Satis Control Panel (SCP) is a simple web UI for managing your Satis Repository for Composer Packages.

Overview

Scrutinizer Code Quality Build Status

Satis Control Panel

Satis Control Panel (SCP) is a simple web UI for managing your Satis Repository for Composer Packages.

SCP backend is written in Laravel and with a React + Typescript combo.

Features

  • simple UI for managing your Satis configuration file for both - private packages and public packages mirrored from Packagist
  • no database required - only PHP and optional Nodejs server for automatic generation of Satis configuration file
  • RESTful API for integration with CI services
  • SCP comes with Atlassian plugins for Bamboo and Stash to ease managing package building
  • Cron job for automatic build of public packages mirrored from Packagist

Installation

You can install SCP directly with Composer by running

composer create-project realshadow/satis-control-panel [--stability-dev]

After that you can rename example.env to .env and set required configuration options.

Building javascript

npm run build

// or

npm run build-win

During development you can start Webpack dev server with

npm start

or run Gulp watcher for less files with

gulp watch

Satis configuration file

In resources/ directory you will find satis.json.dist file which holds default Satis configuration, copy this file and rename it to satis.json and edit the name and homepage property.

cp resources/satis.json.dist resources/satis.json

When you are done, you have to set correct permissions for your configuration file for web user. E.g. www-data, should be able to read/write this file). More in next Permissions section.

Permissions

For building to work correctly you have to set correct permissions to few directories/directories:

  • bootstrap/cache/
  • storage/
  • public/private/
  • public/public/
  • resources/satis.json

Each directory/file should be readable/writable by web user, e.g. www-data. For example:

chmod -R ug+rwx bootstrap/cache storage public/private public/public
chmod ug+rwx resources/satis.json

Webserver setup

Your document root should point to the public folder in the root as per default Laravel setup

Apache - example vhost

<VirtualHost *:80>
        ServerName satis.example.com

        DocumentRoot /var/www/html/satis.example.com/public
</VirtualHost>

Nginx - example vhost

server {
        listen   80 default_server;

        root /var/www/html/satis.example.com/public;
        index index.php index.html index.htm;

        location / {
             try_files $uri $uri/ /index.php$is_args$args;
        }

        # pass the PHP scripts to FastCGI server liste_ning on /var/run/php5-fpm.sock
        location ~ \.php$ {
                try_files $uri /index.php =404;
                fastcgi_pass unix:/var/run/php5-fpm.sock;
                fastcgi_index index.php;
                fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
                include fastcgi_params;
        }
}

Visiting your control panel and generated packages

The control panel is located at http://{host}/control-panel and the packages will be generated (after first build of course) at http://{host}/public and http://{host}/private respectively.

Separating them like this adds a bit more configuration options. If for example you want to only use private packages, you can change the directory of private_repository configuration option to public instead of public/private and have your packages generated at http://{host} and still have a functioning control panel.

Configuration options

Here is a list of configuration options that can be set in config/satis.php (some of them can be set in .env file as well for convenience):

Option Description Default value Can be set in .env
config Path to satis configuration file resources/satis.json Yes
composer_home Composer home directory (thi storage/composer Yes
composer_cache Composer cache directory storage/composer/cache Yes
memory_limit Memory limit that will be set before running Satis build command 2G No
build_verbosity Verbosity of Satis build command (more info will be stored in logs) vvv No
private_repository Directory where Satis will generate private repository. This also serves as a way to distinguish public and private repositories in repository address, e.g. satis.example.com/private private No
public_repository Directory where Satis will generate public repository. This also serves as a way to distinguish public and private repositories in repository address, e.g. satis.example.com/public public No
proxy.http Proxy address that will be used by Satis/Composer for HTTP requests null Yes
proxy.https Proxy address that will be used by Satis/Composer for HTTPS requests null Yes
proxy.https See https://www.selenic.com/mercurial/hg.1.html#environment-variables for details null Yes

Note: if you change the default directory, remember to set correct permissions for your new directory.

How it works

SCP manages a single Satis configuration file which is generated on the fly when specific UI actions are performed. During each generation cycle the file is split into public and private repository configuration file, because private packages use funcionality that doesn't work well with Packagist (it will try to mirror whole Packagist repository).

Besides adding, editing and removing packages/repositories from configuration file, UI allows you to build/rebuild every package or run a complete rebuild of all registered packages/repositories.

Build process can run synchronously or asynchronously (by redirecting output to /dev/null and spawning a new process). By default, all builds run asynchronously, except on Windows where they are forced to run synchronously. This can be also forced during during API request by setting async_mode to false.

Missing or broken mirrored configuration files

Since the configuration files mirroring is triggered by any UI action, it is not always the correct behaviour. If you want to manually trigger config generation, for example when you make changes directly on the server, you can trigger the config generation with this artisan command

php artisan satis:make:config

UI State

During build process whole UI is locked. During asynchronous builds UI state is handled by Node server, but running it is completely optional.

It can be started with

npm run server

and will run on port 9010 by default. This can be changed in node/config.json file.

If for some reason UI will stay locked even though no packages are currently being build, it can be unlocked by running:

php artisan satis:persister:unlock

Composer auth

Composer file auth.json can be put in COMPOSER_HOME directory where you can put your Github token or credentials for needed for private repositories.

Private packages

Private packages are identified by repository URL address. When you will add/edit a new repository you can choose its type. By default, all repositories are considered as VCS repository. Building and rebuilding is handled by partial update functionality introduced in this PR only repositories that have a URL can be managed in UI. Those include:

  • vcs
  • hg
  • pear
  • composer
  • artifact
  • path

Adding support for more repository types is planned in future.

Private packages use the repositories config key with require-all options set to true, thus all known packages are taken out of registered repositories, which means that Packagist must be disabled by default. This is handled when configs are split into private public part.

Public (packagist) packages

Public packages are used for mirroring of existing packages that can be installed from Packagist if you are behind a corporate proxy, thus speeding up overall development and deployment time.

All packages added here are fully mirrored with all their dependencies (but we still skip dev-dependencies). Currently only one version constraint is used and that's * so we can get a complete packagist clone.

Adding support for custom version constraints is planned in future.

Since full rebuild in this case could potentionally take few hours, you can use provided Cron task for a daily rebuild (see Cron task section).

Note though that you should not try to mirror whole Packagist repository!

RESTful API

SCP comes with built in API for esier integration with your favorite CI solution.

Private packages

Private packages use md5 encoded repository url as ID.

  • get all repositories
GET control-panel/api/repository
  • get one repository
GET control-panel/api/repository/{repository_id}
  • add new repository
POST control-panel/api/repository
{
    'url': 'foo',
    'type: 'bar'
}
  • update existing repository
PUT control-panel/api/repository/{repository_id}
{
    'url': 'foo',
    'type: 'bar'
}
  • delete existing repository
DELETE control-panel/api/repository/{repository_id}

All methods return HTTP 404 if no repository is found.

Note: same API can be used for public packages as well by replacing repository by package. Although remote control of public packages is not necessary.

Additional API options

During both POST and PUT requests two additional options can be provided:

  • async_mode - true/false => if the build should run synchronously or asynchronously (all builds run asynchronously by default)
  • disable_build - true/false => if set to true Satis build command won't be run

Logs

All logs can be found in storage/logs directory. Logs are divided into:

  • api_request.log - logs all API requests
  • builder_async.log - logs all builds that run asynchronously, keep in mind that each asynchronous build has its own log file in async subdirectory identified by its timestamp
  • builder_sync.log - logs all builds that run synchronously
  • cron.log - for cron task logs

Cron task

Since mirroring of public packages can take some time and running full rebuild from UI is not a good idea, because this will lock it during the build process, SCP comes with a built in cron task that runs daily and will rebuild all repositories. It can be triggered with a cron entry similar to this:

* * * * * php /path/to/satis-folder/artisan schedule:run >> /dev/null 2>&1

Alternatively, you can add this cron entry:

00 00 * * * curl --request POST --header "Content-Length: 0" --header "X-Requested-With: XMLHttpRequest" http://{scp-url-address}/control-panel/build-public

This can be used for private packages as well

00 00 * * * curl --request POST --header "Content-Length: 0" --header "X-Requested-With: XMLHttpRequest" http://{scp-url-address}/control-panel/build-private

Atlassian plugins

SCP was created in an environment which uses Atlassian Stash and Bamboo as part of CI and thus two plugins were needed to completely integrate Composer packages into our build process.

  • Stash Satis Build Hook - a post receive hook that will register and trigger a build/rebuild of your package in SCP (if you want to skip deployment process)
  • Bamboo Satis Build - a deployment task for rebuilding currently deployed Composer package in Satis repository

Both use partial update functionality which was introduced in this PR.

TODO

  • option to import composer.lock file for public packages
  • option to use more types of private packages
  • option to write custom version constraints for public packages
  • option to see what's going during long running builds of public packages
  • better handling of race conditions during simultaneous writes/reads
  • authentification? (this can be simply handled with htpasswd)
  • ????

PR's are welcome

Alternatives

Comments
  • Confusion about public/private

    Confusion about public/private

    When ever I hit the build button, I get a json file for public and private created in my storage/app folder, but nothing under public/public or public/private folders.

    Am I missing something? The only thing I can't get working here is the npm server, which I'm not interested in anyway for my production environment.

    Permissions are fine, everything seemed to set up fine, I can access the control panel fine and add repos fine. When I hit build the only thing that doesn't happen is a resulting satis file that can be read from the browser.

    Has anyone else come across this issue?

    opened by ghost 9
  • Can't add VCS repositories with ssh acces

    Can't add VCS repositories with ssh acces

    When I want to add a git repository using ssh instead of http(s) the form denies it. I guess this is because the regexp checks for http(s). Satis still can manage git repositories over ssh.

    enhancement 
    opened by jdoubleu 9
  • npm run server

    npm run server

    [root@localhost satis-control-panel]# npm run server
    
    > @ server /var/www/vhosts/satis.example.com/satis-control-panel
    > node node/server.js
    
    
    fs.js:439
      return binding.open(pathModule._makeLong(path), stringToFlags(flags), mode);
                     ^
    Error: ENOENT, no such file or directory ''
        at Object.fs.openSync (fs.js:439:18)
        at Object.fs.readFileSync (fs.js:290:15)
        at Object.<anonymous> (/var/www/vhosts/satis.example.com/satis-control-panel/node/server.js:11:15)
        at Module._compile (module.js:456:26)
        at Object.Module._extensions..js (module.js:474:10)
        at Module.load (module.js:356:32)
        at Function.Module._load (module.js:312:12)
        at Function.Module.runMain (module.js:497:10)
        at startup (node.js:119:16)
        at node.js:935:3
    npm ERR! weird error 8
    npm ERR! not ok code 0
    
    [root@localhost satis-control-panel]# node -v
    v0.10.42
    
    [root@localhost satis-control-panel]# npm -v
    1.3.6
    
    question 
    opened by MiteshShah 6
  • Dist satis.json and generated satis fails schema validation

    Dist satis.json and generated satis fails schema validation

    In the satis configuration, the require property is an array by default "require":[], however, this fails validation as the schema requires it to be an object "require":{}.

    https://github.com/composer/satis/blob/master/res/satis-schema.json

    bug 
    opened by LavaToaster 6
  • node server.js need to support SSL as well

    node server.js need to support SSL as well

    We installed satis-control-panel for using it with composer. It look like it's easier to have it using https unless you want to always have ""secure-http": "false"" in the composer.lock. So we put the site under SSL with a self-signed cert but now is the thing : the node server.js is not able to handle https on requests. So either you d'ont use async builds, either you have a Mixed content error :

    2016-03-09 15_35_46-new notification

    Is there a way where the node server can handle https ?

    question 
    opened by fredleger 6
  • missing documentation for webserver setup

    missing documentation for webserver setup

    I think it miss some infos about how to configure exactly your webserver. How the DocumentRoot is setup ? some rewrite rules ? laravel specific setup ?

    After many hours i ended up with a 404 on /api ans i feel a bit frustrated

    enhancement help wanted 
    opened by fredleger 5
  • Error when trying to build repository

    Error when trying to build repository

    Every time when trying to build added VCS exception raising:

    [Composer\Json\JsonValidationException]

    The json config file does not match the expected JSON schema

    Exception trace: () at /home/ell/Development/satis-control-panel/vendor/composer/satis/src/Composer/Satis/Command/BuildCommand.php:282 Composer\Satis\Command\BuildCommand->check() at /home/ell/Development/satis-control-panel/vendor/composer/satis/src/Composer/Satis/Command/BuildCommand.php:128 Composer\Satis\Command\BuildCommand->execute() at /home/ell/Development/satis-control-panel/vendor/symfony/console/Command/Command.php:256 Symfony\Component\Console\Command\Command->run() at /home/ell/Development/satis-control-panel/vendor/symfony/console/Application.php:841 Symfony\Component\Console\Application->doRunCommand() at /home/ell/Development/satis-control-panel/vendor/symfony/console/Application.php:189 Symfony\Component\Console\Application->doRun() at /home/ell/Development/satis-control-panel/vendor/composer/satis/src/Composer/Satis/Console/Application.php:52 Composer\Satis\Console\Application->doRun() at /home/ell/Development/satis-control-panel/vendor/symfony/console/Application.php:120 Symfony\Component\Console\Application->run() at /home/ell/Development/satis-control-panel/bin/satis:26

    build [--repository-url [REPOSITORY-URL]] [--no-html-output] [--skip-errors] [--] [] [] []...

    bug 
    opened by antonkomarev 5
  • Satis version was updated with errors

    Satis version was updated with errors

    Satis version was updated and now control panel is not working properly:)

    PHP Warning: require(/var/www/html/satis/bin/../vendor/composer/satis/src/bootstrap.php): failed to open stream: No such file or directory in /var/www/html/satis/bin/satis on line 7 PHP Fatal error: require(): Failed opening required '/var/www/html/satis/bin/../vendor/composer/satis/src/bootstrap.php' (include_path='.:/usr/share/php') in /var/www/html/satis/bin/satis on line 7

    bootstrap file was removed in latest satis release

    opened by vitman 4
  • Types of `path` and `artifact` can't work because of URL validation

    Types of `path` and `artifact` can't work because of URL validation

    As the title states, the path (/local/path/to/repo) won't validate the with the URL validation when trying to use Path or Artifact types.

    I'd recommend dropping the URL validation all together and let the user assume they are entering what they need. URL validation also currently requires a URL ending in .git, which precludes Mercurial repos from working.

    opened by mattzuba 3
  • Update Satis release

    Update Satis release

    It seems satis-control-panel is currently composering in "version": "1.0.0-alpha2" of Satis.

    As far as I can tell, this version is showing symptoms of #377 and was resolved with #378. It is trying to mirror all of packagist when I only want private repositories.

    I have asked them to issue a new release where this bug has been fixed, 1.0.0-alpha3. I have updated locally and it seems to have fixed this issue, but I am not certain if it is compatible.

    opened by rpwashburn 3
  • problem connecting to api

    problem connecting to api

    Hello i ve made alll my configuration but I end up with 404 not found for both the UI or a curl request to the api.

    I m using apache2 to host statis-control-panel my apache virtual host configurations is

    <VirtualHost *:9001> ServerAdmin webmaster@localhost ServerName satis DocumentRoot /var/www/satis ErrorLog ${APACHE_LOG_DIR}/error_satis.log CustomLog ${APACHE_LOG_DIR}/access_satis.log combined </VirtualHost>

    with a symbolic link satis -> /opt/satis-control-panel/public/

    Node server is working fine and can acces the UI at http://my.domain/control-panel

    but i get a POST http://my.domain:9001/control-panel/api/package 404 (Not Found)

    opened by dukeDanjou 3
  • Node compatible versions and New install error

    Node compatible versions and New install error

    Hello I'm trying to install using composer. but there's an error in installation.

    • RHEL 7
    • Node 14
    • PHP 7.2
    
    > node_modules/.bin/gulp init
    fs.js:41
    } = primordials;
        ^
    
    ReferenceError: primordials is not defined
        at fs.js:41:5
        at req_ (/apps/www/php7_desenvolvimento/html/aplicacao/[--stability-dev]/node_modules/natives/index.js:143:24)
        at Object.req [as require] (/apps/www/php7_desenvolvimento/html/aplicacao/[--stability-dev]/node_modules/natives/index.js:55:10)
        at Object.<anonymous> (/apps/www/php7_desenvolvimento/html/aplicacao/[--stability-dev]/node_modules/graceful-fs/fs.js:1:37)
        at Module._compile (internal/modules/cjs/loader.js:1076:30)
        at Object.Module._extensions..js (internal/modules/cjs/loader.js:1097:10)
        at Module.load (internal/modules/cjs/loader.js:941:32)
        at Function.Module._load (internal/modules/cjs/loader.js:782:14)
        at Module.require (internal/modules/cjs/loader.js:965:19)
        at require (internal/modules/cjs/helpers.js:88:18)
    Script node_modules/.bin/gulp init handling the post-install-cmd event returned with error code 1
    

    Which Node version should I use?

    opened by pedrolsazevedo 0
  • sh: 1: webpack-dev-server: not found

    sh: 1: webpack-dev-server: not found

    Hello! After installing the project with "composer create-project realshadow/satis-control-panel scp" and running the "npm run build" command, trying to run the "npm start' give me the "sh: 1: webpack-dev-server: not found" error. Inspecting the package.json file, I could see the command (npm start) mapping to the "webpack-dev-server (...)'.

    The package assumes the environment to have a global installation of its dependencies? If yes, I think it does not seem interesting.

    Has anyone faced with this problem?

    opened by bryandidur 0
  • Add option providers-history-size

    Add option providers-history-size

    We use option providers: yes. In this case happen https://github.com/composer/satis/issues/494 The fix - is use option providers-history-size (https://github.com/composer/satis/pull/472), which was added in 1.x branch of satis. So add support of providers-history-size option in SCP

    opened by dubrsl 0
  • WIP: Docker

    WIP: Docker

    docker-compose.yml for building development and production docker containers

    Production ready dockerfiles

    • [ ] application
    • [x] webserver
    • [x] cron runner
    • [ ] nodejs server
    opened by freezy-sk 0
Releases(1.1.0)
Owner
Lukáš Homza
No.
Lukáš Homza
A functional and simple rate limit control to prevent request attacks ready-to-use for PHP.

RateLimitControl A functional and simple rate limit control to prevent request attacks ready-to-use for PHP. Features: Prepared statements (using PDO)

b(i*2)tez 5 Sep 16, 2022
Composer package providing HTTP Methods, Status Codes and Reason Phrases for PHP

HTTP Enums For PHP 8.1 and above This package provides HTTP Methods, Status Codes and Reason Phrases as PHP 8.1+ enums All IANA registered HTTP Status

Alexander Pas 72 Dec 23, 2022
Plug & Play [CURL + Composer Optional], Proxy as a Service, Multi-tenant, Multi-Threaded, with Cache & Article Spinner

?? .yxorP The SAAS(y), Multitenancy & Augmenting Web Proxy Guzzler is a 100% SAAS(y) plug-and-play (PHP CURL+Composer are Optional) solution that leverages SAAS architecture to provide multi-tenancy, multiple threads, caching, and an article spinner service.

4D/ҵ.com Dashboards 12 Nov 17, 2022
phpWhois general repository

Introduction This package contains a Whois (RFC954) library for PHP. It allows a PHP program to create a Whois object, and obtain the output of a whoi

PHP Whois 308 Dec 31, 2022
PHP Curl Class makes it easy to send HTTP requests and integrate with web APIs

PHP Curl Class: HTTP requests made easy PHP Curl Class makes it easy to send HTTP requests and integrate with web APIs. Installation Requirements Quic

null 3.1k Jan 5, 2023
Simple handler system used to power clients and servers in PHP (this project is no longer used in Guzzle 6+)

RingPHP Provides a simple API and specification that abstracts away the details of HTTP into a single PHP function. RingPHP be used to power HTTP clie

Guzzle 846 Dec 6, 2022
A simple PHP Toolkit to parallel generate combinations, save and use the generated terms to brute force attack via the http protocol.

Brutal A simple PHP Toolkit to parallel generate combinations, save and use the generated terms to apply brute force attack via the http protocol. Bru

Jean Carlo de Souza 4 Jul 28, 2021
Simple PHP curl wrapper class

php-curl The smallest possible OOP wrapper for PHP's curl capabilities. Note that this is not meant as a high-level abstraction. You should still know

Andreas Lutro 243 Dec 5, 2022
A simple script i made that generate a valid http(s) proxy in json format with its geo-location info

Gev Proxy Generator GPG is a simple PHP script that generate a proxy using free services on the web, the proxy is HTTP(s) and it generate it in json f

gev 1 Nov 15, 2021
Zenscrape package is a simple PHP HTTP client-provider that makes it easy to parsing site-pages

Zenscrape package is a simple PHP HTTP client-provider that makes it easy to parsing site-pages

Andrei 3 Jan 17, 2022
A HTTP Cache for Guzzle 6. It's a simple Middleware to be added in the HandlerStack.

A HTTP Cache for Guzzle 6. It's a simple Middleware to be added in the HandlerStack.

Kevin Robatel 371 Dec 17, 2022
A simple yet powerful HTTP metadata and assets provider for NFT collections using Symfony

Safe NFT Metadata Provider A simple yet powerful HTTP metadata and assets provider for NFT collections using Symfony.

HashLips Lab 66 Oct 7, 2022
Simple HTTP cURL client for PHP 7.1+ based on PSR-18

Simple HTTP cURL client for PHP 7.1+ based on PSR-18 Installation composer require sunrise/http-client-curl QuickStart composer require sunrise/http-f

Sunrise // PHP 15 Sep 5, 2022
A simple OOP wrapper to work with HTTP headers in PHP

Headers This package is to allow you to create HTTP Headers in PHP, in a simple and reliable way. Installation composer require http-php/headers Usage

null 5 Aug 9, 2022
Requests for PHP is a humble HTTP request library. It simplifies how you interact with other sites and takes away all your worries.

Requests for PHP Requests is a HTTP library written in PHP, for human beings. It is roughly based on the API from the excellent Requests Python librar

null 3.5k Dec 31, 2022
Record your test suite's HTTP interactions and replay them during future test runs for fast, deterministic, accurate tests.

This is a port of the VCR Ruby library to PHP. Record your test suite's HTTP interactions and replay them during future test runs for fast, determinis

php-vcr 1.1k Dec 23, 2022
Supercharge your app or SDK with a testing library specifically for Guzzle

Full Documentation at guzzler.dev Supercharge your app or SDK with a testing library specifically for Guzzle. Guzzler covers the process of setting up

null 275 Oct 30, 2022
Requests for PHP is a humble HTTP request library. It simplifies how you interact with other sites and takes away all your worries.

Requests for PHP Requests is a HTTP library written in PHP, for human beings. It is roughly based on the API from the excellent Requests Python librar

null 3.5k Dec 31, 2022