Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update PANTHEON_SITE_NAME and TERMINUS_PLUGINS to prefer variables over secrets #470

Merged
merged 7 commits into from Mar 19, 2024
Merged

Update PANTHEON_SITE_NAME and TERMINUS_PLUGINS to prefer variables over secrets #470

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
7 commits
Select commit Hold shift + click to select a range
472ca07
Update PantheonReviewApps.yml
davereid Mar 7, 2024
adbf598
Update PantheonReviewAppsDDEV.yml
davereid Mar 7, 2024
09b7a3e
Update TestGitHubActions.yml
davereid Mar 7, 2024
7329d27
Update README.md
davereid Mar 7, 2024
e2d6413
Update PantheonReviewApps.yml
davereid Mar 7, 2024
6ba3d7c
Update README.md
davereid Mar 7, 2024
69fb976
Merge branch 'main' into davereid/463-patheon-site-name-var
davereid Mar 18, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
2 changes: 1 addition & 1 deletion .github/workflows/TestGitHubActions.yml
View file
Open in desktop
Expand Up @@ -101,7 +101,7 @@ jobs:
github-token: ${{ secrets.GITHUB_TOKEN }}
terminus-token: ${{ secrets.PANTHEON_TERMINUS_TOKEN }}
commit-message: ${{ github.sha }}
site-name: ${{ secrets.PANTHEON_SITE_NAME }}
site-name: ${{ vars.PANTHEON_SITE_NAME || secrets.PANTHEON_SITE_NAME }}
lock-username: ${{ secrets.PANTHEON_REVIEW_USERNAME }}
lock-password: ${{ secrets.PANTHEON_REVIEW_PASSWORD }}
# set to "true" if you want to run the installer
Expand Down
15 changes: 8 additions & 7 deletions README.md
View file
Open in desktop
Expand Up @@ -433,12 +433,13 @@ To enable deployment of Pantheon Review Apps:
}
```
- Run `composer install` to install the workflow to `.github/workflows`
- Add the following secrets to your repository:
- Add the following [variables to your GitHub repository](https://docs.github.com/en/actions/learn-github-actions/variables#creating-configuration-variables-for-a-repository):
- `PANTHEON_SITE_NAME` The canonical site name in Pantheon
- `TERMINUS_PLUGINS` (optional) Comma-separated list of Terminus plugins to be available
- Add the following [secrets to your GitHub repository](https://docs.github.com/en/codespaces/managing-codespaces-for-your-organization/managing-development-environment-secrets-for-your-repository-or-organization#adding-secrets-for-a-repository):
- `PANTHEON_TERMINUS_TOKEN` See https://pantheon.io/docs/terminus/install#machine-token
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ah, this is the gitHUB section. The hunk below is the gitLAB section.

- `PANTHEON_SITE_NAME` The canonical site name
- `SSH_PRIVATE_KEY` A private key of a user which can push to Pantheon
- `SSH_KNOWN_HOSTS` The result of running `ssh-keyscan -H codeserver.dev.$PANTHEON_SITE_ID.drush.in`
- `TERMINUS_PLUGINS` (optional) Comma-separated list of Terminus plugins to be available
- `PANTHEON_REVIEW_USERNAME` (optional) A username for HTTP basic auth local
- `PANTHEON_REVIEW_PASSWORD` (optional) The password to lock the site with

Expand Down Expand Up @@ -524,10 +525,10 @@ Requires `GITLAB_ACCESS_TOKEN` variable to be set, which is an access token with
- Run `composer install`
- Add your Pantheon `site-name` to the last job in the new
workflow file at `.github/workflows/PantheonReviewApps.yml`
- Add the following secrets to your repository:
- `PANTHEON_TERMINUS_TOKEN` See https://pantheon.io/docs/terminus/install#machine-token
- `SSH_PRIVATE_KEY` A private key of a user which can push to Pantheon
- `SSH_KNOWN_HOSTS` The result of running `ssh-keyscan -H codeserver.dev.$PANTHEON_SITE_ID.drush.in`
- Add the following [variables to your GitLab repository](https://docs.gitlab.com/ee/ci/variables/#for-a-project):
- `PANTHEON_TERMINUS_TOKEN` See https://pantheon.io/docs/terminus/install#machine-token (enable the _Mask variable_ checkbox)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Interesting. GitLab uses variables, but can mask the variable! TIL.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm assuming since they were varables already for gitlab, that there isn't any change needed in the gitlab action. yeah, looks that way since https://github.com/Lullabot/drainpipe/blob/main/scaffold/gitlab/PantheonReviewApps.gitlab-ci.yml doesn't specify variable or secret.

- `SSH_PRIVATE_KEY` A private key of a user which can push to Pantheon (enable the _Mask variable_ checkbox)
- `SSH_KNOWN_HOSTS` The result of running `ssh-keyscan -H codeserver.dev.$PANTHEON_SITE_ID.drush.in` (enable the _Mask variable_ checkbox)
- `TERMINUS_PLUGINS` Comma-separated list of Terminus plugins to be available (optional)

This will setup Merge Request deployment to Pantheon Multidev environments. See
Expand Down
4 changes: 2 additions & 2 deletions scaffold/github/workflows/PantheonReviewApps.yml
View file
Open in desktop
Expand Up @@ -48,7 +48,7 @@ jobs:
- uses: ./.github/actions/drainpipe/pantheon/setup-terminus
with:
pantheon-token: ${{ secrets.PANTHEON_TERMINUS_TOKEN }}
terminus-plugins: ${{ secrets.TERMINUS_PLUGINS }}
terminus-plugins: ${{ vars.TERMINUS_PLUGINS || secrets.TERMINUS_PLUGINS }}

- uses: php-actions/composer@v6

Expand All @@ -66,6 +66,6 @@ jobs:
github-token: ${{ secrets.GITHUB_TOKEN }}
terminus-token: ${{ secrets.PANTHEON_TERMINUS_TOKEN }}
commit-message: ${{ github.sha }}
site-name: ${{ secrets.PANTHEON_SITE_NAME }}
site-name: ${{ vars.PANTHEON_SITE_NAME || secrets.PANTHEON_SITE_NAME }}
lock-username: ${{ secrets.PANTHEON_REVIEW_USERNAME }}
lock-password: ${{ secrets.PANTHEON_REVIEW_PASSWORD }}
2 changes: 1 addition & 1 deletion scaffold/github/workflows/PantheonReviewAppsDDEV.yml
View file
Open in desktop
Expand Up @@ -44,7 +44,7 @@ jobs:
github-token: ${{ secrets.GITHUB_TOKEN }}
terminus-token: ${{ secrets.PANTHEON_TERMINUS_TOKEN }}
commit-message: ${{ github.sha }}
site-name: ${{ secrets.PANTHEON_SITE_NAME }}
site-name: ${{ vars.PANTHEON_SITE_NAME || secrets.PANTHEON_SITE_NAME }}
lock-username: ${{ secrets.PANTHEON_REVIEW_USERNAME }}
lock-password: ${{ secrets.PANTHEON_REVIEW_PASSWORD }}
# set to "true" if you want to run the installer
Expand Down