Following my article "Securely Access Private Git Repositories and Composer Packages in Docker Builds" and this discussion on Twitter, here is an example of how to use an auth.json
file mounted as a Docker secret file to download private Composer packages.
First, create a local auth.json
file containing a GitHub Personal Access Token and update composer.json
to reference a private package:
{
"github-oauth": {
"github.com": "ghp_<your-token>"
}
}
Build with Docker Compose: docker compose build
Build with Docker: docker build --secret id=composer_auth,src=auth.json .