In a perfect world you would have a local dev + staging + prod environment. Every deployments are moving in the same direction, from your staging to prod.
What if you are a web agency, you sell websites and your customer (who has admin access) installs a plugin ? This plugin won’t be versioned in git.
What are your recommendations ?
Should I just restrict plugin installations and theme modifications ?
The answer can be both technical and business oriented.
Dev
If you are using bedrock and wp-cli you can very easily list the plugins installed and compare with your local repo/composer.json http://wp-cli.org/commands/plugin/
As far as getting their changes into your version control: if you are using git based deploys you can easily commit from the remote server and pull down the changes into your local environment. You can also do things like “git diff” and “git status” to see what has happened since the last commit.
In my experience one HUGE advantage of user Composer/Git based deploys is it makes liability easy. If someone breaks the site you can very easily say “this site is verified working with these exact versions of the plugins and this exact git commit”. So if the client goes rogue and starts doing crazy stuff like hacking on plugins, core, or your theme it is trivial to diff and see what went wrong. If the site gets hacked/borked it is also very easy to just rollback and redeploy.
If the client is insistent on being able to hack on the site themselves or without a developer: each time they need something done will have to be a new project.
Thanks Austin.
I’ll discuss it with my coworkers but I think it’s a good idea to disable plugin and theme update. I don’t want shady plugins committed to git.