpoint URL:

$protector = ProtectorConfigurator::setAuthToken($authToken)->setDumpEndpointUrl($dumpEndpointUrl)->createProtector();

Dump metadata

Customize the metadata appended to a dump by adding providers to the dump.metadata.providers array in your config/protector.php file:

'providers' => [
    \Cybex\Protector\Classes\Metadata\Providers\EnvMetadataProvider::class,
    \Cybex\Protector\Classes\Metadata\Providers\GitMetadataProvider::class,
    \Path\To\Your\CustomMetadataProvider::class,
],

Available metadata providers:

  1. DatabaseMetadataProvider: Will always be appended. Adds general information about the dump, such as the database connection and dumped at date.
  2. ProtectorMetadataProvider: Adds information about the settings set on the Protector's config.
  3. EnvMetadataProvider: Adds information based on an .env value. The default .env key used for this is PROTECTOR_METADATA.
  4. GitMetadataProvider: Adds information about the Git repository, such as the current branch and revision.
  5. JsonMetadataProvider: Adds information from a JSON file. The default file path used for this is protector_metadata.json.

Note

You can create your own metadata providers by implementing the Cybex\Protector\Contracts\MetadataProvider interface. Duplicate provider keys will be merged in the final metadata array, so choose a unique key.

Tip

An example of using the JsonMetadataProvider would be to add custom metadata from a CI/CD pipeline. For example, in a GitHub Actions workflow, you could add a step that writes Git information to protector_metadata.json

- name: Protector Metadata
  shell: bash
  run: >
    jq -n \
      --arg repo ${{ github.repository }} \
      --arg branch ${{ github.ref_name }} \
      --arg revision ${{ github.sha }} \
      --arg buildDate "$(date --iso-8601=seconds --utc)" \
      '{gitRepo: $repo, gitBranch: $branch, gitRevision: $revision, buildDate: $buildDate}' > protector_metadata.json

Development

There is an example app with the Laravel Protector package installed.

The file structure in the container is as follows:

  • /var/www: example app
  • /var/package: Protector package
docker compose up -d
docker compose exec app shell
composer install

Note

We disable composer security checking for this package, as vulnerabilities would block the development. The project requiring our package should be responsible for evaluating possible vulnerabilities. For more information, see the composer documentation.

Specific to the example app, for demo data:

php artisan migrate --seed

Testing

Run tests on the MariaDB database:

composer test

Run tests on the PostgreSQL database:

composer test-postgres

Run tests on the MySQL database:

Note

Running MySQL tests on the current alpine image will not work, as the MySQL CLI command is only an alias to mariadb and does not fully support the MySQL server.

If you need to run MySQL tests, use a different image. To start up the mysql server, use docker compose --profile mysql up -d

composer test-mysql

Contributing

Please see CONTRIBUTING for details.

Security

If you discover any security-related issues, please email webdevelopment@cybex-online.com instead of using the issue tracker.

Credits

License

The MIT License (MIT). Please see License File for more information.

Laravel Package Boilerplate

This package was generated using the Laravel Package Boilerplate.

cybex/laravel-protector 适用场景与选型建议

cybex/laravel-protector 是一款 基于 PHP 开发的 Composer 扩展包,目前已累计 9.45k 次下载、GitHub Stars 达 5, 最近一次更新时间为 2021 年 08 月 02 日, 在 PHP 生态内属于活跃度较高的组件。

它主要适用于以下技术方向: 「database」 「sync」 「encryption」 「backup」 「laravel」 「cybex」 等业务场景。在实际项目中,围绕这些方向常见需要落地的问题包括:接口对接、性能调优、并发安全、与既有框架(Laravel / ThinkPHP / Yii / Webman 等)的兼容适配,以及生产环境的日志埋点与稳定性保障。

我们在过去多个企业项目中使用过 cybex/laravel-protector 或与其功能相近的方案,如果你在选型或落地过程中遇到问题,例如 版本兼容、二次改造、私有化封装、与内部系统对接、生产 BUG 排查,欢迎联系我们协助评估。

围绕 cybex/laravel-protector 我们能提供哪些服务?
定制开发 / 二次开发

基于 cybex/laravel-protector 在你已有业务上做功能扩展、字段裁剪、UI 适配、与内部账号 / 权限 / 日志系统的深度对接。

BUG 修复 & 性能优化

线上偶发问题、内存泄漏、慢查询、并发异常等排查修复;针对高流量场景做缓存、队列、索引层面的调优。

项目外包 & 长期维护

承接完整的项目从需求 → 设计 → 开发 → 上线 → 长期运维;也可按月提供技术保姆服务。

yvsm@zunyunkeji.com QQ:316430983 微信:yvsm316 西安尊云信息科技 · 专注 PHP / Go / 分布式系统研发

统计信息

  • 总下载量: 9.45k
  • 月度下载量: 0
  • 日度下载量: 0
  • 收藏数: 5
  • 点击次数: 21
  • 依赖项目数: 0
  • 推荐数: 0

GitHub 信息

  • Stars: 5
  • Watchers: 1
  • Forks: 0
  • 开发语言: PHP

其他信息

  • 授权协议: MIT
  • 更新时间: 2021-08-02