CI Automation, Review Apps, Staging, and Promoting to Production

Setting up Tokens for CI Automation

This example uses Github Actions. The same applies to Circle CI and other similar CI/CD tools.

Ensure that you have two orgs:
company-staging (for staging deployments, developers have access)
company-production (for production deployments, limited access)
Create the token for staging org and set on Github repository secrets and variables:
Go to the Control Plane UI for your organization's staging org
Make a new service account called github-actions-staging
Assign to the group superusers
Click "Keys" and create a one with description "Github Actions" and copy the token (or download it).
Add this key to your Github repository secrets as CPLN_TOKEN_STAGING
Add another key to your Github repository variables as CPLN_ORG_STAGING with the name of the staging org, like company-staging
Create the token for production org, and set on Github repository secrets and variables.
Go to the Control Plane UI for your organization's production org
Make a new service account called github-actions-production
Assign to the group superusers
Click "Keys" and create a one with description "Github Actions" and copy the token (or download it).
Add this key to your Github repository secrets as CPLN_TOKEN_PRODUCTION
Add another key to your Github repository variables as CPLN_ORG_PRODUCTION with the name of the production org, like company-production
Create a few more ENV variables for the app name and the app prefix:
STAGING_APP_NAME - the name of the app in Control Plane for staging, which is the GVC name, like app-name-staging
PRODUCTION_APP_NAME - the name of the app in Control Plane for production, which is the GVC name, like app-name-production
REVIEW_APP_PREFIX - the prefix for the review apps in Control Plane. The Review apps are named $REVIEW_APP_PREFIX-pr-$PR_NUMBER
All in all, you should have 2 secrets and 5 variables set in your Github repository