Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

How to provide access to a git repository that is used by Composer

Tags:

git

ssh

heroku

deployment

composer-php

To manage my libraries I use Composer, so I set the dependencies in composer.json and then add (ever in composer.json) the remote addresses of the private repositories where the code resides.

When running composer update/install I'm prompted with a request for the access keys to those private repository.

Now, I'm trying to deploy a Symfony 2 app to Heroku.

The problem arises when Heroku tries to download the packages from my private repositories: how can I provide to Heroku access to those repositories?

Here is a sample composer.json configuration:

"require": {
    "my/private-package": "~1.0",
},
"repositories": [
    {
        "type": "git",
        "url": "https://[email protected]/Aerendir/private-package"
    }
]

This configuration is explained in the Composer Documentation (it works also without Satis, except for the "problem" with Heroku :) - or other cloud hosting I think).

There, about athentication, is explained:

Note that if your private packages are hosted on GitHub, your server should have an ssh key that gives it access to those packages, and then you should add the --no-interaction (or -n) flag to the command to make sure it falls back to ssh key authentication instead of prompting for a password. This is also a good trick for continuous integration servers.

Now, the questions are 2:

  1. BitBucket has deployment keys but I can also set a SSH key.
  2. What about Heroku SSH keys?

So, how can i give to Heroku access to my private repositories on BitBucket? How can I download private repositories hosted on BitBucket from the composer install command that Heroku does on deploying?

like image 504
Aerendir Avatar asked Jul 28 '15 20:07

Aerendir

1 Answers

The correct answer is using COMPOSER_AUTH as an environment variable set directly in Heroku dashboard.

The value of the variable should be something like this:

{
   "http-basic":{
      "bitbucket.org":{
         "username":"[email protected]",
         "password":"y0UrH4rdT0Gu3sSp4SsW0rd"
      }
   }
}

If set, Composer will read it and use its value to connect to BitBucket.

This is the correct approach as it is secure and doesn't force you to make your passwords going around in the web through the various services you use (or will use) to build and deploy your app.

References:

COMPOSER_AUTH

like image 165
Aerendir Avatar answered Sep 28 '22 05:09

Aerendir
Sign in to Comment

Related questions

Ignore a file when merging -- but include it in pushes
Moving multiple directories from one git project to another, preserving their history
Using multiple Git repositories in a single Team Foundation Server project
How to restore the aborted or interrupted "git clone"?
git in a web development team using 1 remote dev server and no local dev environment
Git: false merge conflicts?
How to prevent pulling in git from different than the current branch
git difftool: how to measure progress, that is number of files diff'ed and to diff?
Using git in Windows, does the --shared option to git-init do anything useful?
Google App Engine Push-to-Deploy with other branch than master
Visual Studio 2013 coexisting Ankh SVN and Git
Why does git's cherry picking with more than one commit fail?
Completely remove commit from Bitbucket history
git log with perl regex
What's the proper way to determine the status of a Git branch programmatically?
Is it possible to add a "Precommit hook" on TFS?
Similar trick to git bisect WITHIN a commit
Why git under cygwin asks for password?
Specify greater than or equal to Git tag in requirements.txt
How to add symlinks to git repository on Windows?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!