- Issue created by @alphex
- π³π±Netherlands roderik Amsterdam,NL / Budapest,HU
I rely on other people to specify their 'config sync' policy / best practices. So I'll rebrand this a task.
People must be doing this. But so far, I don't remember anyone really commenting on it.
Are they using config_ignore? If so, what are they ignoring? Just the entity ID (provided the certs are in files)?
Do they want to use multiple IdP configs for this? β¨ Multiple IDP Support Needs work
When there's a somewhat authoritative reply from someone, we can determine if this needs documentation, or other work.
- πΊπΈUnited States jfurnas
You can handle this very easily using config split. Make a new config split for each environment you are using (dev, staging, production), and inside of each config sync folder place your samlauth.authentication configuration inside of there, with the 'correct' values for each environment. Make sure that is not placed in your 'default' config sync folder.
(So you'll have three instances of samlauth.authentication), one in each environment, and each with their own correct values per environment.
Then in your settings.php (or via the configuration split UI), tell it which config split to use for each environment.
- πΊπΈUnited States jfurnas
As an example, here is what a config split looks like in one of the sites I am working on, through the Acquia environment.
// Enable `dev` config split by default and disable `prod` and `stage` config split by default $config['config_split.config_split.development']['status'] = FALSE; $config['config_split.config_split.local_development']['status'] = FALSE; $config['config_split.config_split.production']['status'] = FALSE; $config['config_split.config_split.staging']['status'] = FALSE; if (isset($_ENV['AH_SITE_ENVIRONMENT'])) { if ($_ENV['AH_SITE_ENVIRONMENT'] == 'development') { $config['config_split.config_split.development']['status'] = TRUE; $config['config_split.config_split.local_development']['status'] = FALSE; $config['config_split.config_split.production']['status'] = FALSE; $config['config_split.config_split.staging']['status'] = FALSE; } if ($_ENV['AH_SITE_ENVIRONMENT'] == 'prod') { $config['config_split.config_split.development']['status'] = FALSE; $config['config_split.config_split.local_development']['status'] = FALSE; $config['config_split.config_split.production']['status'] = TRUE; $config['config_split.config_split.staging']['status'] = FALSE; } if ($_ENV['AH_SITE_ENVIRONMENT'] == 'test') { $config['config_split.config_split.development']['status'] = FALSE; $config['config_split.config_split.local_development']['status'] = FALSE; $config['config_split.config_split.production']['status'] = FALSE; $config['config_split.config_split.staging']['status'] = TRUE; } } else { $config['config_split.config_split.development']['status'] = FALSE; $config['config_split.config_split.local_development']['status'] = TRUE; $config['config_split.config_split.production']['status'] = FALSE; $config['config_split.config_split.staging']['status'] = FALSE; }Where we have four configuration folders (localdevelopment, development, staging, production) and the 'default' global configuration directory.
When on the production environment, config split specifically only uses the configurations in 'default' and everything in our 'production' folder, which has per environment changes.
Pantheon has similar environment variables you can use in your settings.php, but I don't recall what they are off the top of my head.