New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
How to check in private repositories?? #236
Comments
@AltranoLabs do you have a valid composer.json in your git repo ? And can you paste the verbose output ? |
btw, this should probably be report to Composer as Packagist has no reason to hold a private repo, given it is a public composer repository |
running into this too. in my case this is not about the packagist running on packagist.org but about a local/private packagist installation serving a corporate network. i agree that private packages should not be listed in the public repo, but what about a private package repo (i.e. packagist)? isn't that a valid use case? |
@jketterl as far as I know packagist should have no problem handling it, given that you make sure the web user has access to the private repo. |
couldn't get it to work unfortunately. i imported the deploy ssh key to the web users' .ssh folder, which allowed me to do a "git clone" on a private repository on the command line, but i couldn't import it into packagist. i think i must add that i'm talking about private repositories on github. i read the code a bit, and as far as i can tell packagist will prefer the github api, which gives a 404 on private repositories. is there a way to force packagist to use the regular git driver instead of the github one? |
@jketterl this is strange, it should try a git clone if the api returns 404 and it's in non-interactive mode. |
i don't have any more information on this issue unfortunately, i tried searching for logfiles, but couldn't find anything relevant. is there a way to switch into verbose mode or something like that? the system has not gone anywhere near production yet, so basically i can configure it to whatever you tell me |
ok after digging around some more in the source code i found the real issue behind this one (and a solution, but i don't know if this will fix the OP's problem). i installed packagist on a pretty much standard debian base system, which means that apache will start up as root (to get port 80) and then switch to user "www-data". so the first problem was that i installed the ssh-keys into the wrong location (it seems they have to be in /root/.ssh, which is actually pretty handy given that the home directory for www-data is /var/www). your statement that it will try a git clone was true, however it still did not work because of the second problem i ran into: the debian default config does a "unset HOME" in /etc/apache2/envvars because (quoted from the file): "this won't be correct after changing uid". so what basically happend when i tried to add a private repository is that packagist tried to create $HOME/.composer which evaluated to /.composer (due to the missing HOME variable). of course the user www-data was not allowed to do this, and so the checkout failed, too. to fix this, i simply added the line "SetEnv HOME /tmp" to my packagist vhost definition, and now everything is fine :) why did this not happen with public repositories? maybe because with public repositories on github, the api provides enough information, so that packagist does not even get to the point where it actually tries a git clone. this is just a guess however. i thought i'd give you some detailed insight about this issue, since this could either be prevented by documentation, or even by checking the presence of the $HOME variable in code. |
for example ("git@altranolabs.tklapp.com:somebundle.git") gives me "No valid/supported repository was found at the given URL"
thanks
The text was updated successfully, but these errors were encountered: