Voting starts in March for the Drupal Association Board election.
We've worked with many clients over the years, who all have very specific website development needs. While some clients may share common goals, each may approach those business goals in different ways. But, time and time again, we usually start by asking a client in what ways are they measuring their website's effectiveness. In this 4 part series, I'll discuss identifying purpose and overcoming obstacles, complaints of current site capabilities and establishing budget, metrics to success and selecting a vendor, then finally risk tolerance and disaster recovery planning.
DREC is a collection of basic bash scripts that work together to accomplish common development tasks for Drupal 8.x projects. In simple words drec uses shell commands, unix utilities, drush, drupal console, git, docker and other software that all together can install, update, clone etc a Drupal project.
The main problem I wanted to solve with drec is to setup and update a local development environment from scratch for a Drupal distribution on LAMP. So, you should probably use drec locally or on a development environment and not on a production server. I created this for Linux but it could also play well with any unix* system (hope so).
Some of the characteristics of drec is that it can run commands in chain and that it uses a configuration file (.drecfile) where each project can keep useful details about it that drec can (re)use when running.
Here is a list of the current drec commands:Command Description git-clone Clone a site from a git repo create-folder Create the project folder delete-folder Delete the project folder create-vhost Create a virtualhost for project's domain delete-vhost Create a virtualhost install-drupal Install Drupal using drush prepare-install Prepare a Drupal site for installation (public files, writable settings etc) create-docker Create a docker container delete-docker Delete a docker container create-drush Create a drush alias delete-drush Delete a drush alias composer-install Run composer install on the project folder composer-project Run composer create-project ... on the project folder create-db Create a mysql database download-db Download a mysql database delete-db Delete a mysql database askme Asks user to continue or exit init Create a *.drecfile settings file on the ~/.drec folder delete-project Delete all project files, database, container, drush alias etc projects Show all *.drecfile filenames inside ~/.drec folder debug Show variables on cli
and here are some usage examples:
// Clone a project and start a docker container with mapping folders drec init,git-clone,create-docker // Clone a project from a git repo, create a virtualhost and create a new configuration file drec init,git-clone,create-vhost // Create a new database, clone from git repo, prepare for Drupal installation and install Drupal drec init,create-db,git-clone,prepare-install,install-drupal // Just debug a configuration file and read its values drec debug /path/to/MYFILE.drecfile drec debug filename/of/.drecfile
Issues, suggestions and your opinion are always welcome.
Last year I had the chance to collaborate with a Drupal company in Greece for a large scale Drupal 8.x project. One of these that you say Drupal was made for!
It was early 2016 when Drupal 8.x had just arrives. At that time thing were a bit confusing (although promising) with the new Drupal version. Composer adoption was still in "alpha", popular Drupal contributed modules where not ready for production, new concepts in core had to be learned, Phpstorm (or another advanced IDE at least) was required etc. In general things were unclear and the development team needed a guide in order to avoid the "search on Google" disease.
One of my responsibilities for this project was to document the "best practices" and HowTo work with the new Drupal version, with software such as git, Docker, composer and all the software needed. In plain English I had to create, maintenance and update the official documentation of the project.
After some discussion we had internally we decided to publish these docs using the ReadTheDocs.org platform under an open source license (Open Publication License). We did this not only to make the things easier for us or reuse the knowledge we got but also to get help from anyone else that wanted to do the same. The audience are people that already know Drupal 7.x and want to dive into Drupal 8.x. In fact, I was also learning new concepts and methodologies (but, yes, with Drupal we never stop learning new things, don't you agree?)
Copying the first lines of the docs to get the purpose of the docs:
A useful manual for Drupal developers, themers and site builders that want to start collaboration work with the new Drupal 8.x stuff.
The initial documentation created to help us in the maintenance and development of a complex Drupal 8.x distribution but became more generic and public available in the future.
Common best practices are in place and new methodologies of development are proposed on this manual.
Before starting I 'd like to describe a bit the project I am talking about.
It was a multilingual portal with multidomains, unified Dashboard per (sub)domain, content workflows and many content types and fields. More about the parameters can be found at dropdog.readthedocs.io/parameters. We decided to use Features module and Drush make files, Github and the Git Flow model for the git branches. We were also using Docker for local development environments as also as other Shell scripts to automate the processes.
The Docs are separated into 11 major sections which are:
- Reviews - Entity
- Reviews - Views
- Development thoughts
The titles of each section are self describing. Unfortunately some sections are incomplete and contain only the headers (Scripts, Tests and Terminology).
One interesting thing I would like to promote here are the naming conventions we decided to use while developing the website (entities & fields, views, features etc). Using the pattern field_CONTENTTYPE_SHORTNAME and other similar conventions, for example, allowed us to make changes in bulk, search for issues more easy, avoid Features issues and conflicts with configuration and "standardize" the theming. Furthermore, in order to make some human reviews for Entities and Views we created lists of checkboxes ready to be copied on a Github issue when a new Entity or Views is created.
Another one is the rules we had when setting User Roles such as that "Every custom module should define its own permissions. Never reuse an existing permission!" I still believe strongly that this rule should be implemented with Drupal core modules also but this is another issue that will not discuss now...
For the Theming we followed a variation of the Atomic Design approach (see Patternlab) and created our own "Drupal specific" folder structure expecially for the scss files. Of course for scss we set up some well known rules and linting to avoid development conflicts. Another useful thing here is that we followed the desktop first design. That means that we first designed for desktop but with mobile in mind and not the opposite since the mobile visits were a few (and there were no obvious signs that this would change in the future).
I could say a lot for the whole experience but it's better to let you "explore" the docs and take what you find may be useful. Pull requests and suggestions are always welcome.
January is always a time of conclusions. We evaluate a past year, remember its best moments, and hope that the new year will bring us even more positive moments. It’s also a time of different rankings. We at Vardot decided to contribute to the good vibe of the community by going through the best articles of the last year according to BuzzSumo and choosing those ones that had a better feedback from you. The blog post you read now lists, in ascending order, the 12 most shared articles about Drupal in 2016.
12. Happy birthday Drupal (924 shares)
On Drupal's 15th birthday, the community celebrated with an infographic that reminisces about the significant events and achievements in the past year. No open source project can survive and
even thrive for so long without a vibrant community. Scroll through the article and you will feel the urge to attend that next DrupalCon in some exotic location.
11. Drupal founder sets up Acquia Labs to research the future of the web (958 shares)
Celebration of the past 15 years aside, Dries Buytaert is never complacent with his brainchild. He is already thinking ahead and inventing the next-generation web user experience. To that end, Dries set up Acquia Labs to engage in R & D. If he has his way, the web of the future won't be browser based, and page views will be a thing of the past. The next generation of user interaction will be voice-controlled, visual in the style of VR (Virtual Reality) or AR (Augmented Reality), and adaptable to user situations.
10. Improving collaboration with forks (1.1k shares)
The success of the open-sourced Drupal project hinges on the collaboration of a large community of developers to enhance and customize the product. Drupal developers collaborate by writing and sharing code. When an upstream developer modifies code that has been previously forked, the changes often need to be propagated downstream in a controlled manner. This article is a brief introduction on pull requests created from a fork. You will find the link to a longer guide at the end of the original article.
9. Several critical remotely exploitable flaws found in Drupal modules, patch ASAP! (1.5k shares)
The Panama Papers refer to 11.5 million private financial documents which were leaked from a Panamanian law firm. These documents collectively implicate 72 current and former heads of state in fraudulent activities such as tax evasion. The leak was caused by vulnerabilities in Drupal and WordPress, two leading content management systems (CMS). Drupal site administrators did well for heeding the call of this article to patch the known vulnerabilities.
8. Drupal: 15 years old and still gaining momentum (1.7k shares)
This is a blog post written by Dries Buytaert on the day of the 15th anniversary of releasing Drupal 1.0. It gives us a glimpse, from the firsthand perspective, of the path the Drupal project has taken over the years. Dries even recounted some product decisions he made, both rightly AND wrongly, over that time period. He shared about his own professional development as a result of this journey, and his renewed commitment to building a better and safer web for all.
7. Panama Papers hack: Unpatched WordPress, Drupal bugs to blame? (1.8k shares)
The author of this article plays the role of investigative reporter on the Panama Papers leak. It discusses 2 possible entry points for the intruder (or intruders) into the Panamanian law firm's computer systems: a public WordPress website and a customer-only Drupal portal. Both installations were running outdated and unpatched versions of the respective CMS software at the time of the leak. The author advocates keeping your systems up-to-date in this article. He praises WordPress for automating security updates, and then chastises Drupal for lagging behind in this crucial process.
6. Is this how a hacker got the Panama Papers? (2.3k shares)
It is very difficult to pinpoint, without access to the system log files, how an intruder hacks into a web system. But, that does not stop the author of this article to put forth hypotheses in the Panama Papers leak, even identifying the plugin that may be the culprit. Site administrators should read this article for the long list of things that the Panamanian law firm did wrong, so that they can avoid making the same mistakes.
5. The security flaws at the heart of the Panama Papers (2.4k shares)
This is the Wired magazine's report on the Panama Papers leak. The article distinguishes itself from other similar reports because it conducts its own primary research. Specifically, it cites both named security experts and anonymous sources alike. It is obvious that this article does not target a technical audience. However, it compensates for the lack of technical depth by offering breadth in its research. It covers some lesser reported probable causes for the leak, including the possibility of it being an inside job.
4. From encrypted drives to Amazon's Cloud - the amazing flight of the Panama Papers (2.7k shares)
The Forbes article tells a great story, not on what can possibly cause the Panama Papers leak, but rather on what actually happens after the leak. After the hacker with a pseudonym of John Doe handed over the papers, the journalists had a huge problem in their hands: one with a volume of 11.5 million documents and 2.6 TB in size. The huge database had to be encrypted for confidentiality, and, at the same time, be accessible to a horde of journalists around the world. In addition, powerful text analysis tools were required to help make sense with that many documents. This article is a good read to find out how the journalists solved their big data problem with open-source solutions.
3. Five ways to speed up Drupal 8 sites (2.8k shares)
This article lists 5 ways to optimize the speed of a Drupal 8 website. Many of the tips are new and specific to Drupal 8 installations.
2. Panama Papers: Email hackable via WordPress, docs hackable via Drupal (3k shares)
WordFence is a leading web security company, and this article is their take on the Panama Papers leak. It illustrates how an intruder can potentially hack into the unpatched WordPress server hosting the Panama Papers, and from there, gain access to the corporate email server. It also summarizes how the outdated Drupal installation makes it easy for hackers to break into Drupal and steal documents.
More to this topic: 5 security modules that every Drupal website must have
1. How to configure your Drupal 8 ARM template deployment to Azure using existing MySQL Server (4k shares)
The most shared article about Drupal in 2016 explains the parameters required to configure Drupal 8 on the Microsoft Azure cloud computing platform.
The end of 2016 marks the first full year of Drupal 8.0 after its official release. With the buzz surrounding a major new release and some high-profile security flaws, the Drupal community was very active during the year. We are looking forward to more interesting blog posts in 2017. Don’t forget to share those ones you like most!Tags: Drupal Planet drupal 8 Title: 12 most shared articles about Drupal in 2016
Google is leading the charge to a more secure web. The tech giant is taking steps in the way it handles non-secure websites in both search rankings and for its over 1 billion Google Chrome users. In search results, non-secure websites will now take a back seat to those that are secured with trusted SSL certificates. Texas Creative has answered the call by retroactively adding free SSL encryption to all of our Drupal websites.What is SSL?
SSL (Secure Sockets Layer) is a web technology that creates an encrypted connection between the server and the browser to secure the data while in transit. Sites equipped with SSL signify this with a lock icon in the address bar. Until recently, you’ve likely only encountered this on your bank’s website or any site that is collecting personal information like credit card numbers.
A person willing to contribute work as a designer and art director for a new demo website being created for inclusion in Drupal core. Having prior experience with any open source project is certainly a bonus, but is not a necessary requirement. You will be working alongside a team of experienced Drupal contributors who will help you get started working with an open source community.How to apply?
To apply, simply send your motivation letter including a link to your portfolio to firstname.lastname@example.org. Your application will be handled by the team. None of the materials from your portfolio will be published.Project overview
We plan to create a demo website (in the form of an installation profile) of Drupal. Users will be able to try this out when installing Drupal. The main purpose of this demo is to convince technical evaluators that Drupal allows them to build modern and beautiful websites, from conceptions into real life use cases. The demo use case will be a food publishing website. We plan to leave all Drupal-related terminology out of the demo. This is to make sure that there is a separation between the branding of Drupal and demonstrating Drupal. There is no pre-existing designs to leverage. We plan to give the designer carte blanche.
The lead designer will work closely with the team working on the demo to create a proposal for the Drupal community. Our community will be allowed to give feedback on the designs at certain defined stages of the project, however decisions and feedback about the designs will be handled at the team’s own discretion.
The design lead is expected to actively participate in our public weekly meetings.Timeline
The team is expecting to get started with the project as soon as possible after the application period. The team lead is expected to commit to the process throughout. The majority of time needed from the designer will be in the early stages of the project. During this stage you will be expected to work as a visual designer creating the initial design. After the initial design has been approved, the designer will transition into an art director role where they will be responsible for monitoring the quality of the implementation of the design.
The MVP version of the demo is planned to be added to Drupal 8.4, which means that the last day for getting the theme committed is July 29th 2017.Budget
There is no budget to pay people for working on this initiative. However, it is allowed for everyone working on it to have support from the organizations they work for, or any other organization that would like to fund their work.Team & Roles
- lauriii - Project lead
- tkoleary - Default content
- ckrina - Visual Design, Implementation
- Bojhan, Usability
- DyanneNova, Visual Design, Project Management
- Preston So, Implementation
- yoroy, Usability
Acquia Podcast 57 rebroadcast + commentary - Kenny "webkenny" Silanskas passed away in late 2016. Kenny was a Drupalist, a colleague at Acquia, a musician, and a good, funny person who touched my life and the lives of many others. Godspeed, Kenny. We miss you and your huge laugh. Here, Robert Douglass and I listened to the podcast I recorded with Kenny in 2012, reminisced, and talked about the early years at Acquia and the origins of the DrupalCon Prenote. The second half of the podcast is my conversation with Kenny from 2012 and the audio version of his performance in the DrupalCon London Prenote in 2011.Podcast 57 commentary and original audio webkenny memories
DrupalCon London, 2011 Prenote
50 Ways to write a module
(parody of Paul Simon's 50 Ways to leave your lover, lyrics by Robert Douglass and Jeffrey A. "jam" McGuire) - Huge thanks to Radim Klaška for filing this back in the day.
"The problem's all inside your head," Dries said to me,
"The hooks are easy if you take it logically,
I'd like to help you in your struggle to be free,
There must be 50 ways to write a module."
He said, "It's fine to fins a file to include,"
Hopefully your server's RAM won't be abused,
But in that hook, the code looks somewhat crude,
There must be 50 ways to write a module,
50 ways to write a module."
Just push it to Git, Mitt
Write a new patch, Catch,
You don't need to deploy, Roy,
Just ask Angie.
Post in the queue, Stu,
You don't need to write code much,
Just sort on the key, Lee,
And learn PHP.
Dries said, "It pleases me to see you used check_plain, But if I could only get you to test again." I said, "I appreciate that, but would you please explain About those 50 ways ... ?"
Dries said, "Why don't we both just hack throughout the night?
And I believe in the morning, you'll begin to see the light,"
And then he committed a patch and I knew that he was right,
There must be 50 ways to write a module,
50 ways to write a module.
Just push it to Git, Mitt,
Write a new patch, Catch,
You don't need to deploy, Roy,
Just ask Angie.
Post in the queue, Stu,
You don't need to write code much,
Just sort on the key, Lee,
And learn PHP.
DrupalCon London, 2011 - Living, Breathing Drupal: The Biology of the RequestOriginal Acquia Podcast post, episode 57, 2012
Kenny Silanskas, Acquia's Tier 1 Team Manager, has a passion for getting Drupal right that rubs off on his team – Acquia's crew of frontline Client Advisers. They are in the happy position of being able to train client-developers in best practices, choosing and using the right Drupal modules, how to use the open source process, and more. Kenny says, "The Support Department gives Drupal sites the TLC they need." All of this results in happier and more successful Drupal users and a healthier Drupal project.Supporting Acquia Support
Keeping his team happy and on track is quite a challenge, considering he himself describes a typical day in Support as "One large forest fire from dawn till dusk ... in any time zone ... We wake up on fire and go to bed on fire," Kenny laughs at this point, "and dream on fire ... But that's the job that we love and that's what we do."
"What we provide here is so different from consumer-level support, it's a step above that. There's a heavy level of involvement with our customers and a heavy commitment to them."From partner to Acquian
After working for an Acquia partner and being laid off in 2009, Kenny got a call from a recruiter who said, "Hey, you're webkenny!" ... "Have you ever heard of Acquia?" :-) Nine interviews later, an Acquian was born!
"I learned large sites while I was here." Now Kenny is one of Acquia's go-to experts on site performance. Kenny's job lets him expand his technical knowledge and use his people skills to provide top-notch technical support. "Acquia has really grown my knowledge as well as my career." Being at Acquia has also allowed him to flourish as a presenter in the Drupal and technical communities, too. He gets to combine his stage skills with what he knows to create compelling teaching experiences and spread the word about Drupal.A career from cold to hot
From being a ColdFusion developer, Kenny moved to PHP in 2007, and heard about Drupal in 2008. From there, he got a Drupal job and went to his first DrupalCon in Washington D.C. in 2009. By 2011, he was presenting his own sessions at Drupal events, including at DrupalCon London. He even appeared as a guest star in the opening session there.
What we didn't talk about
Kenny is an amazing singer and performer. I've included some excerpts of his London performance in this podcast ... listen right to the end for more!Skill Level: BeginnerIntermediateAdvanced
Shortly after publishing our first Top 10 Contributing Higher Ed Organizations, Tim Lehnen from the Drupal association blogged about recognizing more types of contribution in the Drupal.org Marketplace. Tim shed a little light on how the ranking is currently calculated.
We now calculate the following 4 types of contribution into overall contribution credit; issue credits, Drupal 8 case studies, Drupal Association Supporter Programs/Organization Membership and number of projects supported.
While the title of the post was about the “marketplace” of vendors selling Drupal services, factoring additional types of contributions will impact the full list organizations we use to build the higher ed specific list. There have been several suggestions made in the comments on Tim's post about how to track contributions to documentation, camps, code reviews and support in forums, IRC, and Slack. If you have additional ideas on how the DA could factor in a type of contribution you would like to see factored into these rankings, please add your feedback to Tim’s post.
Factoring in the number of projects played a role in this months ranking. Penn State University jumped from #9 to #2 with just 1 issue credit. What made the Difference? They properly registered 107 projects as being supported by their organization. I know that the majority of commits and issues for those projects are being managed in GitHub, but I’m happy to see the University of Colorado Boulder drop a few spots to the habitual contributors at PSU.
The University of Waterloo managed to hang on to the top spot largely due to Liam Morland’s Webform related contributions. Even though the University of Colorado Boulder accounts for just a handful of the more 500,000 reported installs of Webform, Liam’s contributions make running Drupal as a Service much easier for us. If you work for a university (or really any organization) that uses Webform, please take a few minutes to thank Waterloo for supporting Liam's contributions.
The Current Top 10 Contributing Higher Ed Organizations
- University of Waterloo
- Penn State University
- The University of British Columbia
- University of Colorado Boulder
- Babson College
- The University of Iowa
- University of Adelaide
- Indian Institute of Technology (IIT) Bombay
- Cornell University
Highlighted Contributions from the University of Colorado Boulder
One of the commits the University of Colorado Boulder was credited with is James Fuller’s improvement to add an exposed filter for Organization Type to https://www.drupal.org/organizations. This allows you to see organizations that consider themselves "end users of Drupal". We plan to continue contributing where we can ensure all organizations contributing to the Drupal project are given as much attention as the vendor marketplace. What we'd really like to see on Drupal.org is an option to see the sector an organizational contributor to Drupal operates in vs. just the markets vendors sell to. Once those changes are made, it will be much easier to see the full list of higher ed organizations on Drupal.org.
Last month we also picked up a few commit credits when Owen Morrill updated the Community Funded to a 1.0 release fixing issues that were brought during the Project Application Review process. Owen was able to get through PAR in record time and is the 4th developer at the University of Colorado Boulder to get their "vetted git user" permission.
Looking forward to our next month of commits and trying to take back a few spots from our friends at Waterloo, PSU and UBC, Alexander Finnarn will be working to get a stable D8 release of the Google CSE module. I will be working on a D7 module to integrate with the Siteimprove service in a way that will allow users to manage their page scans and view their reports without needing to log into Siteimprove. I know these services are used by other universities. If you are using these services, I would like to invite you to get involved as a contributor.
Several New Organizations
There are still several high profile universities without organization nodes on Drupal.org. It's still not clear if this is because they are better known for how they use Drupal rather than for what they contribute--or if they are just so busy contributing that they haven't made creating an organization node a priority. The following organizations have all entered the contributor competition by creating organization nodes in January;
- Rochester Institute of Technology
- University of Chicago
- University of Texas at Austin
- Amherst College
- Bryn Mawr College
- Columbia Univeristy
- College of Western Idaho
- Middlebury College
- Ohio Northern University
Higher Education Contributions in Aggregate
Together the top 10 contributing higher education organizations share and support 182 projects and have been creditted with contributions to 82 issues in the last 90 days.
Missed Opportunities for Recognition
In the great case study Palantir wrote for the University of Minnesota that was published last month, they stated that Palantir made significant contributions to Panels, Zen, Workbench, and Workbench Moderation as part of the project. I'm not sure when those improvements were made, but I can't find any place where credit was given to the University of Minnesota for funding the development. Organizations hiring vendors to make customizations and improvements to Drupal should request that the organization be creditted in the commits.
Developers from both Middlebury and Amherst Colleges are actively working on Monster Menus, but looking at the commits they aren't giving their organizations credit. While it's possible to "free hand" the structure of the commit messages Drupal.org requires for credit, it's much easier to generate the recommended message from an issue.
Of course to do this, you'd need create more issues. I'm not going to advocate creating issues for every commit, but not creating a single issue for dozens of commits is equally troublesome. Drupal.org recently added the Plan issue type. I haven't written a line of code for Siteimprove yet, but I have added Plan issues that I will use to credit the University of Colorado when I do start writing the code. Plan issues are also really helpful if someone gets pulled off a project to work on something else. If I don't get back to Siteimprove right away, someone else can look at the issue queue and get some inisght into how I was planning on approach the project.
On February 1, 2017 at the stroke of midnight, we turned off our CFP which included session submissions, training proposals, and grant and scholarship applications. We are pumped up about the stellar content offered up by a diverse set of individuals which will make DrupalCon Baltimore an engaging and exciting event.
One of the most common questions we get at Drupal beginner classes is, "How can I tell if a site is built in Drupal?"
We get that question because it's just not possible to know the answer without a few tips and tricks.
If you look at a website such as WhiteHouse.gov, there is no way of telling if it's built Drupal. The design of a site is completely independent from the platform it uses.
We're going to give you 5 ways to tell if a site is built in Drupal. Not all of these suggestions will work on all Drupal sites, but taken together they should give you a clear answer.
One of our OSTraining members asked how best to make a tabbed view in Drupal 8.
For this tutorial, I used the Devel module to provide default content. And I used 2 content types Article and News. Let's get started.
Acquia Cloud Edge powered by Cloudflare provides a global content delivery network (CDN), DDOS protection and web application firewall (WAF) for Acquia Cloud Enterprise and Site Factory customers.
Plan for a successful launch with Acquia Cloud Edge by following these 6 best practices to ensure your setup is both secure and performant.Tags: acquia drupal planet
In Drupal 7, modules used variables for storing data in configuration rather than storing it in a database. This made it very easy for developers to override these data variables within the settings.php files to set environment specific settings etc.
When Drupal 8 was released variables were replaced with config and state.
What is Config?
According to the config documentation,‘By default, Drupal stores configuration data in the database, but it can be exported to YAML files, allowing the configuration to be managed by version control’ (https://www.drupal.org/docs/8/api/configuration-api/configuration-api-overview).
This means that anything that has been defined as a config variable will be exported to YAML files, when using configuration management (CM) to manage the site’s configuration across environments.
This is very useful for exporting your site’s configuration (content types, views, image styles, module settings etc) across environments, but this does rely on the data for these always being the same across environments.
This is also a vast improvement for dealing the configuration about your site’s structure from Drupal 7 and you can override these settings within your settings.php file if you wish to set settings based upon environment etc.
However, if you have defined a configuration setting in a module that is to be environment specific (eg set by an administrator user), then this data could be changed at any time and so would be overridden by CM when doing a configuration import, which is not what you would want!
This is where the State API can be useful.
What is State API?
Accordingly to the State API documentation,‘The State API provides a place for developers to store information about the system's state’ (https://www.drupal.org/docs/8/api/state-api/overview).
Anything defined using the State API won’t be exported by CM so the data is stored specific to environment that the you are in.
One of the worrying things about the State API documentation is the statement:‘use State API to store transient information, that is okay to lose after a reset’.
I read this as being ‘if you reset your entire database’, which is fairly unlikely for a production environment, and in fact if your entire production database gets reset then you probably have bigger issues to deal with.
So as long as you have a default set of values defined (if needed) for your state values within your module (so that if the database is reset your site will still work), then I don’t see an issue with using it.
That said, something else to be aware of in the above statement are the key words ‘transient information’. Drupal stores the state data as a key value pair, which means that out of the box Drupal will use the database. Most production sites would use a cache like Memcache or Redis to store the cache data rather than the database. Due to the transient state of these services though, they could be restarted or cleared out at any time. If this were to happen then you would lose the data that was stored in this and your site would be ‘reset’ with any data that you had stored in this cache.
Although potentially unlikely, this is something to consider when deciding to use states.
What about environment specific config?
When we build our sites, we usually want to be able to specify various config specific for each environment.
As mentioned above, developers can override the config values in the settings.php file, but this only applies to data values, not specifying particular modules for instance, that you might want available.
Typically, you would not want modules such as devel, field_ui and views_ui enabled for a production (and probably stage) environment, but CM doesn’t allow you to determine which environment these modules should be enabled on.
While CM itself doesn’t provide this level of granularity, there is a module for that! In step Configuration Split. This allows you to export configuration on an environment specific basis.
In my next blog post I will explorer Configuration Split in more detail.
We are putting together some great programming for you here at MidCamp 2017 headquarters. In addition to the impressive session proposals were are busy reading, we have teams working hard to put together Code Sprints and Full Day Training sessions.Sprinting at MidCamp 2017
At MidCamp 2016, the Sprint room was always abuzz with activity. There was so much activity on those who work on the Frontend of Drupal, and a concentrated effort to get Drupal Commerce to it's first Release candidate.
What will be worked on, discussed, built, and fixed at this year's MidCamp? You can have a say. We are currently looking for Sprint leads and mentors.
Sprint leads are mentor to mentors; coordinate with the community, and helps organize what gets sprinted on.
Mentors help new contributors get setup, find issues, and assist them in their sprinting.
If you are interested in being a Sprint lead, or mentor, please email us at email@example.com.Training at MidCamp 2017
We have lined up 4 great training for Thurday, March 30th, 2017. Joining us will be a great group of amazing, professional trainers who will be offering full day training sessions.
Lead by Jorge Diaz, Acquia Certified Grand Master Developer, Drupal Front-end Developer & Themer at Evolving Web
Drupal is known for being a powerful platform with a steep learning curve. This course will give you an introduction to the world of Drupal and soften that learning curve so you can get up-to-speed with Drupal quickly. We'll cover fundamental Drupal concepts and terminology, and give you the hands-on experience you need to dive deeper.
Blake Hall, Senior Developer & Trainer and Joe Schindelar, Lead Developer & Lead Trainer, Drupalize.me
David Needham, Agency & Community Training Manager at Pantheon
Pantheon is a website management platform for Drupal & WordPress that provides lightning-fast hosting and best-in-breed web development tools for your team. Learn how to use Pantheon like a seasoned Drupal developer and level up your Drupal development game.
Are you responsible for project management, content, or vendor selection and preparing to work with Drupal? This one-day training delivers all of the tools you need to get started. Delivered by an Acquia Certified Drupal Developer, this training will answer the questions you didn’t even know to ask!
Space is limited, so be sure to visit our training page and purchase your tickets today. Please note, training tickets are for Thursday only and are in addition to camp tickets.Sponsor MidCamp
We're currently seeking Lunch and Coffee sponsors for MidCamp 2017. Lunch is the perfect opportunity to get your name in front of all of the attendees! Drupalers like coffee. Some might even say Drupalers love coffee! Earn the gratitude of our attendees by having your name and logo associated with the liquid refueling station! We are looking to four sponsors for each day to cover the costs.
This week: Group // Drupal 8 has more and more features available practically every day. Alongside module migrations and new projects, the Drupal community’s latest major release also offers new ways of solving common problems. Some functionality has moved to Drupal core and new modules have taken up the torch along the way. In this series, the Acquia Developer Center is profiling useful solutions--modules, themes, distros, and more--available for Drupal 8.Tags: acquia drupal planetgroupmicrositepermissionsaccess control
I'm a member of the Drupal Security Team, and many of the services offered by myDropWizard involve assisting our customers to improve the security of their Drupal sites -- so, I know quite a lot about security and try to be mindful about my own computer use.
However, computer security is an on-going process: it can always be improved and so you're never truly done.
In this article, I'm going to share my personal list of security resolutions for 2017!
Maybe you'll find something you'd like to implement as well?
Or perhaps you'd like to share your own security resolutions for this year?
Please share your thoughts in the comments (or on Twitter)!