Pantheon Secrets integration with the Key module.
This module is for you if you meet the following requirements:
-
Using Drupal >= 9.4
-
Use PHP >= 8.0
-
Part of the Secrets EA Program
-
Hosting the Drupal site on Pantheon's platform
-
Have Dashboard access to the platform (necessary to deploy code changes)
-
Comfortable using terminus
-
Using the Secrets Manager Plugin to set your secrets.
This module provides Drupal integration with the Secrets EA Program in the form of a Key Provider plugin for the Key module.
To require this module in your composer file:
composer require drupal/pantheon_secrets:^1 --prefer-dist
Install the module and push an updated composer.lock file to your Pantheon environment.
-
Use terminus to set some secrets like this:
terminus secret:set <site> --scope=web --type=runtime <secret_name> <secret_value>Please note that you should be using scope "web" for secrets to be available to the Drupal application.
-
Now that the secret is available, you could add the corresponding Key entity in one of the different available ways:
- Add a new key through the Key module UI. Select Pantheon Secret as the key provider and your secret name from the dropdown
- Go to /admin/config/system/keys/pantheon and click on the "Sync Keys" button to get all of the available secrets into Key entities.
- Use the provided drush command to sync all of your secrets into Key entities:
terminus drush <site>.<env> -- pantheon-secrets:sync
-
Use the Key where it is needed.
See our detailed example for an end to end example on how to set things up.
For real time discussion of the module find Pantheon developers in our Community Slack. Bug reports and feature requests should be posted in the drupal.org issue queue. For code changes, please submit pull requests against the GitHub repository rather than posting patches to drupal.org.