3

I understand that Satis is just a build script that will compile the list of repos for me. But since I'm such a newbie here I cannot figure out the correct way to protect my dist files at all.

Right now I have all my private repos setup in a Satis repo, then have Jenkins build the repos everytime there is an update. It seems like it is possible to protect satis using either SSL or SSH key, to me any way is fine as long as it is easy to setup and work with Jenkins.

I have searched high and low but seems like this is too easy no one bothered to write a tutorial on it. Any pointer would be greatly appreciated. Please note that I'm a complete newbie regarding this tipic.

mr1031011
  • 3,574
  • 5
  • 42
  • 59
  • What kind of protection are you talking about? Composer supports several access control schemes, for downloading release packages HTTP hosting with HTTP based authentication probably is the best way. – Sven Aug 05 '14 at 23:56
  • hi Seven, so do I just need to put say .htaccess in my satis web folder to protect it? Another question is that my build is run by ant, how do I tell Ant to login with the http auth info? Or perhaps in this case I better use SSH key based auth? – mr1031011 Aug 06 '14 at 07:18
  • I do host a bunch of ZIP files generated by Satis in a SVN repository that is protected by HTTP basic authentication (i.e. .htaccess file, but more sophisticated on the backend side). Access to both Satis generated Composer files as well as ZIP files is granted with a readonly account password that is included in the URL. This is not because we want to protect, but because we have to use that SVN server for deployment. The entry in `composer.json` is like `"repositories": [{ "type": "composer", "url": "https://theuser:thepassword@satishost.example/" }]` – Sven Aug 06 '14 at 12:41
  • @Sven Thank you very much, yes it's totally easy now that you pointed that out. I will try that. BTW, did you also consider SSH key option? It seems like a good option if we dont want to expose the password – mr1031011 Aug 06 '14 at 16:24
  • The SSH keys are being used for direct access to the Git repos, and Satis is configured to give out the SSH URL for access to branches. The HTTP password is only being used to download ZIP-files created from tags. I don't think you can use a SSH URL to download a ZIP, and I don't think SCP or SFTP is currently supported by Composer. – Sven Aug 06 '14 at 18:52

0 Answers0