Claude-code-plugins-plus-skills salesforce-multi-env-setup
install
source · Clone the upstream repo
git clone https://github.com/jeremylongshore/claude-code-plugins-plus-skills
Claude Code · Install into ~/.claude/skills/
T=$(mktemp -d) && git clone --depth=1 https://github.com/jeremylongshore/claude-code-plugins-plus-skills "$T" && mkdir -p ~/.claude/skills && cp -r "$T/plugins/saas-packs/salesforce-pack/skills/salesforce-multi-env-setup" ~/.claude/skills/jeremylongshore-claude-code-plugins-plus-skills-salesforce-multi-env-setup && rm -rf "$T"
manifest:
plugins/saas-packs/salesforce-pack/skills/salesforce-multi-env-setup/SKILL.mdsource content
Salesforce Multi-Environment Setup
Overview
Configure Salesforce integrations across Developer, Sandbox, and Production orgs with environment-specific credentials, login URLs, and deployment promotion flows.
Prerequisites
- Production Salesforce org (Enterprise+ for Full sandbox)
- Salesforce CLI authenticated to all environments
- Secret management solution (Vault, AWS/GCP Secrets Manager)
Instructions
Step 1: Salesforce Environment Types
| Environment | Org Type | Login URL | Purpose | Data |
|---|---|---|---|---|
| Development | Developer Edition or Scratch Org | login.salesforce.com | Local dev | Sample data |
| QA | Developer Sandbox | test.salesforce.com | Testing | Subset of prod |
| Staging | Full Sandbox | test.salesforce.com | Pre-prod validation | Copy of prod |
| Production | Production Org | login.salesforce.com | Live traffic | Real data |
Step 2: Sandbox Types
| Sandbox Type | Data | Metadata | Refresh Interval | Use Case |
|---|---|---|---|---|
| Developer | None | Copy of prod | 1 day | Feature development |
| Developer Pro | None | Copy of prod | 1 day | Integration testing |
| Partial Copy | Sampled | Copy of prod | 5 days | QA with realistic data |
| Full | Full copy | Copy of prod | 29 days | Staging, UAT, load testing |
Step 3: Environment Configuration
// src/config/salesforce.ts interface SalesforceEnvConfig { loginUrl: string; username: string; apiVersion: string; isSandbox: boolean; } const envConfigs: Record<string, SalesforceEnvConfig> = { development: { loginUrl: 'https://login.salesforce.com', // Or test.salesforce.com for sandbox username: process.env.SF_USERNAME_DEV!, apiVersion: '59.0', isSandbox: false, // true if using a sandbox for dev }, staging: { loginUrl: 'https://test.salesforce.com', // ALL sandboxes use test.salesforce.com username: process.env.SF_USERNAME_STAGING!, apiVersion: '59.0', isSandbox: true, }, production: { loginUrl: 'https://login.salesforce.com', username: process.env.SF_USERNAME_PROD!, apiVersion: '59.0', isSandbox: false, }, }; export function getSalesforceConfig(): SalesforceEnvConfig { const env = process.env.NODE_ENV || 'development'; const config = envConfigs[env]; if (!config) throw new Error(`No Salesforce config for environment: ${env}`); return config; }
Step 4: Authenticate to Multiple Orgs
# Authenticate to each environment with aliases sf org login web --alias sf-dev --instance-url https://login.salesforce.com sf org login web --alias sf-staging --instance-url https://test.salesforce.com sf org login web --alias sf-prod --instance-url https://login.salesforce.com # For CI — use JWT (no browser needed) sf org login jwt \ --client-id $SF_CLIENT_ID \ --jwt-key-file server.key \ --username ci-user@mycompany.com.staging \ --alias sf-staging \ --instance-url https://test.salesforce.com # List all authenticated orgs sf org list --all # Set default org sf config set target-org sf-dev
Step 5: Secret Management by Environment
# Local development — .env.local (git-ignored) SF_LOGIN_URL=https://test.salesforce.com SF_USERNAME=dev-user@mycompany.com.dev SF_PASSWORD=devpassword SF_SECURITY_TOKEN=devtoken # CI/CD (GitHub Actions) # Use environment-specific secrets: # Settings > Environments > "staging" > Add secret SF_USERNAME # Settings > Environments > "production" > Add secret SF_USERNAME (different value) # Production (Vault / Secrets Manager) # AWS: aws secretsmanager get-secret-value --secret-id salesforce/production # GCP: gcloud secrets versions access latest --secret=sf-prod-credentials # HashiCorp Vault: vault kv get -field=password secret/salesforce/production
Step 6: Deployment Promotion Flow
# 1. Develop in scratch org or developer sandbox sf project deploy start --target-org sf-dev # 2. Run Apex tests in dev sf apex run test --target-org sf-dev --result-format human # 3. Deploy to staging sandbox sf project deploy start --target-org sf-staging --test-level RunLocalTests # 4. Run integration tests against staging SF_LOGIN_URL=https://test.salesforce.com npm run test:integration # 5. Deploy to production (requires test coverage) sf project deploy start --target-org sf-prod --test-level RunLocalTests --wait 30 # Rollback if needed sf project deploy cancel --target-org sf-prod
Step 7: Environment Guards
// Prevent destructive operations in production function guardProductionOperation(operation: string): void { const config = getSalesforceConfig(); if (!config.isSandbox && process.env.NODE_ENV === 'production') { const blocked = ['deleteAllAccounts', 'truncateContacts', 'resetData']; if (blocked.includes(operation)) { throw new Error(`Operation '${operation}' blocked in production Salesforce org`); } } } // Prevent using production credentials in dev function validateEnvironment(): void { const config = getSalesforceConfig(); if (process.env.NODE_ENV === 'development' && !config.isSandbox) { console.warn('WARNING: Development mode connected to production org!'); } }
Output
- Multi-environment Salesforce configuration
- Sandbox types selected for each environment
- Credentials stored in platform-appropriate secrets manager
- Deployment promotion flow from dev to production
- Environment guards preventing accidental destructive operations
Error Handling
| Issue | Cause | Solution |
|---|---|---|
| Wrong login URL | Use |
| Sandbox username format | Missing | Username format: |
| Config merge fails | Wrong NODE_ENV | Verify environment variable |
| Production guard triggered | Destructive operation | Use sandbox for testing |
Resources
Next Steps
For observability setup, see
salesforce-observability