I have a private gem server protected by http basic authentication. Currently, I'm storing the credentials as environment variables and have this line at the top of my Gemfile:
source "https://#{ENV['GEMS_USERNAME']}:#{ENV['GEMS_PASSWORD']}#gems.myserver.com"
So far so good, and when I run bundle everything seems to work. But than I looked at the generated Gemfile.lock and noticed that the credentials for my server got hardcoded there.
GEM
remote: https://rubygems.org/
remote: https://username:password#gems.myserver.com/
Is there a way to prevent this from happening? I don't want to push my credentials into the git repo.
If you are using bundler >= 1.6 you can simply do something like this:
bundle config http://gems.myserver.com username:password
And it should put those credentials in your .bundle/config file so you don't need to explicitly include them on your Gemfile(.lock) anymore.
Related
How do I configure bundler so that when I run bundle install it looks for gems under /my/custom/path first and if it doesn't find there then try to fetch them from a ruby gem remote repository hosted under https://a.nice.host and downloads those into ./local/relative/path (relative to cwd for example). I would like to avoid the bundler looking at default gem installation system path or rubygems.org
The syntax for sourcing a gem from a local folder is:
gem 'some-gem-name', path: '/my/custom/path'
And the syntax for specifying a custom source is:
gem 'another-gem-name', source: 'https://a.nice.host'
And to install gems into a specific local folder, you can run:
bundle install --path ./local/relative/path
Now, that's probably all the tools you need, in truth... (And in fact, especially for that last requirement, you may instead wish to look into rvm gemsets, or using bundle install --deployment.)
But you did also ask about "looking in a local folder first, and only falling back to a remote source if it doesn't exist". That's quite an odd requirement (usually you'd only want to explicitly opt-in to fetching gems from a local path?!), but to answer this question as you've asked it...
A Gemfile is literally just ruby code! So you can define this logic using... You guessed it, ruby! For example:
if File.exists?('/my/custom/path')
gem 'some-gem-name', path: '/my/custom/path'
else
gem 'some-gem-name', source: 'https://a.nice.host'
end
If this (unusual) pattern needs to be repeated in multiple places, you could wrap it into some helper method.
For more information on the configuration options of bundler, please see the documentation.
I created an in-house gem to use with a Rails project that I want to include in my Gemfile.
The gem is hosted in a private repo on Github.com (so :git is not an option) so I am assuming the best direction to include the gem is :path, e.g.
gem 'mygem', :path => '/path/to/gem/dir'
I am curious though:
Where is the ideal place for the gem to be included? (vendor/ ?)
If vendor is the best place, then I don't need to add the gem to my project repository (since vendor/ is ignored by default)
I am using Capistrano to deploy my project; how should Capistrano be aware of the local gem so that it can deploy it as well?
You can go for the vendor location and have the authentication information for the private gem in the gemfile like this:
gem 'foo', :git => 'https://my_username:my_password#github.com/my_github_account/my_repo.git'
However, I am guessing that you will be uncomfortable exposing such sensitive information in the gemfile so you can use a git protocol based url in your gem file like this:
git://github.com/username/repo.git
git protocol based urls are read only so your private repo should be intact.
Also, I am sure you can write a capistrano task to deploy a private gem to vendor directory but that might involve putting in your github username/password in the capistrano task. Also, you can prompt for the username/password during deployment as opposed to putting it in the capistrano task.
I have a private gitlab host, which host private codes and project, and I host my app in heroku, in that heroku app, we use Gemfile to manage dependence of that heroku app, one of those dependence is from private gitlab host. so my Gemfile is something like this:
gem 'my_greate_gem', '0.0.1', :git => "http://myprivate_gitlab_host/private_gems/my_great_gem.git"
It's seems there's not any tutorial mentions about using private gitlab host to hosting gem in Heroku, but I really don't want to use gemfury. Is there any possible solution for this?
Without using Gemfury you would have to pass a username and password in the URL of the gem dependency
gem 'my_greate_gem', '0.0.1', :git => "http://<username>:<password>#myprivate_gitlab_host/private_gems/my_great_gem.git"
The other answer didn't work for me. Also, I prefer a method that allows me to keep credentials out of source. I put the following in my gemfile:
gem 'mygem', git: "https://oauth2:#{ENV['GITLAB_TOKEN']}#gitlab.com/mygroup/mygem.git"
The gitlab token I created has API access. This works for me on heroku if I manually set the GITLAB_TOKEN in the environment variables in settings.
Hope that helps.
I am trying to build a rails project and because the host I am working on doesn't have access to the Internet for the the git:// protocol (port 9418) I get errors like
Fetching git://github.com/pivotal/jasmine.git
fatal: unable to connect to github.com:
github.com[0: 192.30.252.130]: errno=Connection refused
when running bundle install.
The relevant line in the GemFile doesn't specify git:// as a protocol, it just points to GitHub as the source for the gem
gem 'jasmine', :github => 'pivotal/jasmine-gem'
What do I have to do to make bundler to use https:// rather than git:// for pulling gems from GitHub?
Edit:
Is there a way other than editing every affected line in the GemFile? I'd prefer to avoid any merging issues down the line if the project's GemFile is updated.
Use bundle config github.https true
Git provides URL rewriting functionality using the url..insteadOf configuration option.
So to make all connections to github.com use https:// rather than git://
git config --global url."https://github.com".insteadOf git://github.com
The --global switch sets the config option for all git operations by the current user, so there are times where it may be too intrusive. But it does avoid changing the git config in the current project.
You can do:
gem 'jasmine', git: 'https://github.com/pivotal/jasmine-gem.git'
If you want this just for all the gems in one Gemfile you can add these lines at the top of the file:
git_source(:github) do |repo_name|
repo_name = "#{repo_name}/#{repo_name}" unless repo_name.include?("/")
"https://github.com/#{repo_name}.git"
end
Alternatively you can use bundle config github.https true. But this affects only your current environment.
This won't be necessary anymore with Bundler 2.0.
if you're deploying to heroku, you can just add BUNDLE_GITHUB__HTTPS (note the double underscore) as an environment variable and set it to true (in your heroku app's dashboard under the Settings tab in the Config Vars section). this will switch the protocol from git:// to https:// for all such requests.
You should be able to put a complete Git URL in your Gemfile. For example:
gem 'jasmine', :git => 'https://github.com/pivotal/jasmine-gem.git'
If a solution that requires a special obscure setting to be performed on every installation you make for just a teeny weeny bit of syntactic sugar isn't a solution.
That's why I'm proposing this as an answer:
just use :https & report a security bug with bundler that the unencrypted protocol is default.
does anyone know if Bundler supports http auth? I'm pretty sure rubygems does (I think i read that somewhere) but I don't see anywhere in the docs where I might specify a username/pwd for a particular repo
I'm trying to run my own private gem server so as not to expose sensitive code
According to https://github.com/carlhuda/bundler/issues/300 you can set the proxy settings the same as in rubygems.
set HTTP_PROXY=http://[username]:[password]#[proxyserver]:[port]
http://dan-webb.co.uk/wordpress/?p=11
OR
# cat $HOME/.gemrc
gem: --source http://[username]:[password]#[proxyserver]:[port]/[DIRECTORY]
http://www.sun.com/bigadmin/content/submitted/ruby_http.jsp
Bundler version 1.6 added HTTP auth in bundle config.