Question
When I'm trying to install dependency from my private repository, I'm getting the following error:
https://stackoverflow.com/questions/22472639
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
Russian> php.exe composer.phar update
Loading composer repositories with package information
[RuntimeException]
Failed to clone https://my.stash.repo/scm/lib/my-super-lib.git, could no
t read packages from it
fatal: Authentication failed for 'https://my.stash.repo/scm/lib/my-super-lib.git/'
update [--prefer-source] [--prefer-dist] [--dry-run] [--dev] [--no-dev] [--lock] [--no-plugins] [--no-custom-installers] [--no-scripts] [--no-progress] [--with-dependencies] [-v|vv|vvv|--verbose] [-o|--optimize-autoloader] [packages1] ... [packagesN]
Process finished with exit code 1 at 10:57:04.
Execution time: 1 996 ms.
Relevant composer.json part looks as following:
"require": {
"php": ">=5.3.0",
"scaytrase/my-super-lib": "1.1"
},
"repositories": [
{
"type": "vcs",
"url": "https://my.stash.repo/scm/lib/my-super-lib.git"
}
],
If I set username and password directly like
"url": "https://username:password@my.stash.repo/scm/lib/my-super-lib.git"
composer operations work just fine. But I dont't want store plaintext credentials.
Is there a way to make composer ask username and password each time?
Repository is Atlassian Stash with https nginx in front of it (both https and http were tested)
Composer version 70a20ebcc19f1ea8ab0954a4fbdce208b30085e7 2014-03-12 16:07:58
EDIT:
For now I perform git clone --mirror by myself to populate composer's cache and then I just run composer install or composer update as usual (but It says it cannot update package info sometimes)
code:
$command = sprintf('git clone --mirror %s %s', escapeshellarg($this->url), escapeshellarg($this->repoDir));
if (0 !== $this->process->execute($command, $output)) {
$output = $this->process->getErrorOutput();
if (0 !== $this->process->execute('git --version', $ignoredOutput)) {
throw new \RuntimeException('Failed to clone '.$this->url.', git was not found, check that it is installed and in your PATH env.' . "\n\n" . $this->process->getErrorOutput());
}
throw new \RuntimeException('Failed to clone '.$this->url.', could not read packages from it' . "\n\n" .$output);
}
manual git clone --mirror works just fine and asks for my credentials. But composer (which obviously executes the same command) - it does not.
EDIT2
It seems to be PHP Storm 8 EAP problem which i'm using. Latest stable version requires authentication correctly during composer install, but not during composer update.
Solution
Seems to be a bug in latest PhpStorm 8 EAP 134.1456. PhpStorm 7.1.3 works with composer like command line (identical behavior) and performs composer install fine (but not composer update, but command line fails this too).
I'have submitted a bugreport
EDIT
My bugreport to composer has been replaced by this
UPD2
For now question is totally not actual. Composer handles authentication correctly and also asks to store credentials in COMPOSER_HOME/auth.json
OTHER TIPS
You could setup an encrypted file with those http credential, in order for git to use them from that encrypted file.
That supposes a running gpg agent able t provide the unique password needed to access that credentials gpg-encrypted file.
The url you would use would then be:
https://username@my.stash.repo/scm/lib/my-super-lib.git
That allows git to ask to its credential helper for the right password (the one for 'username').
See "Is there a way to skip password typing when using https://github" for a concrete example.
