Pantheon Secrets Guide Doc Update

[aaronpinero]

Re: Pantheon Secrets Guide

Priority: Medium

Issue Description:

1. The documentation for the command to generate the secrets file is incomplete. The full command should be terminus secret:site:local-generate <site> --filepath=./secrets.json
2. The documentation is not specific about where the .json file needs to be placed.
3. The documentation doesn't provide any explanation on how to access the secrets in the .json file

Suggested Resolution:

1. The correction for the documentation is given above.
2. For DDEV, the file path set in the config.yml file for CUSTOMER_SECRETS_FAKE_FILE needs to be relative to the web root. This should be clarified in the documentation. I don't know if the same is true for Lando, but I suspect it might be.
3. It would help to tell users that, if the local development setup is working properly, secrets should be accessible using the example provided in the Usage section of https://github.com/pantheon-systems/customer-secrets-php-sdk. In addition, for Drupal, secrets should be available when using the Key module with the Pantheon Secrets module. Users should go to the Key module configuration, click on the Sync Pantheon Secrets tab, and click the Sync Keys button. Secrets indicated in the .json file should appear in the available list of keys.
4. In the Restrictions section of the page, it should be repeated that the pantheon_get_secret function will not work in local development, only on Pantheon's systems.

[stevector]

@jazzsequence can you investigate? Hand off the issue to PDE if necessary.

[cboyden-ucb]

I was just testing this locally and found that a relative path did not work for me. I had to replace CUSTOMER_SECRETS_FAKE_FILE=./secrets.json with CUSTOMER_SECRETS_FAKE_FILE=/var/www/html/secrets.json and then it worked as expected.

[jazzsequence]

Docs updated in #9330