Web Development

Drupal uses a few unusual file extensions that contain PHP - notably .module, .theme, and .install. GitHub use linguist for language detection. You can configure linguist using a .gitattributes file in your repo. Add a .gitattributes file with the following contents to your Drupal repo: # linguist configuration for syntax highlighting in github UI. *.module linguist-language=PHP *.install linguist-language=PHP *.theme linguist-language=PHP Now your pull requests and source viewer in Github should have PHP syntax highlighting for these file extensions....

Running a fleet of Drupal projects presents a lot of challenges and problems to solve. Some things might fly for a handful of projects, but trying to scale that up will send you directly to the seventh circle of Drupal hell. Video

A bug in older versions of drush stop errors bubbling up to shell exit codes. This is problematic if you have a shell script with a sequence of commands that depend on the previous one completing successfully. It also makes detecting failed CI builds, deployments and cronjobs near impossible. Unfortunately I’m stuck using drush8 as Lagoon does not support dynamic drush aliases in newer versions. The bash function below will terminate a script with exit-code 1 if the output piped to it includes exception or error....

Developers often need copies of production data for local development, and standard workflows for getting these dumps have a lot of downsides. Moving SQL dumps around means an increased risk of sensitive data being exposed. Most sanitization methods are a multi-step process. Large databases put strain on slow internet connections. Large databases take way too long to import. The Solution mtk-dump is an extremely powerful replacement for mysqldump. Define your sanitization and minification rules in a simple yaml file, and produce small and safe SQL dumps for development....

Video Slides

Acquia dropped support for New Relic Lite and Standard in June 2017. Since then, you have only been able to get APM features on Acquia by paying for a New Relic Professional subscription. They also removed the ability to configure the New Relic API key for a given environment. But we can undo this damage! By calling newrelic_set_appname() in your index.php file you can change the account where APM metrics are sent....

Originally posted 2018-08-08 on the PreviousNext blog. With attackers and data breaches becoming more sophisticated every day, it is imperative that we take as many steps as practical to protect sensitive data in our Drupal apps. PreviousNext use Amazon RDS for our MariaDB and MySQL database instances. RDS supports SSL encryption for data in transit, and it is extremely simple to configure your Drupal app to connect in this manner....

Slides Resources Check out my post from the original talk for the resources shown in this presentation. Photo credit: @technerdteitzel.

Securely managing application secrets can be challenging - especially in complex, multi-datacenter environments. Many common secret management tools and services only solve specific use cases, and are often coupled to specific cloud providers. HashiCorp Vault is an open-source secret management tool designed to support distributed applications and infrastructure as first-class citizens. It provides powerful features such as: Centralised secret storage Dynamic secrets Encryption as a Service Identity brokering Access control management Audit logging This session will introduce some important Vault concepts and operational considerations, before diving into a technical demonstration of the current Drupal integration capabilities....

Originally posted 2017-11-24 on the PreviousNext blog. Even tech giants like Uber are bitten by poor secret management in their applications. The snippet below describes how storing AWS keys in their repository resulted in a data breach, affecting 57 million customers and drivers. Here’s how the hack went down: Two attackers accessed a private GitHub coding site used by Uber software engineers and then used login credentials they obtained there to access data stored on an Amazon Web Services account that handled computing tasks for the company....