I've been flicking through Continuous Deployment and one section early on about changing configuration information in our applications particularly caught my eye:
In our experience, it is an enduring myth that configuration information is somehow less risky to change than source code. Our bet is that, given access to both, we can stop your system at least as easily by changing the configuration as by changing the source code.
In many organisations where I've worked this is generally adhered to except when it comes to configuration which is controlled from the database!
If there was a change to be made to source code or configuration on the file system then the application would go through a series of regression tests (often manual) to ensure that the application would still work after the change.
If it was a database change then that just be made and there would be no such process.
Making a change to database configuration is pretty much the same as making any other change and if we don't treat it the same way then we can run into all kinds of trouble as the authors point out:
If we change the source code, there are a variety of ways in which we are protected from ourselves; the compiler will rule out nonsense, and automated tests should catch most other errors. On the other hand, most configuration information is free-form and untested.
Alex recently wrote about his use of deployment smoke tests – another suggestion of the authors – to ensure that we don't break our application by making configuration changes.
Organisations often have painful processes for releasing software but I think it makes more sense to try and fix those rather than circumnavigating them and potentially making our application behave unexpectedly in production.