Gitlab Composer repository

Overview

Gitlab Composer repository

Small script that loops through all branches and tags of all projects in a Gitlab installation and if it contains a composer.json, adds it to an index.

This is very similar to the behaviour of Packagist.org

See example.

Installation

  1. Run composer.phar install
  2. Copy confs/samples/gitlab.ini into confs/gitlab.ini, following instructions in comments
  3. Ensure cache is writable
  4. Change the TTL as desired (default is 60 seconds)
  5. Ensure an alias exists for /packages.json => /packages.php (.htaccess is provided)

Usage

Simply include a composer.json in your project, all branches and tags respecting the formats for versions will be detected.

By default, the package name must be equal to the path of the project. i.e.: my-group/my-project. This is not a design requirement, it is mostly to prevent common errors when you copy a composer.json from another project without changing its name. To enable support for differences between package names and project paths, set allow_package_name_mismatch to true in confs/gitlab.ini.

Then, to use your repository, add this in the composer.json of your project:

{
    "repositories": [
        {
            "type": "composer",
            "url": "http://gitlab-composer.stage.wemakecustom.com/"
        }
    ]
}

Caveats

While your projects will be protected through SSH, they will be publicly listed. If you require protection of the package list, I suggest this reading.

Author

Comments
  • added ability to add in a static reference to a 3rd party lib

    added ability to add in a static reference to a 3rd party lib

    I've needed to pull in 3rd party libraries as well so I don't have to manually list them in all of the composer.json files for different projects. I can change the static-repos.json sample to a different project if you want me to, just let me know.

    opened by pteague 6
  • Handling base64 encoded composer.json file

    Handling base64 encoded composer.json file

    Hello,

    I switched to Repository::getFile() because Repository::blob() returns the base64 string with a prefix which I did not want to take care of. This should solve issue #24 Best, Ramon

    opened by simare 4
  • Add

    Add "dist" node into packages pointing to gitlab zip download

    Hi,

    Great job with this script.

    It's no bug merely a suggestion for improvement. I don't even now if it's possible with the Gitlab API but it could be nice to add a dist node in the packages.json that point to the zip download URL in Gitlab to improve downloading through composer.

    David

    enhancement 
    opened by dada87 4
  • $repos->blob(..) returns array, updated to account

    $repos->blob(..) returns array, updated to account

    Under my gitlab install, $repos->blob(..) returns an array, not a string as expected. As I'm not sure if this is the same behaviour across the board added ternary statement to catch this.

    opened by CptLemming 4
  • Repository/project name must match vendor/package name

    Repository/project name must match vendor/package name

    First of all, I really like this project. :)

    I'm having one issue though: with the current code, the group/project must match vendor/package, otherwise libraries are not added to the generated package list.

    Since I have to deal with a bunch of packages who's vendor name is not a 1:1 match with the group name in GitLab, that means I cannot use this project as-is. I've got a rough implementation ready that does work, by using the name from composer.json in the default_branch as package name, My current implementation is not optimal ($fetch_ref is executed twice for the default_branch of every project) yet, but I wanted to ensure it worked first.

    If you guys are interested, I can whip up a PR with my changes (after getting rid of that double $fetch_ref call, obviously) - while most people probably won't have this problem, composer doesn't require that group/project is alwasy the same as vendor/package, so supporting such a setup doesn't sound like a terrible idea.

    enhancement 
    opened by jorygeerts 3
  • Unneeded security override?

    Unneeded security override?

    Currently .htaccess contains:

    Satisfy any
    Allow from all
    

    I think there is no need for that directives and in some cases can cause unexpected security issues

    opened by NITEMAN 2
  • Not compatible with 9.10.0 of m4tthumphrey/php-gitlab-api

    Not compatible with 9.10.0 of m4tthumphrey/php-gitlab-api

    Problem: Uncaught TypeError: Argument 1 passed to Gitlab\Client::__construct() must be an instance of Gitlab\HttpClient\Builder, string given around line 40 of packages.php.

    Solution:

    1. composer require php-http/curl-client guzzlehttp/psr7 php-http/message
    2. change $client = new Client($confs['endpoint']); to $client = Client::create($confs['endpoint']);
    3. Around line 184, always call ->all instead of ->accessible, as the method has been removed.
    opened by fonata 2
  • Use Gitlab API V4

    Use Gitlab API V4

    Update m4tthumphrey/php-gitlab-api to Version 9.0 with Guzzle 6 HTTP adapter. Change packages.php adapted to https://github.com/m4tthumphrey/php-gitlab-api/blob/9.0.0/UPGRADE.md

    opened by blankse 2
  • API method blob returns base64

    API method blob returns base64

    Hello, we are using gitlab in version 8.15.4 and Repository::blob api call returns an base64 encoded string instead of the file content. So building package.json is not longer working. I hope I did not overlook something obvious.

    Best, Ramon

    opened by simare 2
  • user account needs admin privileges due to use of all api call

    user account needs admin privileges due to use of all api call

    It seems the call to projects->all needs admin privileges. It should be possible to user the projects->accessible api in case of an unprivileged user account.

    opened by pniederlag 2
  • support for custom branches

    support for custom branches

    https://github.com/wemakecustom/gitlab-composer/blob/master/htdocs/packages.php#L82

    -        return array();
    +        $version = 'dev-'.$ref['name'];
    

    This did the trick for us.

    opened by Jimbolino 2
  • webhooks

    webhooks

    Webhooks

    This is feature allows to get immediately updates to the composer registry if a new version (tag) was released. It comes with a lot of new security settings e.g. a webhook token can be defined, that is used to authenticate requests from gitlab, and a webhook url that is used to define the self url in a secure way. also some ip settings to restrict access to certain ips. Performance of webhooks is good, because they write directly in the cache files and by that they are avoiding the cache to become stale.

    You may wonder about huge refactoring

    Refactoring was made to make the script make object oriented with the idea of being able to reuse things easier and to separate things into different files. There is room for improvements because not everything was refactored yet. BTW the old code had it's beauty, anyway when continuing adding features it will hopefully be a benefit to move into this object oriented direction.

    Outlook

    The webhooks can be used to preserve the cache for a long time, but there is a known limitation: deleting a version/tag is not covered by the current logic (because it is not my major use case) and should be implemented in future to make things feature complete. Based on the refactoring maybe someone will add more features. The new authentication layer would allow to add new features e. G. a gitlab token based authenticate as alternative or addition to the IP based authentication.

    enhancement 
    opened by keywan-ghadami-oxid 3
  • Allow update from gitlab web hook

    Allow update from gitlab web hook

    It'd be really nice to allow requests coming from gitlab webhooks update projects, or better yet just that one project associated with the webhook, so we don't have to wait for cron.

    It looks very easy to trigger update from webhook, but given the architecture, it looks a bit challenging to only update a given repository without checking all others. Any interest in this? It'd require a pretty decent refactor.

    enhancement 
    opened by jxn 3
  • Subtract a delta of 2 minutes from cache file mtime during comparison with project mtime

    Subtract a delta of 2 minutes from cache file mtime during comparison with project mtime

    Since version 8.7.1 Gitlab updates project.last_activity_at not more often than once in a minute. This leads to the problem, when project.last_activity_at < last commit datetime, and therefore to not updating the packages.json. @see: https://gitlab.com/gitlab-org/gitlab-ce/issues/22213

    opened by Radio 3
  • last_activity_at is restricted to one update per hour

    last_activity_at is restricted to one update per hour

    With GitLab CE Merge Request !6391 the last_activity_at column is restricted to one update per hour.

    Since the packages.php script relies on the last_activity_at value to determine if the packages.json needs to be updated in general and which project in perticular, you may now get an "outdated" packages.json if you push frequently.

    opened by NicoCa 9
  • allow for version branches, eg: 5.0.x-dev

    allow for version branches, eg: 5.0.x-dev

    I'm not sure how packagist internally works, but an example can be seen here:

    https://packagist.org/p/laravel/framework.json https://packagist.org/packages/laravel/framework https://github.com/laravel/framework/branches

    As you can see there is a "5.0.x-dev" that refers to the "5.0" branch on github.

    Based on what is written here: https://getcomposer.org/doc/02-libraries.md#branches

    I would suggest that any branch that looks like a version, should be listed as 5.0.x-dev

    enhancement 
    opened by Jimbolino 1
  • Allow to integrate multiple gitlabs

    Allow to integrate multiple gitlabs

    would be really awesome to change the code to allow access multiple gitlab instances.

    IMHO there are several steps to take:

    • convert settings file form ini to yaml
    • iterate over instances and then repos to get the needed information
    • put all the stuff into one file

    The yaml file may look like:

    m4tthumphrey:
      php-gitlab-api:
        instances:
          -
            apiToken: 'ASDFGHJKL12345678'
            endpointUri: 'http://gitlab.example.com/api/v3/'
          -
            apiToken: 'ASDFGHJKL12345678'
            endpointUri: 'http://gitlab.example.com/api/v3/'
          -
            apiToken: 'ASDFGHJKL12345678'
            endpointUri: 'http://gitlab.example.com/api/v3/'
    
    
    enhancement 
    opened by kaystrobach 4
Releases(2.0)
Owner
WeMakeCustom -- DEFUNCT
WeMakeCustom -- DEFUNCT
PSpec is a testing framework for PHP, influenced by RSpec and jest. 🧪 This repo is a MIRROR of the GitLab source repository.

PSpec PSpec is a testing framework for PHP, influenced by RSpec and jest. This project is experimental and still needs a lot of work. Example // src/C

CodingPaws 0 Mar 31, 2022
A composer plugin, to install differenty types of composer packages in custom directories outside the default composer default installation path which is in the vendor folder.

composer-custom-directory-installer A composer plugin, to install differenty types of composer packages in custom directories outside the default comp

Mina Nabil Sami 136 Dec 30, 2022
Composer Repository Manager for selling Magento 2 extension and offering composer installation for ordered packages.

Magento 2 Composer Repository Credits We got inspired by https://github.com/Genmato. Composer Repository for Magento 2 This extension works as a Magen

EAdesign 18 Dec 16, 2021
Composer registry manager that help to easily switch to the composer repository you want

CRM - Composer Registry Manager Composer Registry Manager can help you easily and quickly switch between different composer repositories. 简体中文 Install

Tao 500 Dec 29, 2022
A PHP implementation of the Unleash protocol aka Feature Flags in GitLab.

A PHP implementation of the Unleash protocol aka Feature Flags in GitLab. This implementation conforms to the official Unleash standards and implement

Dominik Chrástecký 2 Aug 18, 2021
A Kimai 2 plugin, which send duration of cards to GitLab spend issues of timesheet.

GitLabBundle A Kimai 2 plugin, which send duration of cards to GitLab spend issues of timesheet. Installation First clone it to your Kimai installatio

LibreCode coop 9 Nov 14, 2022
Source control integration plugin framework for MantisBT, including support for Github, Gitlab, Bitbucket, Gitweb, Cgit, Subversion, Mercurial and more

Source control integration plugin framework for MantisBT, including support for Github, Gitlab, Bitbucket, Gitweb, Cgit, Subversion, Mercurial and more

MantisBT Community Plugins 175 Sep 3, 2022
Ied plugin composer - Inspired Plugin Composer: Create, publish and edit plugins from within Textpattern CMS.

ied_plugin_composer Create, publish and edit plugins from within Textpattern CMS. Creates a new page under the Extensions tab where you can edit and e

Stef Dawson 8 Oct 3, 2020
Magento-composer-installer - Composer installer for Magento modules

!!! support the maintainer of this project via Patreon: https://www.patreon.com/Flyingmana Magento Composer Installer The purpose of this project is t

null 213 Sep 24, 2022
Composer plugin that wraps all composer vendor packages inside your own namespace. Intended for WordPress plugins.

Imposter Plugin Composer plugin that wraps all composer vendor packages inside your own namespace. Intended for WordPress plugins. Built with ♥ by Typ

Typist Tech 127 Dec 17, 2022
Dependency graph visualization for composer.json (PHP + Composer)

clue/graph-composer Graph visualization for your project's composer.json and its dependencies: Table of contents Usage graph-composer show graph-compo

Christian Lück 797 Jan 5, 2023
Composer Registrar Composer Plugin for Magento 2

This module add a global registration.php that replace the default glob search performed for each request to discover the components not installed from composer.

OpenGento 3 Mar 22, 2022
Drupal Composer Scaffold - A flexible Composer project scaffold builder

This project provides a composer plugin for placing scaffold files (like index.php, update.php, …) from the drupal/core project into their desired location inside the web root. Only individual files may be scaffolded with this plugin.

Drupal 44 Sep 22, 2022
Victor The Cleaner for Composer - This tool removes unnecessary files and directories from Composer vendor directory.

Victor The Cleaner for Composer This tool removes unnecessary files and directories from Composer vendor directory. The Cleaner leaves only directorie

David Grudl 133 Oct 26, 2022
Opinionated version of Wikimedia composer-merge-plugin to work in pair with Bamarni composer-bin-plugin.

Composer Inheritance Plugin Opinionated version of Wikimedia composer-merge-plugin to work in pair with bamarni/composer-bin-plugin. Usage If you are

Théo FIDRY 25 Dec 2, 2022
Your private self hosted composer repository with user management

Devliver Your private self-hosted composer repository. Requirements Docker MariaDB/MySQL the running docker container has access to private git reposi

Nikita Loges 53 Dec 30, 2022
Private, self-hosted Composer/Satis repository with unlimited private and open-source packages and support for Git, Mercurial, and Subversion.

Private, self-hosted Composer/Satis repository with unlimited private and open-source packages and support for Git, Mercurial, and Subversion. HTTP API, HTTPs support, webhook handler, scheduled builds, Slack and HipChat integration.

Łukasz Lach 112 Nov 24, 2022
Composer plugin for Repman - PHP Repository Manager

Repman Composer Plugin Composer plugin for Repman - PHP Repository Manager. Adds a mirror url for all your dependencies without need to update compose

Repman 9 Mar 14, 2022
A redacted PHP port of Underscore.js with additional functions and goodies – Available for Composer and Laravel

Underscore.php The PHP manipulation toolbelt First off : Underscore.php is not a PHP port of Underscore.js (well ok I mean it was at first). It's does

Emma Fabre 1.1k Dec 11, 2022