如何指定要从私有 github 存储库中提取的 gem? [英] How can I specify a gem to pull from a private github repository?

问题描述

我在 Github 上有一个要使用的私有存储库.我将我的应用程序部署到 Heroku.如何在我的 gemfile 上指定一个私有存储库作为源?我想仅仅说是不够的

I have a private repository on Github that I want to use. I deploy my app to Heroku. How can I specify a private repository as the source on my gemfile? I imagine it wouldn't be enough to simply say

gem "mygem", :git=>"my github address" 

推荐答案

根据 Heroku 技术支持的建议，最简单的方法是将用户名和密码放入 URL 中，如 Basic HTTP Auth，例如

As per suggestion from Heroku tech support, the easiest way to do this is by putting the username and password into the URL, as in Basic HTTP Auth, e.g.

gem 'my_gem', :git => 'https://my_username:my_password@github.com/my_github_account/my_repo.git', :ref => 'revision_no'

这对我们有用.这仍然有些不满意，因为我们不得不在 Gemfile 中输入密码.我们通过添加一个新的 github 用户帐户并将该帐户添加为 gem 项目的合作者来解决这个问题.仍然不是万无一失的安全性，但影响更小.

This worked for us. This is still somewhat dissatisfying as we had to put a password into the Gemfile. We dealt with this by adding a new github user account and adding that account as collaborator on the gem project. Still not foolproof security, but the impact is more narrow.

我读到的其他选项是 设置您自己的 gem 服务器 或供应商宝石.

Other options I read about are to set up your own gem server or to vendor the gem.

2012 年 5 月 16 日更新:避免将密码放入 Gemfile 的另一种方法是将密码放入环境变量中；在 Heroku 上，您使用 heroku config:add VAR=value 执行此操作，然后在 Gemfile 中使用此变量，例如:

Update 5/16/2012: Another way to get around putting the password into the Gemfile is to put the password into an environment variable; on Heroku you do this with heroku config:add VAR=value, and then in the Gemfile you'd use this variable, e.g.:

gem 'my_gem',
  :git => "https://#{ENV['var_private_gem_username']}:#{ENV['var_private_gem_password']}@github.com/my_github_account.git",
  :ref => 'rev'

这是 Heroku 上的标准，以避免将密码、API 密钥和任何凭据放入代码中.对于本地开发/测试，您可以设置这些环境变量.或者，假设您的开发机器设置为通过 SSH 访问 github，您将不需要本地开发的凭据(SSH 凭据已经生效).所以你可以设置一些条件逻辑:

This is the standard on Heroku to avoid putting passwords, API keys and any credentials into the code. For local development/test, you can set these environment variables. Or, assuming your development machine is set up for SSH access to github, you won't need the credentials for local development (the SSH credentials will be in effect already). So you could set up some conditional logic:

private_repo_credentials = %w(var_private_gem_username var_private_gem_password).
  map { |var| ENV[var] }.compact.join(':')
private_repo_credentials << '@' unless private_repo_credentials.empty?
# private_repo_credentials will be "" if neither var is set
# private_repo_credentials will be "username:password@" if they are set
gem 'my_gem',
  :git => "https://#{private_repo_credentials}github.com/my_github_account.git",
  :ref => 'rev'

我还没有测试过这最后一部分.请提供反馈.

I've not tested this last part. Please provide feedback.

这篇关于如何指定要从私有 github 存储库中提取的 gem?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！