ACMS-5823 | Issue 85

[mohammadzo]

Environment-Aware Settings Generation with Production Artifact Support

Overview

This PR adds intelligent environment-aware settings generation to prevent local development files from being created in production artifacts and CI/CD builds. It addresses a critical architectural issue where local settings files (containing database credentials and development-only configurations) were being generated in all environments, including production.

Problem Statement

Previously, the plugin would always generate local development files during composer install, regardless of the environment. This caused several issues:

• ❌ Local database credentials in production artifacts
• ❌ Development-only settings files in CI/CD builds
• ❌ Unnecessary files in deployment packages
• ❌ Security concerns with sensitive data in version control
• ❌ No way to reliably skip local file generation in build pipelines

Solution

This PR introduces a multi-layered approach to control settings generation:

1. Automatic Environment Detection

The plugin now automatically detects CI/CD and production environments and skips local file generation:

• GitHub Actions, GitLab CI, CircleCI, Jenkins, Travis CI
• Acquia Cloud production, staging, and ODE environments
• General CI environment indicators

2. Composer Configuration (Recommended)

Add version-controlled configuration to skip local files in production artifacts:

{
  "extra": {
    "drupal-recommended-settings": {
      "generate-local-settings": false
    }
  }
}

3. Runtime Environment Variable

Override behavior at runtime for testing or specific builds:

export DRS_GENERATE_LOCAL_SETTINGS=false
composer install

4. Drush Command Flag

Manual control when running drush commands:

drush init:settings --no-local

What Files Are Affected

When generate-local-settings is set to false, the following files are not generated:

• local.settings.php - Active local settings with database credentials
• default.local.settings.php - Local settings template
• default.includes.settings.php - Custom includes template

Essential files are still created:

• default.global.settings.php - Global settings
• settings.php - Core Drupal settings
• config/default/ - Configuration sync directory
• salt.txt - Hash salt

Changes Made

New Features

• ✅ Automatic CI/production environment detection
• ✅ generate-local-settings composer configuration option
• ✅ DRS_GENERATE_LOCAL_SETTINGS environment variable
• ✅ --no-local drush flag
• ✅ Skip local template files when configured

Simplifications & Cleanup

• ✅ Removed confusing auto-generate-on-install option
• ✅ Removed redundant DRS_GENERATE_SETTINGS environment variable
• ✅ Removed redundant --no-defaults drush flag
• ✅ Removed Pantheon-specific detection code
• ✅ Streamlined README documentation (removed 120+ lines)
• ✅ Consolidated CI/CD examples into one general example

Files Modified

• src/Plugin.php - Added environment detection logic
• src/Settings.php - Added granular file generation control
• src/Drush/Commands/SettingsDrushCommands.php - Added --no-local flag
• README.md - Comprehensive documentation with examples

Usage Examples

Production Artifact Build

{
  "extra": {
    "drupal-recommended-settings": {
      "generate-local-settings": false
    }
  }
}

Then simply run:

composer install --no-dev --optimize-autoloader

CI/CD Pipeline

No configuration needed - automatic detection works out of the box:

composer install --no-dev --optimize-autoloader

Local Development

Everything works as before - all files are generated automatically.

Benefits

1. Security: No local database credentials in production artifacts
2. Cleaner builds: Only essential files in deployment packages
3. Version-controlled: Configuration lives in composer.json
4. Automatic: Works out-of-the-box in most CI/CD environments
5. Flexible: Multiple control methods for different use cases
6. Simpler: Removed confusing options, focused on primary use case

Testing

Tested in the following scenarios:

• ✅ Local development (generates all files)
• ✅ CI environment with auto-detection
• ✅ Composer config generate-local-settings: false
• ✅ Environment variable DRS_GENERATE_LOCAL_SETTINGS=false
• ✅ Drush command with --no-local flag
• ✅ Acquia Cloud environment detection

Migration Guide

For existing users, no changes are required. The plugin maintains backward compatibility:

• Default behavior unchanged (generates all files in local environments)
• Automatic detection prevents issues in CI/production
• Optional configuration for production artifact builds

To adopt the new feature for production builds, add to your composer.json:

{
  "extra": {
    "drupal-recommended-settings": {
      "generate-local-settings": false
    }
  }
}

Related Issues

Fixes #85

Checklist

• Code follows project coding standards
• Documentation updated (README.md)
• Backward compatible
• Tested in multiple environments
• Commit messages follow conventions

[Copilot]

Pull request overview

This PR adds environment-aware settings generation to prevent local development files from being created in production artifacts and CI/CD builds. It addresses Issue #85 where local development files (local.settings.php, default.local.settings.php, default.includes.settings.php) were being generated in Acquia pipelines and other non-local environments.

Changes:

• Added automatic environment detection in Plugin.php to skip settings generation entirely in CI/CD and production environments
• Added configurable control over local settings file generation via composer.json configuration, environment variable, and Drush command flag
• Added defensive file existence checks in ConfigInitializer.php before loading optional config files
• Updated tests to be more flexible and maintainable
• Added PHP 8.1+ compatibility exclusions to phpcs.xml.dist
• Comprehensive README documentation for the new features

Reviewed changes

Copilot reviewed 8 out of 8 changed files in this pull request and generated 8 comments.

Show a summary per file

File	Description
src/Plugin.php	Added automatic CI/production environment detection that skips all settings generation in non-local environments
src/Settings.php	Added granular control over local file generation via options parameter, composer.json config, and environment variable
src/Drush/Commands/SettingsDrushCommands.php	Added --no-local flag to allow manual control when running drush commands
src/Config/ConfigInitializer.php	Added file existence checks before loading optional config files to prevent errors
tests/src/FunctionalTestBase.php	Fixed mkdir call to use boolean TRUE instead of string 'TRUE', added directory existence check
tests/src/Functional/Config/ConfigInitializerTest.php	Refactored assertions to be more maintainable by checking structure rather than exact output
phpcs.xml.dist	Added PHP 8.1+ compatibility exclusions for PHPCompatibility checks
README.md	Added extensive documentation for environment-aware settings generation features

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

The documentation doesn't clarify the precedence order when multiple control methods are used simultaneously. Users might be confused about what happens if they set both the composer.json configuration and the environment variable, for example. Consider adding a section explaining the precedence order: Drush flag (highest) → Environment variable → Composer config → Automatic detection (lowest), so users know which setting takes priority when multiple are specified.

Suggested change

	If no environment variable or composer configuration is set, the plugin uses intelligent environment detection to determine if it's safe to generate local settings files.
	If no Drush flag, environment variable, or composer configuration is set, the plugin uses intelligent environment detection to determine if it's safe to generate local settings files.
	### 4. Precedence Order
	When multiple control mechanisms are used at the same time, the plugin applies them in the following order (highest priority first):
	1. **Drush flag** – for example, `drush init:settings --no-local` or other CLI options explicitly passed to the command
	2. **Environment variable** – `DRS_GENERATE_LOCAL_SETTINGS`
	3. **Composer configuration** – `extra.drupal-recommended-settings.generate-local-settings`
	4. **Automatic detection** – environment-aware defaults when none of the above are set
	A higher-priority mechanism will always override lower-priority ones when there is a conflict.

[Copilot]

The option description for 'no-local' says "Skip generating local.settings.php file" but the option actually skips generating multiple files: local.settings.php, default.local.settings.php, and default.includes.settings.php (via copySiteSettings()). Consider updating the description to be more accurate: "Skip generating local development files (local.settings.php, default.local.settings.php, default.includes.settings.php)".

Suggested change

	#[CLI\Option(name: 'no-local', description: 'Skip generating local.settings.php file')]
	#[CLI\Usage(
	name: 'drush ' . self::SETTINGS_COMMAND . ' --database=mydb --username=myuser --password=mypass --host=127.0.0.1 --port=1234 --uri=site1',
	description: 'Generates the settings.php for site2 passing db credentials.',
	)]
	#[CLI\Usage(
	name: 'drush ' . self::SETTINGS_COMMAND . ' --no-local',
	description: 'Generate settings without creating local.settings.php (useful for CI/production).',
	#[CLI\Option(name: 'no-local', description: 'Skip generating local development files (local.settings.php, default.local.settings.php, default.includes.settings.php)')]
	#[CLI\Usage(
	name: 'drush ' . self::SETTINGS_COMMAND . ' --database=mydb --username=myuser --password=mypass --host=127.0.0.1 --port=1234 --uri=site1',
	description: 'Generates the settings.php for site2 passing db credentials.',
	)]
	#[CLI\Usage(
	name: 'drush ' . self::SETTINGS_COMMAND . ' --no-local',
	description: 'Generate settings without creating local development files (local.settings.php, default.local.settings.php, default.includes.settings.php) (useful for CI/production).',

[Copilot]

This duplicates functionality that already exists in the EnvironmentDetector helper class. The EnvironmentDetector class has an isCiEnv() method that checks for CI environments (including the CI environment variable). While the existing implementation checks fewer environment variables, it would be better to extend the EnvironmentDetector class rather than creating a duplicate method here. This would maintain consistency with the rest of the codebase and make the environment detection logic reusable. Consider:

1. Extending EnvironmentDetector with additional environment variable checks
2. Using EnvironmentDetector::isCiEnv() in this method
3. Adding a method to EnvironmentDetector for production environment detection

[Copilot]

The README documentation doesn't clearly distinguish between two different behaviors:

1. Automatic detection (Plugin.php): Skips ALL settings generation, including settings.php and global settings
2. generate-local-settings: false (Settings.php): Skips only local development files, but still creates settings.php and global settings

This could confuse users about what files to expect in different scenarios. From the issue description (#85), it appears automatic detection is meant to skip everything in CI/CD pipelines where settings are already configured, while generate-local-settings:false is for production artifacts where you want the settings structure but not local dev files.

Consider adding a clear explanation in the README about when each approach is used and what files are created in each case.

[Copilot]

Missing error handling for JSON decode. If composer.json contains invalid JSON, json_decode will return NULL and the code will continue silently. This could lead to unexpected behavior where the configuration is ignored rather than properly reported as an error. Consider checking the result of json_decode and the value of json_last_error().

Suggested change

	$composerData = json_decode(file_get_contents($composerJsonPath), TRUE);
	$composerJsonContents = file_get_contents($composerJsonPath);
	$composerData = json_decode($composerJsonContents, TRUE);
	if (json_last_error() !== JSON_ERROR_NONE) {
	throw new SettingsException(
	sprintf(
	'Invalid JSON in composer.json at "%s": %s',
	$composerJsonPath,
	json_last_error_msg()
	)
	);
	}

[Copilot]

The precedence order implementation doesn't match the expected behavior based on the PR description. The current implementation gives precedence in this order: options parameter → composer.json → environment variable (highest). However, the Drush command flag (--no-local, which sets options parameter) should have the highest priority as it's an explicit user action. The current implementation allows the environment variable to override an explicit --no-local flag, which is counterintuitive.

For example, if a user runs drush init:settings --no-local but DRS_GENERATE_LOCAL_SETTINGS=true is set, the environment variable will override the explicit flag. Consider reordering to: composer.json (lowest) → environment variable → options parameter (highest), so explicit command flags always take precedence.

[Copilot]

The test coverage issue: There's no test coverage for the new generate-local-settings feature. The existing test in SettingsTest.php verifies that local.settings.php is created, but there's no test verifying the behavior when generate-local is set to FALSE (via options, composer.json config, or environment variable). Consider adding tests to verify:

1. Settings generation with the --no-local flag
2. Settings generation with generate-local-settings: false in composer.json
3. Settings generation with DRS_GENERATE_LOCAL_SETTINGS=false env var
4. Verification that local files are NOT created when these options are set

[Copilot]

The test coverage issue: There's no test coverage for the new automatic environment detection logic. The methods shouldSkipSettingsGeneration() and isNonLocalEnvironment() are not tested. Consider adding tests to verify:

1. Detection of various CI environment variables (CI, GITHUB_ACTIONS, GITLAB_CI, etc.)
2. Detection of Acquia production environments (AH_SITE_ENVIRONMENT)
3. Detection of other production indicators (ACQUIA_ENVIRONMENT, PLATFORM_BRANCH)
4. That settings generation is properly skipped when these environments are detected

[acquia-stalebot-platauto]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Please remove the stale label to avoid it being closed. Thank you for your contributions. More info: https://github.com/acquia/devops-github-administration/blob/main/docs/operations_related_to_repositories.md#acquia-stale-bot