As a DevOps specialist for SABO, I received a request from our developers to use a private repo in composer.json file. Ideally, it should utilise a gitlab CI/CD to handle the build and deploy entirely. The question is how to do that.
Let me show you the way which worked for us.
In composer.json it looks like this:
{% c-block language="markdown" %}
…
…
"repositories": [
{
"type": "vcs",
"url": “git@gitlab.mydomain.com:my_awesome_repo.git”
…
…
{% c-block-end %}
If you want to use this, you will need three things:
1) Dockerfile with access to your awesome repo.
2) Correct GitLab variables.
3) Do not forget gitlab yaml.
1) Dockerfile needs access to your repo and best practice is setup id_rsa inside, like this:
{% c-block language="markdown" %}
…
…
RUN mkdir /root/.ssh && \
echo "$COMPOSER_CONFIG" > /root/.ssh/config && \
echo "$COMPOSER_KEY" > /root/.ssh/id_rsa && \
chmod 0600 /root/.ssh/id_rsa
…
…
{% c-block-end %}
This small script inside Dockerfile creates the id_rsa file at the correct path, exactly where the system needs it. But we need to use it via gitlab CI/CD and GitLab ENV.
2) In the Gitlab project ENV we need to create two new variables: COMPOSER_CONFIG and COMPOSER_KEY, where:
COMPOSER_KEY is the key that you (or some other gitlab user; best for me is to use composer_user) have in SSH KEY as a public key. Yes, COMPOSER_KEY is RSA KEY and COMPOSER_CONFIG has to be like this:
{% c-block language="markdown" %}
“Host *
StrictHostKeyChecking no
“
{% c-block-end %}
– exclude the quotation marks, BUT do add the one blank line in the end. This configuration will allow the clone to not ask for a fingerprint.
In GitLab the setup looks like this:
Notice the one blank line in the end!
3) gitlab-ci.yml must get the COMPOSER_KEY and COMPOSER_CONFIG at the correct stage. Don’t forget to add it there.
