Add ddev auth composer command
#1641
Comments
|
Thanks for this request. #926, which is on the roadmap, will allow bashrc and related config to be copied over, and it seems reasonable to try the composer auth as well. Note though that many people are running composer only in the container these days, especially on Windows, so there may not be auth in ~/.composer. |
Just wondering how they manage their composer credentials. |
|
Maybe you can mention why use simple credentials instead of ssh auth. I guess I'm surprised at at the local storage of credentials, but not familiar with satis. |
|
We have some private composer packages which we create using satis. Satis only supports basic auth with credentials. Couldn't find another way to authenticate a user against satis. Is there a way to use ssh auth for satis? haven't seen any docs regarding this. |
|
It looks like kind of a standard use case, see https://getcomposer.org/doc/articles/handling-private-packages-with-satis.md
|
|
Yep, but we use Satis to generate the JSON file + archives for each package and version which are stored in a dist-Folder. See: https://satis.knallimall.org/ So the download-path of the packages is something like this: (except for branches) |
|
Thanks for helping me understand. I do think if you can figure out how to use ssh auth, which should absolutely be possible, your situation will be much more secure. Plain-text credentials in files, even on a dev machine, are always questionable. Of course, they may make you question why you use a private repository too. |
|
Yep, plain-text passwords are not good at all. Quickly tried to create an additional command for this (just wanted to see the command to show up):
|
|
How about a But I imagine it's possible to have many user/pass combinations in one composer auth right? |
You mean
YES |
|
One way to do this right now (from https://getcomposer.org/doc/articles/handling-private-packages-with-satis.md) is to just use So you could easily create a post-start hook or (in v1.9 a post-composer hook) to set the username and password. I think this is probably a better option in general. |
|
There is a much easier way to provide composer access data within ddev. Just create a file named |
|
A couple of notes:
|
|
Is it reasonable to close this issue now that |
|
yes :-) Thank you |
|
@rfay I just came across this while trying to figure out this issue and Edit: I'm dumb and didn't search the docs site. See In-Container Home Directory and Shell Configuration |
ddev has has a already built in command for adding your maschines ssh keys to the containers (
ddev auth ssh)When using a private composer repository generated by satis which is behind a basic auth it would be awesome to copy credentials to the container using
ddev auth composerddev auth composerneed to copy/Users/USERNAME/.composer/auth.jsonto/home/.composer/auth.jsonin the web container.The text was updated successfully, but these errors were encountered: