Cloudcontrol: how to install private repositories with composer during image build process?

Question

I am using cloudcontrols standard buildback-php. I am using composer to install third party libs. These also includes private git repositories typically accessible via ssh deployment keys.

Problem: accessing private repositories during the cloudcontrol image build process does not work due to missing ssh private keys.

I found a workaround solution that seems to work with heroku (private key is downloaded, decrypted and installed during build process):

https://github.com/taniele/heroku-buildpack-php-mongo#composer-private-repository-support

Another solution is provided by fortrabbit (one time server side ssh key generation):

http://fortrabbit.com/docs/in-depth/git-hooks/sshkeygen

Questions:

Is there any known secure solution for cloudcontrol?

How can I access CONFIG_VARS added via the config addon or the related creds.json file during the image build process before composer is executed?

score 1 · Accepted Answer · answered Sep 02 '14 at 12:04

1

cloudControl provides a key pair per application. The public key is provided via the command line client and can be used to access private repositories. When pulling in dependencies from Git repositories via SSH this key pair is automatically used. Simply allow access to the respective repository using this public key.

You can get the key with this command:

$ cctrlapp APP_NAME details
[..]
Public Key: ssh-rsa AAAAB3NzaC...

answered Sep 02 '14 at 12:04

pst

1,414
11
22

exactly what i was looking for - no workrounds. i had to update to the latest cctrl apps to see the public key details. works like a charm. – Dirk Adler Sep 02 '14 at 12:31

Cloudcontrol: how to install private repositories with composer during image build process?

1 Answers1