New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Make the plugin installable without the need for code changes in the theme #94

Closed

koyan opened this issue Oct 26, 2017 · 1 comment

koyan commented Oct 26, 2017

For the "internal" method, currently to install the plugin you need to do code changes (to pass the required data).
This presents various problems:

You cannot deploy using publicly open repositories (because then you would expose the entityID, signonURL etc to the public).
You cannot deploy multipe environments with the same code

Solution would be to have that data pass from the administration (settings of the plugin).

Contributor

danielbachhuber commented Nov 2, 2017

This is already tracked in #80

You cannot deploy using publicly open repositories (because then you would expose the entityID, signonURL etc to the public).

The more correct implementation would be to expose the secrets via environment variable or constants that are defined in some secret manner.

You cannot deploy multipe environments with the same code

Similarly, your secrets management implementation could conditionally serve different configuration dependent on environment.

danielbachhuber closed this as completed

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment