php 在构建服务器上使用 VCS 在 GitHub 上使用 Composer 和私有存储库
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/25400378/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Using Composer and Private Repository on GitHub using VCS on Build Server
提问by Simon
My compsoser.json uses 2 private repositories from our Organisation Github Account and is as follows.
我的 compsoser.json 使用来自我们组织 Github 帐户的 2 个私有存储库,如下所示。
{
"name": "API",
"repositories": [
{
"type": "vcs",
"url": "[email protected]/company/private.git"
},
{
"type": "vcs",
"url": "[email protected]/company/private2.git"
}
],
"require": {
"php": ">=5.3.3",
"zendframework/zendframework": ">2.1.3",
"doctrine/mongodb-odm": "dev-master",
"doctrine/doctrine-mongo-odm-module": "dev-master",
"company/private": "dev-master",
"company/private2": "dev-master"
}
}
We've setup SSH keys and added them to the authorized keys on our staging server. When we run git clone it works perfectly and isn't asking for any credentials.
我们已经设置了 SSH 密钥并将它们添加到我们的临时服务器上的授权密钥中。当我们运行 git clone 时,它运行良好,并且不需要任何凭据。
However, when we run composer update the fetching of the repositories fails because composer doesn't have access to the repositories.
但是,当我们运行 composer update 时,存储库的获取失败,因为 composer 无权访问存储库。
Since this is ran in a non-interactive way as this is part of a build script we can't enter credentials and like to have this automated.
由于这是以非交互式方式运行的,因为这是构建脚本的一部分,因此我们无法输入凭据并希望将其自动化。
What can we do to let composer have access to our private repo's during the build?
我们可以做些什么来让 Composer 在构建期间访问我们的私有仓库?
采纳答案by michail_w
You can configure composer to use key files to access private repository.
您可以配置 composer 使用密钥文件来访问私有存储库。
More info: https://getcomposer.org/doc/articles/handling-private-packages-with-satis.md#security
更多信息:https: //getcomposer.org/doc/articles/handling-private-packages-with-satis.md#security
回答by myol
I understand the question title specifically mentions using type 'vcs' but this is an alternate methodof using private git repos to deploy a project as a package.
我理解问题标题特别提到了使用类型“vcs”,但这是使用私有 git repos 将项目部署为包的另一种方法。
"repositories": [
{
"type": "package",
"package": {
"name": "company/private",
"version": "0.1.0",
"type": "package",
"source": {
"url": "[email protected]:/company/private.git",
"type": "git",
"reference": "master"
}
}
}
],
"require": {
"company/private": "*"
}
The limitation is that you must manually change the version number every time you deploy if you want the latest version. However, this is also its advantage.
限制是如果您想要最新版本,则每次部署时都必须手动更改版本号。不过,这也是它的优点。
Defining a repo in this way will allow you to pull a specific tagged version. In this case the commit with tag 0.1.0will be pulled on composer update.
以这种方式定义 repo 将允许您提取特定的标记版本。在这种情况下,带有标记的提交0.1.0将被拉上composer update。
You will need to add the SSH keys of the server you are deploying to in your github account.
您需要在您的 github 帐户中添加您要部署到的服务器的 SSH 密钥。
回答by Stuart Cusack
The URLs in your original question are missing a colon:
原始问题中的 URL 缺少冒号:
"url": "[email protected]/company/private.git"
should be
应该
"url": "[email protected]:/company/private.git"
I just had the same problem and this fixed it.
我刚刚遇到了同样的问题,这解决了它。
回答by Josh Bruce
"name": "{vendor}/{package-name}",
"repositories": [
{
"type": "package",
"package": {
"name": "{vendor}/{package-name}",
"version": "{arbitrary-version}",
"type": "package",
"source": {
"url": "[email protected]:{github-username}/{github-repository}.git",
"type": "git",
"reference": "{branch}"
}
}
}
]
"require": {
"{vendor}/{package-name}": "*"
}
I really appreciated the answers and guidance; however, could notget the solution to work for me. And, I think the answer could possibly use some added detail with regard to what appears to be going on here.
我非常感谢答案和指导;但是,无法获得适合我的解决方案。而且,我认为答案可能会使用一些关于这里发生的事情的额外细节。
- vendor:The vendor name used in the package's
composer.json. - package-name:The package name user in the package's
composer.json. - arbitrary-version:A random version number; does not need to exist as a version in GitHub.
- github-username:The GitHub user account where the repo lives.
- github-repository:The GitHub repository name.
- branch:The GitHub branch to use when checking out the code.
- 供应商:包中使用的供应商名称
composer.json。 - package-name:包的
composer.json. - 任意版本:随机版本号;不需要在 GitHub 中作为一个版本存在。
- github-username:存储库所在的 GitHub 用户帐户。
- github-repository:GitHub 存储库名称。
- 分支:检出代码时使用的 GitHub 分支。
The two things that gave me the greatest issue was the colon (:) does not (should not?) be followed by a forward slash (/). Don't forget to put .gitat the end of the url.
给我带来最大问题的两件事是冒号 ( :) 后面没有(不应该?)正斜杠 ( /)。不要忘了把.git在的结束url。
Points of conjecture and uncertainty:
猜想点和不确定性:
- I'm not sure what would happen if you change the
package.namemember to something incorrect. In other words, I don't know if this is an internal reference forrequirealone; or, if there will be something else happening there. - I'm not sure if the branch actually changes anything and I'm not in a position to test.
- 我不确定如果您将
package.name成员更改为不正确的内容会发生什么。换句话说,我不知道这是否是require单独的内部参考;或者,如果那里会发生其他事情。 - 我不确定分支是否真的改变了任何东西,而且我无法进行测试。
