provisionsgroup/config-sync-php 问题修复 & 功能扩展

解决BUG、新增功能、兼容多环境部署,快速响应你的开发需求

邮箱:yvsm@zunyunkeji.com | QQ:316430983 | 微信:yvsm316

provisionsgroup/config-sync-php

Composer 安装命令:

composer create-project provisionsgroup/config-sync-php

包简介

Add remote configuration synchronization to Laravel

README 文档

README

Config Sync is a generic PHP Composer package that can be extended to support multiple backends - where today it only supports HashiCorp Vault - whose purpose is to synchronize a set of backend secrets data to a locally encrypted file. Compared to a typical PHP Laravel apps, the design goals of the Config Sync are to,

  1. Replace the .env file; especially for secrets
  2. Replace the ENVIRONMENT variables; especially for secrets
  3. Decrease coupling for an app when accessing secrets or configuration data from a backend
  4. Support Kubernetes Pod secrets/configuration bootstrapping while still supporting local development

Prerequisites

  • composer
  • PHP
  • access to somewhere that HashiCorp vault is hosted
  • Configuration stored in developer mount in Vault
  • developer environment (see below) will require additional setup in your .env file

Command

php artisan config:sync --backend=vault --environment=developer

Options

There are four options that can be specified:

--backend=vault : The backend to use for config values
--environment=developer : The backend environment to use
--watch : Flag that keeps the process running rather than running once
--refresh=10 : Only used if the --watch flag is set; frequency of checking with backend and refreshing file

Currently, the only option for --backend is vault and the default is vault so it is not required to specify this option when running the command. The code was written in such a way, that should another backend be chosen in the future, as long as it aligns with the interface, it could easily be swapped out in lieu of Vault.

The --environment option has three choices:

  • local
  • developer
  • kubernetes

local environment

The local environment will create a Config Safe from your local Vault server using the Vault auth token to authenticate and retrieve the secret to create the Config Safe for your local running application.

developer environment

The developer environment will create a Config Safe from your developer mount in Vault. The first time, you will need to add the following to your local .env file:

VAULT_MOUNT=location of Vault mount

VAULT_SECRET=vault secret name

When authenticating with Vault, Config Sync assumes that you will use your LDAP username and password, but this can be changed in the config.

kubernetes environment

The kubernetes environment will create a Config Safe from the Vault in the environment where the applicaiton is running. This will use the JWT (Kubernetes ServiceAccount token) and the role (i.e. auditor-portal) to authenticate with Vault and fetch the secret for that role to create the Config Safe.

provisionsgroup/config-sync-php 适用场景与选型建议

provisionsgroup/config-sync-php 是一款 基于 PHP 开发的 Composer 扩展包,目前已累计 295 次下载、GitHub Stars 达 1, 最近一次更新时间为 2020 年 02 月 26 日, 在 PHP 生态内属于活跃度较高的组件。

我们在过去多个企业项目中使用过 provisionsgroup/config-sync-php 或与其功能相近的方案,如果你在选型或落地过程中遇到问题,例如 版本兼容、二次改造、私有化封装、与内部系统对接、生产 BUG 排查,欢迎联系我们协助评估。

围绕 provisionsgroup/config-sync-php 我们能提供哪些服务?
定制开发 / 二次开发

基于 provisionsgroup/config-sync-php 在你已有业务上做功能扩展、字段裁剪、UI 适配、与内部账号 / 权限 / 日志系统的深度对接。

BUG 修复 & 性能优化

线上偶发问题、内存泄漏、慢查询、并发异常等排查修复;针对高流量场景做缓存、队列、索引层面的调优。

项目外包 & 长期维护

承接完整的项目从需求 → 设计 → 开发 → 上线 → 长期运维;也可按月提供技术保姆服务。

yvsm@zunyunkeji.com QQ:316430983 微信:yvsm316 西安尊云信息科技 · 专注 PHP / Go / 分布式系统研发

统计信息

  • 总下载量: 295
  • 月度下载量: 0
  • 日度下载量: 0
  • 收藏数: 1
  • 点击次数: 12
  • 依赖项目数: 0
  • 推荐数: 0

GitHub 信息

  • Stars: 1
  • Watchers: 1
  • Forks: 0
  • 开发语言: PHP

其他信息

  • 授权协议: MIT
  • 更新时间: 2020-02-26