我如何指定一个gem从一个私人github存储库中提取？ [英] How can I specify a gem to pull from a private github repository?

问题描述

我在Github上有一个我想使用的私有存储库。我将我的应用程序部署到Heroku。我如何指定一个私人存储库作为我的gemfile文件的来源？我想这不足以说明

  gemmygem，：：git =>我的github地址 
  

解决方案

根据Heroku技术支持的建议，最简单的方法要做到这一点，通过将用户名和密码放入URL中，就像在Basic HTTP Auth中一样，例如

  gem'my_gem'， ：git => 'https：// my_username：my_password@github.com/my_github_account/my_repo.git'，：ref => 'revision_no'
  

这对我们有效。这仍然有些不满，因为我们不得不将密码放入Gemfile中。我们通过添加一个新的github用户帐户并将该帐户添加为gem项目上的协作者来处理此问题。仍然不是万无一失的安全，但影响更窄。

我读到的其他选项是设置你自己的宝石服务器或提供宝石。
$ b 更新2012年5月16日：
另一种避免将密码放入 Gemfile 的方法是将密码放入环境变量中;在Heroku上，你用 heroku config：添加VAR = value ，然后在 Gemfile 中使用这个变量，例如：

  gem'my_gem'，
：git => https：//开头＃{ENV [ var_private_gem_username]}：＃{ENV [ var_private_gem_password]} @ github.com / my_github_account.git，
：REF => 'rev'
  

这是Heroku避免将密码，API密钥和任何凭据放入码。对于本地开发/测试，您可以设置这些环境变量。或者，假设您的开发计算机已设置为通过SSH访问github，则您不需要用于本地开发的凭证（SSH证书已生效）。所以，你可以设置一些条件逻辑：

  private_repo_credentials =％（重量）（var_private_gem_username var_private_gem_password）。 
 map {| var | ENV [var]} .compact.join（'：'）
 private_repo_credentials<< '@'，除非private_repo_credentials.empty？ 
＃private_repo_credentials会  如果没有变量被设置
＃private_repo_credentials将是 用户名：密码@，如果它们设置
宝石 'my_gem'，
：混帐=> ; https：//＃{private_repo_credentials} github.com/my_github_account.git，
：ref => 'rev'
  

我没有测试过最后一部分。请提供反馈。

I have a private repository on Github that I want to use. I deploy my app to Heroku. How can I specify a private repository as the source on my gemfile? I imagine it wouldn't be enough to simply say

gem "mygem", :git=>"my github address" 

解决方案

As per suggestion from Heroku tech support, the easiest way to do this is by putting the username and password into the URL, as in Basic HTTP Auth, e.g.

gem 'my_gem', :git => 'https://my_username:my_password@github.com/my_github_account/my_repo.git', :ref => 'revision_no'

This worked for us. This is still somewhat dissatisfying as we had to put a password into the Gemfile. We dealt with this by adding a new github user account and adding that account as collaborator on the gem project. Still not foolproof security, but the impact is more narrow.

Other options I read about are to set up your own gem server or to vendor the gem.

Update 5/16/2012: Another way to get around putting the password into the Gemfile is to put the password into an environment variable; on Heroku you do this with heroku config:add VAR=value, and then in the Gemfile you'd use this variable, e.g.:

gem 'my_gem',
  :git => "https://#{ENV['var_private_gem_username']}:#{ENV['var_private_gem_password']}@github.com/my_github_account.git",
  :ref => 'rev'

This is the standard on Heroku to avoid putting passwords, API keys and any credentials into the code. For local development/test, you can set these environment variables. Or, assuming your development machine is set up for SSH access to github, you won't need the credentials for local development (the SSH credentials will be in effect already). So you could set up some conditional logic:

private_repo_credentials = %w(var_private_gem_username var_private_gem_password).
  map { |var| ENV[var] }.compact.join(':')
private_repo_credentials << '@' unless private_repo_credentials.empty?
# private_repo_credentials will be "" if neither var is set
# private_repo_credentials will be "username:password@" if they are set
gem 'my_gem',
  :git => "https://#{private_repo_credentials}github.com/my_github_account.git",
  :ref => 'rev'

I've not tested this last part. Please provide feedback.

这篇关于我如何指定一个gem从一个私人github存储库中提取？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！