From eb3be001f93a062ea2c1aa620308cd8e31f4c5ef Mon Sep 17 00:00:00 2001 From: Leonid Makarov Date: Wed, 4 Apr 2018 16:38:13 -0700 Subject: [PATCH] Documented secrets [ci skip] --- README.md | 32 ++++++++++++++++++++++++++++++++ 1 file changed, 32 insertions(+) diff --git a/README.md b/README.md index e689f1fc..63ab47e7 100644 --- a/README.md +++ b/README.md @@ -28,7 +28,9 @@ This image(s) is part of the [Docksal](http://docksal.io) image library. - drush - registry_rebuild - coder-8.x + phpcs + - Acquia Cloud API commands - drupal console launcher + - terminus (Pantheon) - wp-cli - ruby - ruby @@ -75,3 +77,33 @@ cli ``` See [docs](https://docs.docksal.io/en/master/tools/xdebug) on using Xdebug for web and cli PHP debugging. + + +## Secrets and integrations + +`cli` can read secrets from environment variables and configure the respective integrations automatically at start. + +The recommended place store secrets in Docksal is the global `$HOME/.docksal/docksal.env` file on the host. From there, +secrets are injected into the `cli` container's environment. + +Below is the list of secrets currently supported. + +`SECRET_SSH_PRIVATE_KEY` + +Use to pass a private SSH key. The key is stored in `/home/docker/.ssh/id_rsa` inside `cli` and will be considered +by the SSH client **in addition** to the keys loaded in `docksal-ssh-agent` when establishing a SSH connection +from within `cli`. + +`SECRET_ACAPI_EMAIL` and `SECRET_ACAPI_KEY` + +Credentials used to authenticate with [Acquia Cloud API](https://docs.acquia.com/acquia-cloud/api). +Stored in `/home/docker/.acquia/cloudapi.conf` inside `cli`. + +Acquia Cloud API can be used via `ac-` group of commands in Drush. + +`SECRET_TERMINUS_TOKEN` + +Credentials used to authenticate [Terminus](https://pantheon.io/docs/terminus) with Pantheon. +Stored in `/home/docker/.terminus/` inside `cli`. + +Terminus is installed and available globally in `cli`.