@@ -6,10 +6,10 @@ Deployments are handled by Control Plane configuration in this repo and GitHub A
66
77### Review Apps
88- Add a comment ` +review-app-deploy ` to any PR to deploy a review app
9- - The generated app name is ` ${REVIEW_APP_PREFIX}-${PR_NUMBER} ` . Keep
10- ` REVIEW_APP_PREFIX ` set to ` qa-react-webpack-rails-tutorial-pr ` so review
11- apps use names like ` qa-react-webpack-rails-tutorial-pr-1234 ` , matching the
12- prefix-backed config in ` .controlplane/controlplane.yml ` .
9+ - Leave ` REVIEW_APP_PREFIX ` unset for the standard path. The workflow infers
10+ ` qa-react-webpack-rails-tutorial ` from ` .controlplane/controlplane.yml ` , so
11+ generated review apps use names like
12+ ` qa-react-webpack-rails-tutorial-1234 ` .
1313- New pushes to a PR redeploy only after the review app already exists.
1414- Add ` +review-app-delete ` to delete a review app manually; closing the PR also
1515 deletes it automatically. Use ` +review-app-help ` for the command reference.
@@ -30,21 +30,31 @@ Deployments are handled by Control Plane configuration in this repo and GitHub A
3030
3131### GitHub Repository Settings
3232
33- Required repository secrets :
33+ Required repository secret for review apps and staging :
3434
3535- ` CPLN_TOKEN_STAGING `
36- - ` CPLN_TOKEN_PRODUCTION `
3736
38- Required repository variables:
37+ Required repository variables for staging deploys :
3938
4039- ` CPLN_ORG_STAGING=shakacode-open-source-examples-staging `
41- - ` CPLN_ORG_PRODUCTION=shakacode-open-source-examples-production `
4240- ` STAGING_APP_NAME=react-webpack-rails-tutorial-staging `
43- - ` PRODUCTION_APP_NAME=react-webpack-rails-tutorial-production `
44- - ` REVIEW_APP_PREFIX=qa-react-webpack-rails-tutorial-pr `
4541- ` STAGING_APP_BRANCH=master `
4642- ` PRIMARY_WORKLOAD=rails `
4743
44+ Review apps infer ` CPLN_ORG_STAGING ` , ` REVIEW_APP_PREFIX ` , and
45+ ` PRIMARY_WORKLOAD ` from ` .controlplane/controlplane.yml ` and workflow defaults,
46+ so those values do not need to be set just to test review apps.
47+
48+ Production promotion uses a protected GitHub Environment named ` production ` :
49+
50+ - Environment secret ` CPLN_TOKEN_PRODUCTION `
51+ - Environment variable ` CPLN_ORG_PRODUCTION=shakacode-open-source-examples-production `
52+ - Environment variable ` PRODUCTION_APP_NAME=react-webpack-rails-tutorial-production `
53+
54+ Protect the ` production ` environment with required reviewers, enable prevent
55+ self-review, and consider disabling administrator bypass. Do not store
56+ ` CPLN_TOKEN_PRODUCTION ` as a repository or organization secret.
57+
4858Optional repository settings:
4959
5060- ` DOCKER_BUILD_SSH_KEY ` : secret for private SSH dependencies during Docker builds.
@@ -66,7 +76,7 @@ filter in `.github/workflows/cpflow-deploy-staging.yml`.
6676When the upstream ` control-plane-flow ` repo changes the generated GitHub Actions
6777flow, regenerate the ` cpflow-* ` actions/workflows in this repo from the target
6878` cpflow ` version or branch using ` --staging-branch master ` , review the diff, and
69- keep the repository variables above aligned with ` .controlplane/controlplane.yml ` . Validate with
79+ keep the GitHub settings above aligned with ` .controlplane/controlplane.yml ` . Validate with
7080` cpflow github-flow-readiness ` , ` actionlint .github/workflows/cpflow-*.yml ` , and
7181the normal CI checks before merging. For review-app workflow changes, remember
7282that the deploy workflow checks out trusted local actions from ` master ` before
0 commit comments