Skip to content

App-level support for sandbox overlay (on_sandbox, sandbox seeds, production-safe seeding)#1257

Draft
aaronskiba wants to merge 20 commits intointegrationfrom
aaron/sandbox
Draft

App-level support for sandbox overlay (on_sandbox, sandbox seeds, production-safe seeding)#1257
aaronskiba wants to merge 20 commits intointegrationfrom
aaron/sandbox

Conversation

@aaronskiba
Copy link
Collaborator

@aaronskiba aaronskiba commented Jan 14, 2026
edited
Loading

⚠️ Operational Notes

  1. The sandbox environment runs with RAILS_ENV=production. To create and populate the sandbox database, execute:

    bin/rails db:setup

    This command must only be run against the sandbox overlay.
    Running bin/rails db:setup against any non-sandbox overlay will create and seed a production-mode database and may result in data loss.

  2. This PR must be coordinated with another corresponding PR (not yet published) that adds the sandbox overlay in
    https://github.com/portagenetwork/roadmap-deploy.

  3. Before merging, rails export_production_data:build_sandbox_data should be run one final time against an up-to-date production database dump to ensure the committed sandbox seed files reflect current production data.

Summary

This PR introduces application-level support for a sandbox overlay and prepares the codebase to safely run sandbox environments using RAILS_ENV=production.

Disabling Unwanted Features via FeatureFlagHelper / on_sandbox

Note: For these changes to fully take effect, onSandbox: 'true' must be set in the sandbox overlay's config.

Sandbox seed generation

  • Limit num of Orgs in sandbox seed data & refactor

    • This change limits the number of orgs generated via the sandbox seeds files to 3.
      • The 3 orgs will be the app's default org ("Alliance") as well as the English and French test organisations.
      • Org.all.each do |org| was previously used for generating the sandbox orgs. The code would create one sandbox org for each existing org in the db (1200+).

  • Update generation/handling of sandbox templates

    • This change now only uses the default funder templates as well as two "test" templates for generating seed data.
      • The code removed from db/seeds/sandbox/seeds_4.rb now exists in def sandbox_templates.

  • Filter Guidances/Groups by default + test orgs

  • Rename db/seeds/sandbox -> db/seeds/production

    • Our sandbox environment will still use RAILS_ENV=production. Thus, these seeds files will have to live in db/seeds/production.

  • Enable seed-loading in db/seeds/production.rb

    • This change ensures bin/rails db:setup correctly loads sandbox seed data for the sandbox overlay.
    • Removed legacy, staging-only seed logic used "For 3.1.0 Migration only"
      • (before_seeds:copy_data, staging seed loading, and rewrite_postgres:retrieve_data).
    • Enabled the sandbox seed-loading path and updated it to load db/seeds/production/*.rb instead of sandbox, since the sandbox overlay runs with RAILS_ENV=production.

Remove deprecated secrets

As a result of this PR's changes, a number of secrets have been removed from charts/dmp-roadmap/templates/app/configmap.yaml and config/secrets.yml

Additional Notes

Reference: Sandbox Seed Contents

The sandbox seed files generate a constrained, production-safe dataset intended for demo, testing, and statistics only.

Seeded Data Overview

Orgs

  • 3 total:
    • Default org ("Digital Research Alliance of Canada")
    • Test Organization (English)
    • Organisation de test (French)

Question Formats

  • Copies all existing question formats

Guidance Groups & Guidances

  • All guidance groups and guidances belonging to the 3 orgs described above

Templates

  • All published Alliance templates
  • One test template per test org

Plans

  • 15 total
    • 5 Alliance
    • 5 for English test org
    • 5 for French test org
  • Titles and descriptions are non-production placeholders

Languages

  • en-CA
  • fr-CA

Users

  • 1 superuser
  • 1 org admin per test org
  • 60 regular users:
    • 20 Alliance / English
    • 20 English test org / English
    • 20 French test org / French

Reference: Notes For PR Reviewers

This PR includes new sandbox database seed generation. The commands below can be used as a reference to test sandbox database creation and verify that its contents are generated correctly.

Local setup tips for reviewers

Environment variables

Before running the setup command, add the following to your .env file:

ON_SANDBOX=true
USER_PASSWORD="password1A!"
  • ON_SANDBOX=true enables sandbox-specific behavior required by the new seeds.
  • USER_PASSWORD ensures seed-generated users are created with a valid password that satisfies validation rules.

Validating sandbox DB and seed generation

To test the full sandbox database initialization and seed process:

DISABLE_DATABASE_ENVIRONMENT_CHECK=1 RAILS_ENV=production bin/rails db:setup

This executes the sandbox database creation and ensures the new seed logic runs as intended.

@github-actions
Copy link

github-actions bot commented Jan 14, 2026

1 Error
🚫 Please include a CHANGELOG entry. You can find it at CHANGELOG.md.
2 Warnings
⚠️ There are code changes, but no corresponding tests. Please include tests if this PR introduces any modifications in behavior. \n
Ignore this warning if the PR ONLY contains translation.io synced updates.
⚠️ This PR is too big! Consider breaking it down into smaller PRs.

Generated by 🚫 Danger

@aaronskiba
Add config/initializers/sandbox.rb to disable emails
a5d9e9c 
All deployed environments use `RAILS_ENV=production` and `config/environments/production.rb`.
This initializer allows the sandbox overlay to override `config/environments/${RAILS_ENV}.rb` settings.

- Prevents actual email deliveries when `Rails.application.secrets.on_sandbox.to_s == 'true'`
- Note: Uses secrets directly to avoid autoloading FeatureFlagHelper during initialization
@aaronskiba
Disable SSO if on_sandbox feature flag is enabled
9c28f64 
app/controllers/users/omniauth_callbacks_controller.rb
- Added before_action to block `def openid_connect` from executing when the `on_sandbox` feature flag is enabled

app/views/devise/registrations/_personal_details.html.erb
- Added logic to hide the 'Link your institutional credentials' link when the `on_sandbox` feature flag is enabled

app/views/shared/_sign_in_form.html.erb
- Added logic to hide the 'Sign in with institutional or social ID' when the `on_sandbox` feature flag is enabled
@aaronskiba
Replace .funder_org_id with .default_funder_id
08903a1 
`Rails.application.secrets.funder_org_id` is not used outside of these seeds files and `Rails.application.config.default_funder_id` appears to do the same work.
@aaronskiba
Remove funder_org_id from secrets and charts/
bb423a7
@aaronskiba
Limit num of Orgs in sandbox seed data & refactor
dd466e9 
This change limits the number of orgs generated via the sandbox seeds files to 3.
- The 3 orgs will be the app's default org ("Alliance") as well as the English and French test organisations.
- `Org.all.each do |org|` was previously used for generating the sandbox orgs. The code would create one sandbox org for each existing org in the db (1200+).
@aaronskiba
Ignore Guidances & GuidanceGroups in sandbox seeds
c7d885f
@aaronskiba
Update generation/handling of sandbox templates
11e5e17 
This change now only uses the default funder templates as well as two "test" templates for generating seed data.
- The code removed from `db/seeds/sandbox/seeds_4.rb` now exists in `def sandbox_templates`.
@aaronskiba
Simplify sandbox password handling
8aa0e0b 
This change enables us to remove the `super_admin_password`, `english_admin_password`, and `french_admin_password` secrets.

This change will also require additional actions:
- All of these accounts will now use `Rails.application.secrets.user_password.to_s` for the User password.
- Password uniqueness across all user accounts will have to be performed manually within the app after the rake task has completed.
  - NOTE: This was already required for the multiple "regular user" accounts created. Also, doing this for the super admin and two org admin accounts isn't that much extra work, and being able to remove the extra secrets makes it worthwhile.
@aaronskiba
Remove uneeded test_password secret
bc28f05 
This secret does not appear to be referenced anywhere in the codebase.
@aaronskiba
Refactor/Remove english_org_id & french_org_id secrets
f2b40db
@aaronskiba
Filter Guidances/Groups by default + test orgs
2f9f25e
@aaronskiba
Refactor export_portage.rake
bd8d0f8
@aaronskiba
Fix user.org for superuser in seeds_4.rb
050d6dd 
org: `Org.find_by(abbreviation: "Portage")` is intended to be the app's default org. However, the default org has since changed its abbreviation value.
@aaronskiba
Refactor seeds_4.rb
f5ec2b0 
- Added variables for `default_org`, `english`, and `french`, which addresses previous repeated db calls.
- Refactored the creation of regular users.
  - Previously, we had 3 separate (1..20).each to address the (org, language) groupings for users.
  - Now we create the same users and (org, language) groupings via a single loop
- Removed Faker references
  - Although, this seeds file will be used to populate the sandbox db, the "sandbox" environment will still use `RAILS_ENV=production`. Thus, Faker won't be available.
  - Now we have firstname = "tester#{index}" (unique value for each user), surname: 'Test' (same for every user), and `api_token: Faker::Lorem.word` has been removed.
@aaronskiba
Rename db/seeds/sandbox -> db/seeds/production
2190e77 
Our sandbox environment will still use RAILS_ENV=production. Thus, these seeds files will have to live in  db/seeds/production.
@aaronskiba
Bugfix in template assignment of sandbox seeds
e6a4fec 
`[20..50].include?(index)` and `[60..90].include?(index)` never matched because `[20..50]` is an array containing a single Range object, not a list of integers. Checking `include?(index)` on that array always returned false, so plans were never assigned the intended templates.
@aaronskiba
Update num plans & plan.template in seeds
a2b9d93 
Limit to 15 plans in sandbox seeds files
- Also reduced num plans assigned to test templates as a result.
Update plan.template so be either default_org_template, test1_template, or test2_template.
@aaronskiba
Enable seed-loading in db/seeds/production.rb
4d3915c 
This change ensures `bin/rails db:setup` correctly loads sandbox seed data for the sandbox overlay.

Removed legacy, staging-only seed logic used "For 3.1.0 Migration only"
- (`before_seeds:copy_data`, staging seed loading, and `rewrite_postgres:retrieve_data`).

Enabled the sandbox seed-loading path and updated it to load `db/seeds/production/*.rb` instead of `sandbox`, since the sandbox overlay runs with `RAILS_ENV=production`.
@aaronskiba
rails export_production_data:build_sandbox_data
f93bf7d
@aaronskiba
Add guard to prevent seeding non-sandbox overlays
2b5c983 
This change results in an error being thrown when executing `bin/rails db:setup` without `ON_SANDBOX='true'` .

This guard prevents db seeding of non-sandbox overlays.
@aaronskiba aaronskiba mentioned this pull request Jan 14, 2026
Draft
7 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@aaronskiba