does anyone know if Bundler supports http auth? I'm pretty sure rubygems does (I think i read that somewhere) but I don't see anywhere in the docs where I might specify a username/pwd for a particular repo
I'm trying to run my own private gem server so as not to expose sensitive code
According to https://github.com/carlhuda/bundler/issues/300 you can set the proxy settings the same as in rubygems.
set HTTP_PROXY=http://[username]:[password]#[proxyserver]:[port]
http://dan-webb.co.uk/wordpress/?p=11
OR
# cat $HOME/.gemrc
gem: --source http://[username]:[password]#[proxyserver]:[port]/[DIRECTORY]
http://www.sun.com/bigadmin/content/submitted/ruby_http.jsp
Bundler version 1.6 added HTTP auth in bundle config.
Related
I have a private gem server protected by http basic authentication. Currently, I'm storing the credentials as environment variables and have this line at the top of my Gemfile:
source "https://#{ENV['GEMS_USERNAME']}:#{ENV['GEMS_PASSWORD']}#gems.myserver.com"
So far so good, and when I run bundle everything seems to work. But than I looked at the generated Gemfile.lock and noticed that the credentials for my server got hardcoded there.
GEM
remote: https://rubygems.org/
remote: https://username:password#gems.myserver.com/
Is there a way to prevent this from happening? I don't want to push my credentials into the git repo.
If you are using bundler >= 1.6 you can simply do something like this:
bundle config http://gems.myserver.com username:password
And it should put those credentials in your .bundle/config file so you don't need to explicitly include them on your Gemfile(.lock) anymore.
I am trying to install ruby gems behind NTLM proxy. My OS is Windows 7. These are all the solutions that I tried, non of them working.
Using HTTP_PROXY:
set HTTP_PROXY=http://domain\user:pass#proxy.company.com:8080
set HTTP_PROXY=http://domain\\user:pass#proxy.company.com:8080
set HTTP_PROXY=http://domain\\user:pass#proxy.company.com:8080/
All above response bad URI
set HTTP_PROXY=http://user:pass#proxy.company.com:8080
Response: bad response Proxy Authentication Required 407
Using -p or --http-proxy parameter from Ruby
gem install -p "http://domain\user:pass#proxy.company.com:8080" rake
gem install -p "http://domain\\user:pass#proxy.company.com:8080" rake
gem install -p http://domain\user:pass#proxy.company.com:8080 rake
gem install -p http://domain\\user:pass#proxy.company.com:8080 rake
gem install --http-proxy "http://domain\user:pass#proxy.company.com:8080" rake
gem install --http-proxy "http://domain\\user:pass#proxy.company.com:8080" rake
gem install --http-proxy http://domain\user:pass#proxy.company.com:8080 rake
gem install --http-proxy http://domain\\user:pass#proxy.company.com:8080 rake
All response: invalid argument
Try all the options above without the domain or encode the \ to %5C will receive reponse: bad response Proxy Authentication Required 407
What did I miss in these command or setup?
You can use cntlm http://cntlm.sourceforge.net/, so that you have a local proxy that requires no authentication (which in turns connects to the ntlm proxy).
Also: How do I update Ruby Gems from behind a Proxy (ISA-NTLM)
Seems like there is no fix for the moment to make work rubygems behind an NTLM proxy: https://github.com/rubygems/rubygems/issues/360.
Anyway, I still found no way to fix it and the only solution is to download a gem (take care of all its dependencies) and install locally (from inside a folder where the gem was saved to):
gem install your_gem_name --local
I have stumbled on a more easier and possibly safer solution that works not just for git but also any command based installers
Rubygems in ruby
npm in node
One solution running all your traffic from command line is proxied with authentiction.
Wont expose your password in the user:password#domain:port format
Solution:
Download Fiddler, It has a built in way to add authentication headers to all requests.
Once running menu Rules-> Automatically Authenticate (Tick that)
Then for git
git config --global http.proxy http://localhost:8888
git config --global https.proxy http://localhost:8888
Thats it!
I am trying to build a rails project and because the host I am working on doesn't have access to the Internet for the the git:// protocol (port 9418) I get errors like
Fetching git://github.com/pivotal/jasmine.git
fatal: unable to connect to github.com:
github.com[0: 192.30.252.130]: errno=Connection refused
when running bundle install.
The relevant line in the GemFile doesn't specify git:// as a protocol, it just points to GitHub as the source for the gem
gem 'jasmine', :github => 'pivotal/jasmine-gem'
What do I have to do to make bundler to use https:// rather than git:// for pulling gems from GitHub?
Edit:
Is there a way other than editing every affected line in the GemFile? I'd prefer to avoid any merging issues down the line if the project's GemFile is updated.
Use bundle config github.https true
Git provides URL rewriting functionality using the url..insteadOf configuration option.
So to make all connections to github.com use https:// rather than git://
git config --global url."https://github.com".insteadOf git://github.com
The --global switch sets the config option for all git operations by the current user, so there are times where it may be too intrusive. But it does avoid changing the git config in the current project.
You can do:
gem 'jasmine', git: 'https://github.com/pivotal/jasmine-gem.git'
If you want this just for all the gems in one Gemfile you can add these lines at the top of the file:
git_source(:github) do |repo_name|
repo_name = "#{repo_name}/#{repo_name}" unless repo_name.include?("/")
"https://github.com/#{repo_name}.git"
end
Alternatively you can use bundle config github.https true. But this affects only your current environment.
This won't be necessary anymore with Bundler 2.0.
if you're deploying to heroku, you can just add BUNDLE_GITHUB__HTTPS (note the double underscore) as an environment variable and set it to true (in your heroku app's dashboard under the Settings tab in the Config Vars section). this will switch the protocol from git:// to https:// for all such requests.
You should be able to put a complete Git URL in your Gemfile. For example:
gem 'jasmine', :git => 'https://github.com/pivotal/jasmine-gem.git'
If a solution that requires a special obscure setting to be performed on every installation you make for just a teeny weeny bit of syntactic sugar isn't a solution.
That's why I'm proposing this as an answer:
just use :https & report a security bug with bundler that the unencrypted protocol is default.
I have a box with 3 Rails apps on it. I wan't to upgrade one of the apps so that it uses Ruby 2.0.0, while leaving the others running on 1.9.3-p394. I have both those Rubies installed via Rvm.
I'm trying to control the Ruby version that each app uses via it's Gemfile.
# Gemfile
ruby '2.0.0'
So, I changed the version number in the Gemfile locally, made sure it all worked, committed and now I'm trying to deploy the change to the server.
However, the cap deploy fails at this point
bundle install --gemfile [path to release Gemfile] --path [path to app bundle] --deployment --quiet --without development test
because
Your Ruby version is 1.9.3, but your Gemfile specified 2.0.0
This is correct technically, my Gemfile does specify 2.0.0 and the app is currently running on 1.9.3. I'm trying to make it change versions before bundling though. How do I do that?
Your PATH is not set up correctly. You probably don't have bin: as the first entry in your path. That would lead to this error.
Even if you're not using Heroku it's worth reading this page on troubleshooting that issue: https://devcenter.heroku.com/articles/ruby-versions
Here is a link to an answer which will explain how to change your PATH on the server: Capistrano: Can I set an environment variable for the whole cap session?
If you have rvm maybe you can try to do
rvm use 2.0.0
before your bundler call.
If you're using rvm set the default to ruby 2.0.0 on your server
rvm --default use 2.0.0
Resolved the problem for me deploying to an AWS server from my mac - but I guess if I need to update my older sites I'll have to set the default back to 1.9.3 before deploying.
When I try to add source:
C:\>gem source --verbose --add http://gemcutter.org
GET http://gemcutter.org/specs.4.8.gz
407 Proxy Authentication Required
Error fetching http://gemcutter.org:
bad response Proxy Authentication Required 407 (http://gemcutter.org/specs.4.8.gz)
p.s. my Windows XP client accesses the web via a proxy, so I tried:
C:\>gem -v
1.8.10
C:\>gem source --verbose --http-proxy http://192.168.10.24:3128 --add http://gemcutter.org
but returns the same error. How can I fix it?
You need to put the proxy username and password in there somehow.
On *nix machines, gem looks for an environment variable named HTTP_PROXY. You can set this variable on windows too.
Run SET HTTP_PROXY=http://%USER%:%PASSWORD%#192.168.10.24:3128 before you run your gem command.
Another possibility is to install another "proxy" on your computer itself. See How do I update Ruby Gems from behind a Proxy (ISA-NTLM) and http://ntlmaps.sourceforge.net/ for details on this.
You might be able to use rubysspi. See the instructions here.