stackoom
  简体   繁体   中英

Symfony Flex behind strict corporate firewall / proxy

 原文  2018-02-14 07:08:51       php/ composer-php/ symfony4/ symfony-flex

Question

The company where I'm currently working has a very strict security policy and Composer is not allowed to access any host outside the company intranet. Each developer gets it's own VPS for development within the internal cloud that has php, composer and other dev stuff preinstalled, but there's no route to internet from VPS. Workstations have limited internet access only for email and browsing the internet. We managed to make Symfony and composer play together with Satis available on an internal server. It's annoying to manage Satis static dependencies sometimes due to strict package white list standards but it generally worked... well, untill Symfony Flex came up and http://symfony.sh which is not available to our internal workstations and dev environment.

So is there a way to run a flex server on premises or to reuse a local Satis repository somehow to deliver flex recipes?

2 answers

solution1
 1  2018-02-15 10:16:55

Is you cannot reach symfony.sh, you are out of luck to use symfony flex. There are no equivalent to satis for flex.

Private repositories are available only if your repository is on github.com.

But flex is completely not mandatory, you can still install bundles, and look for their configuration.

solution2
 1 ACCPTED  2018-02-19 06:20:13

At the time of writing this answer Symfony hasn't officially open sourced the symfony.sh source so the only way to reach Flex recipes by Flex composer plugin is to enable a firewall route to symfony.sh.

However, if that is not complaint with your security policy another option is to use and contribute to reverse engineered Flex server https://github.com/aurimasniekis/flex-server that could be hosted on a separated server that has limited access to GitHub. One should then configure composer.json to use that specific flex server by doing this:

composer config extra.symfony.endpoint FLEX_SERVER_URL

Flex as a composer plugin is open sourced so protocol behind it can be mocked or recreated relatively easy.

The third option is to not use Flex at all and continue installing bundles with lots of boilerplate steps of configuring, installing and enabling dependencies like we all used to do prior the Symfony4.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Apache behind corporate proxy How to install PECL package behind a corporate proxy? Can't update/install using composer behind a corporate firewall Symfony behind reverse proxy Tell whether route is behind firewall in Symfony2 Symfony: A Token was not found in the SecurityContext for route behind firewall Symfony 2/3 : Check user against a firewall behind any url What’s the proper way to handle an AJAX call behind Symfony 4 firewall? Symfony port redirection behind reverse proxy Symfony HWI OAuth login error behind a proxy
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM