Configuring composer.json with private Bitbucket M

2020-07-10 11:30发布

问题:

My project uses my own library which is in the private Mercurial repository placed on bitbucket.org. That library has no composer.json configured.

I try to make that library as a dependency to my project.

Firstly I wrote to composer.json the following strings:

{
"require": {
    "php": ">=5.4",
    "myname/mylibname": "dev"
},

"repositories":[
    {
        "type": "hg",
        "url" : "https://bitbucket.org/myname/mylibname"
    }
]
}

And running composer install I've got an error:

[RuntimeException]
Failed to clone https://bitbucket.org/myname/mylibname, could not read packages from it
abort: http authorization required

Than I changed "type": "hg" to "type": "vcs" and got another error:

[Composer\Repository\InvalidRepositoryException]
No valid composer.json was found in any branch or tag of https:/***/mylibname, could not load a package from it.

After additional reading of documentation I added description of my library to the composer.json of my project, and it began to look so:

{
"require": {
    "php": ">=5.4",
    "myname/mylibname": "dev"
},

"repositories":[

    {
        "type": "vcs",
        "url" : "https://bitbucket.org/myname/mylibname"
    },
    {
        "type":"package",
        "package":{
            "name":"myname/mylibname",
            "version": "dev",
            "source":{
                "type":"vcs",
                "url":"https://bitbucket.org/myname/mylibname",
                "reference":"dev"
            }
        }
    }
]}

The same error occured:

[Composer\Repository\InvalidRepositoryException]
No valid composer.json was found in any branch or tag of https:/***/mylibname, could not load a package from it.

I removed the part:

        {
        "type": "vcs",
        "url" : "https://bitbucket.org/myname/mylibname"
    },

and got an error:

[InvalidArgumentException]
Unknown downloader type: vcs. Available types: git, svn, hg, perforce, zip, rar, tar, gzip, phar, file.

I changed "type": "vcs" back to "type": "hg", composer.json looks like:

{
"require": {
    "php": ">=5.4",
    "myname/mylibname": "dev"
},

"repositories":[
    {
        "type":"package",
        "package":{
            "name":"myname/mylibname",
            "version": "dev",
            "source":{
                "type":"hg",
                "url":"https://bitbucket.org/myname/mylibname",
                "reference":"dev"
            }
        }
    }
]}

and an error:

[RuntimeException]
Failed to execute hg clone 'https:/***/mylibname' '/path/to/myproject' abort: http authorization required

The structure of my auth.json, which lies besides of composer.json is:

{
"http-basic": {
    "bitbucket.org": {
        "username": "myusername",
        "password": "mypassword"
    }
}
}

回答1:

Seems like bitbucket-oauth method is buggy in the current state as of 1.1 of composer. This means that either you must have setup the SSH key on the client or if you are like me and cant setup keys because of deployment server, you will have to use basic auth.

The only way I got this working was:

~/.composer/auth.json

{
    "http-basic": {
        "bitbucket.org": {
            "username": "bitbucketUsername",
            "password": "PasswordToBitbucket"
        }
    }
}

composer.json

"repositories": [
        {
            "url": "https://username@bitbucket.org/username/my-package.git",
            "type": "git"
        }

],
"require": {
        "username/my-package": "dev-master"
},


回答2:

Composer as of version 1.2.0 have sorted this with bitbucket oauth, this is a much better method than ssh-keys if multiple developers are working on a project as the auth.json can stay within the project repository (if it's private) and only has to be setup once.

auth.json

{
    "bitbucket-oauth": {
        "bitbucket.org": {
            "consumer-key": "key",
            "consumer-secret": "secret"
        }
    }
}

composer.json

"repositories":[
        {
            "type": "vcs",
            "url":  "git@bitbucket.org:path/to.git"
        }
    ]


回答3:

That didn't quite work for me, but it got me pointed into the right direction. Make sure you get your SSH key installed to access it via git@.

{
"repositories": [
{
  "type": "package",
  "package": {
    "name": "myname/mylibname",
    "version": "master",
    "source": {
      "type": "git",
      "url": "git@bitbucket.org:myname/mylibname.git",
      "reference": "master"
    }
  }
}
]
}


回答4:

Just remove https://. Works for me :)

{
"require": {
    "php": ">=5.4",
    "myname/mylibname": "dev"
},

"repositories":[
    {
        "type":"package",
        "package":{
            "name":"myname/mylibname",
            "version": "dev",
            "source":{
                "type":"hg",
                "url":"bitbucket.org/myname/mylibname",
                "reference":"dev"
            }
        }
    }
]}


回答5:

One comment on my end. I have tested above scenarios I encountered on composer suggestion that repository needs to have at least one stable version.

https://getcomposer.org/doc/04-schema.md#minimum-stability

Due to this, I used "dev" TAG along with SSH connection and it works.

{
    "require": {
        "php": ">=5.4",
        "myname/mylibname": "dev"
    },

    "repositories":[
    {
        "type":"package",
        "package":{
            "name":"myname/mylibname",
            "version": "dev",
            "source":{
                "type":"git",
                "url":"git@bitbucket.org:myname/mylibname.git",
                "reference":"dev"
            }
        }
    }
]}


回答6:

I thought I had best contribute to the confusion and share what configuration worked for me. Firstly, I absolutely could not get the recommended setup from composer to work. However, the following did:

1.Edit ~.composer/auth.json and configure the http-basic key.

{
    "bitbucket-oauth": {},
    "github-oauth": {},
    "gitlab-oauth": {},
    "gitlab-token": {},
    "http-basic": {
        "bitbucket.org": {
            "username": "USERNAME",
            "password": "PASSWORD"
        }
    }
}

2.Use the following to define the package in your composer.json (i.e. private repository). Also bare in mind this is not a personal BitBucket account, I am a part of a team so the USERNAME@bitbucket.org is MY username and second instance is the company (https://{USERNAME}@bitbucket.org/{USERNAME||VENDOR}/{REPO}.git).

"require": {
    "{USERNAME||VENDOR}/{REPO}": "dev-{BRANCH}
}
"repositories:" [
    {
        "type": "package",
           "package": {
            "name": "{USERNAME/VENDOR/REPO}",
            "version": "master",
            "source": {
                "url": 
                "https://{URL}",
                "type": "git",
                "reference": "master"
            }
        }
    }
]

Miscellaneous & noteworthy things to consider:

  • I did not use access keys
  • I do have my SSH key on BitBucket
  • I am an administrator on BitBucket
  • I am target the master branch
  • There are NO tags on the repository
  • Minimum stability is set to dev
  • You will need to add the autoload options to the package (see this)

I hope this helps anyone frustrated by this, it defintely seems as though everybody has issues. Thanks to @Tomasz Czechowski for providing the answer that eventually got this working for me!