/drupal-project-k8s

Development repo to coordinate changes in our Drupal project template and our helm chart

Primary LanguagePHPGNU General Public License v2.0GPL-2.0

Wunder template for Drupal projects

CircleCI

This project template is an opinionated fork of the popular Drupal-composer template, configured to automatically deploy code to a Kubernetes cluster using CircleCI. Everything that works with the Drupal-composer project template will work with this repository, so we won't duplicate the documentation here.

Usage

  • Copy this repository and push it to our organization.
  • Log in to CircleCI using your Github account and add the new project.
  • Create and maintain a Personal Data mapping list for automatic data sanitization in gdpr.json file. See GDPR sanitization section for more information.

How it works

Each pushed commit is processed according to the instructions in .circleci/config.yml in the repository. Have a look at the file for details, but in short this is how it works:

  • Run the CircleCI jobs using a custom docker image that has all the tools we need.
  • Validate the codebase with phpcs and other static code analysis tools.
  • Build the codebase by downloading vendor code using composer and yarn.
  • Create a custom docker image for Drupal and nginx, and push those to a docker registry (typically that of your cloud provider).
  • Install or update our helm chart while passing our custom images as parameters.
  • The helm chart executes the usual drush deployment commands.

Secrets

Project can override values and do file encryption using openssl. Encryption key has to be identical to the one in circleci context.

Decrypting secrets file:

openssl enc -d -aes-256-cbc -pbkdf2 -in silta/secrets -out silta/secrets.dec

Encrypting secrets file:

openssl aes-256-cbc -pbkdf2 -in silta/secrets.dec -out silta/secrets

Secret values can be attached to circleci drupal-build-deploy job like this

decrypt_files: silta/secrets
silta_config: silta/silta.yml,silta/secrets