pixelbrackets/composer-git-auth.md

## composer-git-auth.md

      
    Raw
  

              composer-git-auth.md
            
          
    How to store Personal Access Tokens in Composer


Generate GitHub Access Token: https://github.com/settings/tokens
Generate GitLab Access Token: https://docs.gitlab.com/ee/user/profile/personal_access_tokens.html

Local Development

For a single project:

Run composer config github-oauth.github.com <token> or composer config gitlab-token.gitlab.com <token>
Hint: Add auth.json to .gitignore, as it contains credentials

For all projects:

Run composer config -g <auth provider> <token>

Stages


Create a local auth file (see above), or set an environment variable (see below)

CI


Set the environment variable COMPOSER_AUTH, with the JSON formated content of the auth.json file

COMPOSER_AUTH='{"github-oauth":{"github.com":"XXXXXXXXXXXXXXXXXX"}}'
See https://getcomposer.org/doc/03-cli.md#composer-auth
GitHub


Project > Settings > Environments > Environment secrets > Add secret

Name it COMPOSER_AUTH and paste the JSON string as value


Or set a single token secret (Settings > Secrets) like COMPOSER_TOKEN and use it in action.yml


jobs:
  job1:
    env:
      COMPOSER_AUTH: '{"github-oauth":{"github.com":"${{ secrets.COMPOSER_TOKEN }}"}}'
See https://docs.github.com/en/actions/reference/encrypted-secrets
GitLab


Project > Settings > CI/CD > Variables

Name it COMPOSER_AUTH and paste the JSON string as value


Or set a single token variable like COMPOSER_TOKEN and use it in .gitlab-ci.yml


job1:
  variables:
    COMPOSER_AUTH: '{"github-oauth":{"github.com":"$COMPOSER_TOKEN"}}'
See https://docs.gitlab.com/ee/ci/variables/