0

I am deploying a Symfony 2 application to a Debian server via Capifony. The main repository for the application is private but I am also including some private repositories via a composer install. This is causing problems.

The main repository is cloning just fine. I have the public keys setup, a passphrase setup with the scm:passphrase: definition and the following line to enable the automatic entry of the passphrase:

default_run_options[:pty] = true

When I am installing the vendors a passphrase is required for the private repositories that have been required for the project - as I already have the private/public keys for allowing the connection to my repository. It returns the following:

** [out :: 106.187.50.216] Cloning master
** [out :: 106.187.50.216] Enter passphrase for key '/home/deploy/.ssh/id_rsa':

When this appears I cannot enter any passphrase because it is just an out. I would have though that it shared the passphrase but it appears that the composer.phar install doesn't use the same Capifony settings.

frodosghost
  • 520
  • 1
  • 6
  • 13

2 Answers2

0

As a workaround you should use a password-free key for deployments I guess. You can set that as a deploy key on github or create a new account that has readonly access to the few repos you need. That way you get convenience without too much risk associated with the loss of that key.

Now for a proper solution, I'm not sure what is needed. You can open an issue on composer and we discuss it further there. Basically the issue is that composer uses a normal git clone command, nothing special, and I imagine capifony does special things to unlock the key in the initial project checkout.

Seldaek
  • 40,986
  • 9
  • 97
  • 77
  • I did change it to be password-free for the deployment key. I wonder if the Composer git password/passphrase request could be "bubbled" up with the Capifony deploy to call the same variables set for deployment. Not sure if it make this a Composer issue or not. – frodosghost Jul 15 '12 at 22:10
0

Capistrano/capifony handles the output in real time. If Git prompts for a password, it will automatically gives the user'spassword, same with the passphrase. This is part of Capistrano as you can see for in the Git class of Capistrano: https://github.com/capistrano/capistrano/blob/master/lib/capistrano/recipes/deploy/scm/git.rb#L255.

I think you can either use a password-free strategy, or use ssh-agent.

William Durand
  • 5,439
  • 1
  • 26
  • 37
  • I am not sure if I read this right but it appears that if the git password/passphrase is requested from composer install (rather than the project repository) that this is not called. I think the password-free key is the simplest solution. – frodosghost Jul 15 '12 at 22:06
  • I know it's not called. I explained the process for Git only, this is not the case with Composer. That's why I told you to either use a password-free strategy, or ssh-agent which allows to keep passphrases in your system, and to solve this common issue. – William Durand Jul 16 '12 at 06:55