With the release of Gitlab 13.2 this is now part of the Gitlab core making this project obsolet. Read more here: https://about.gitlab.com/releases/2020/07/22/gitlab-13-2-released/#manage-php-dependencies-with-the-gitlab-composer-repository
A composer repository for your Gitlab instance.
- Easy and fast setup, just add your Gitlab URL and a token!
- Automatically detects all repositories which have a composer.json
- Disk persisted caching for faster startup times
There are multiple ways to setup this service:
$ docker run --rm \
-e GCI_GITLAB_URL=https://git.yourdomain.com \
-e GCI_GITLAB_TOKEN="your token..." \
-v /path/to/gci-cachedir:/cache \
-p 4000:4000 \
atomicptr/gitlab-composer-integration
# Clone the repository
$ git clone git@github.com:atomicptr/gitlab-composer-integration.git
$ cd gitlab-composer-integration
# Build the service
$ go build
# Execute!
$ ./gitlab-composer-integration --gitlab-url=https://git.yourdomain.com \
--gitlab-token="your token..."
You can provide all options as command line argument or as environment variable.
The url of your Gitlab instance (for instance https://gitlab.mydomain.com)
A Gitlab user token with access to the repositories you want to serve via this service.
- Go to https://gitlab.mydomain.com/profile/personal_access_tokens (User Icon > Settings > Access Token)
- Enter a name, and the api and read_repository scope.
- Create and copy your token!
Time until the cache will be invalidated.
Location where the cache file will be stored
A comma seperated list of allowed vendors, for example:
$ ./gitlab-composer-integration ... --vendor-whitelist=psr,typo3,myvendor
Well... the port this service will be running as.
Timeout for requests to Gitlab.
Start without cache.
Secure your composer repository from prying eyes by protecting it with a basic HTTP auth. For an example scroll down a bit.
Just add this to your composer.json
{
"repositories": [
{
"type": "composer",
"url": "https://composer.yourdomain.com"
}
]
}
You can control the available projects via the Gitlab user token provided to the service. For instance you could create a seperate user for this service (recommended anyway) and allow/deny access to repositories.
Just use the HTTP Credentials option:
$ ./gitlab-composer-integration ... --http-credentials="username:password"
And within your composer.json you add the credentials like this:
{
"repositories": [
{
"type": "composer",
"url": "https://username:password@composer.yourdomain.com"
}
]
}
You can read more about HTTP basic authentication with composer here.
- Fetching data from Gitlab is quite naive in it's current state, this will probably not work very well if your Gitlab instance has thousands of composer repositories. Not a huge priority for me right now as I only have a few hundred composer projects in my Gitlab instance.
- Support for Gitlab webhooks to invalidate the cache.
MIT