Local Development Usage
Developing locally presents some unique challenges once Pantheon Secrets are built into your workflow. These are some tips to help you get past struggling with trying to reproduced secret behavior while developing locally.
Local Environment Usage
The Pantheon Secrets SDK includes a CustomerSecretsFakeClient implementation that is used when the SDK runs outside of Pantheon infrastructure. This client uses a secrets JSON file to build the secrets information emulating what happens on the platform using the Secrets service.
To get this file, you should use the plugin secret:site:local-generate command and then set an environment variable into your local environment (or docker container if you are running a docker-ized environment) with name CUSTOMER_SECRETS_FAKE_FILE and use the absolute path to the file as the value.
LANDO example
To setup this using lando, you should modify your
.lando.ymllike this:services: appserver: overrides: environment: CUSTOMER_SECRETS_FAKE_FILE: /app/secrets.jsonGenerate the secrets file like this:
terminus secret:site:local-generate --filepath=./secrets.jsonAnd rebuild lando application:
lando rebuild -y
Now, you will be able to use your secrets through the SDK.
DDEV example
CD to your ddev root directory.
To setup using DDEV, add the following to your
~/.ddev/config.ymlweb_environment: - CUSTOMER_SECRETS_FAKE_FILE=./secrets.jsonGenerate the secrets file
terminus secret:site:local-generate --filepath=./secrets.jsonRestart your ddev environment
ddev restart
Restrictions
For secrets that do not have the "user" scope, the secret:site:local-generate command will set the value of the secret to "null". Edit this file and replace the null values with appropriate test values for local development.