The Twelve-Factor app manifesto calls for strict separation of configuration from code. This approach provides several advantages:

  • Sensitive values such as API tokens and private keys will not be leaked if the codebase was ever exposed.
  • There is no need for a switch statement for each environment defining various variables for dev, staging, etc..
  • Feature toggles can be used to dynamically enable functionality without a deployment.



skpr config list dev

KEY                     VALUE                                             
mount.public            /data/app/sites/default/files                     
mount.temporary         /mnt/temporary                                    
mount.private           /mnt/private                                      
mysql.default.hostname  xxxxxxxxxxxxxxx
mysql.default.port      3306                                              
mysql.default.database  xxxxxxxxxxxxxxx                                     
mysql.default.password  [secret]                                          
mysql.default.username  [secret]                                          
prometheus.token        [secret]                                          
smtp.username           XXXXXXXXXXXXXXXXXX                              
smtp.port               1025                                              
smtp.password           [secret]


skpr config set dev Example

Set (Secret)

skpr config set --secret dev xxxxxxxxxxxxxxxxxxxxx


skpr config delete dev

Application Setup

Drupal 8

  • Ensure you have previousnext/skipper-config as a dependency in your composer.json.
composer require previousnext/skpr-config=@dev
  • Load config from disk at the top of settings.php:
$skpr_config = SkprConfig::create()->load();
  • Set your database credentials in the project settings.php file:
$databases['default']['default'] = array(
  'driver'   => 'mysql',
  'database' => $skpr_config->get('mysql.database'),
  'username' => $skpr_config->get('mysql.username'),
  'password' => $skpr_config->get('mysql.password'),
  'host'     => $skpr_config->get('mysql.hostname'),
  • Override configuration values:
$config['swiftmailer.transport']['smtp_credentials']['swiftmailer']['password'] = $skpr_config->get('smtp.password');

Deep Dive

Skipper leverages the following Kubernetes APIs.

Each environment has 4 objects provisioned:

  • ConfigMap / Default = Platform provided config.
  • ConfigMap / Override = User provided config.
  • Secret / Default = Platform provided secrets.
  • Secret / Override = User provided secrets.

These are then mounted into the following directory structure:

  • /etc/skpr/config/default
  • /etc/skpr/config/override
  • /etc/skpr/secret/default
  • /etc/skpr/secret/override

The above list is also the intended "load order" eg.

/etc/skpr/secret/override overrides /etc/skpr/config/default.