In order for the composer client to work with Artifactory, the composer.json file should be configured to include the composer remote/virtual repository in Artifactory. This can be configured under the repositories section of the file, as follows:
{
"repositories": [
{
"type": "composer",
"url": "http://$ARTIFACTORY_HOST/artifactory/api/composer/$repository_name/",
"options": {
"ssl": {
"verify_peer": false,
"allow_self_signed": true
}
}
}
]
"require": {
"monolog/monolog": "^2.0",
"doctrine/dbal": "3.2.0",
"kassner/log-parser": "2.1.0",
"foxy/foxy": "1.2.0"
},
"config": {
"secure-http": false,
}
}
When working against Artifactory on the HTTP protocol, the SSL validation (under the “ssl” section), along with the “config” section, is optional.
In this example, the monolog/monolog, doctrine/dbal, kassner/log-parser, and the foxy/foxy packages will be installed. These packages are available under the https://packagist.org registry.
Next, either one of the following commands should be run from the directory containing the composer.json file (add the -vvv flag for verbosity), depending on the need to update the dependencies specified in the composer.json or to install the dependencies specified in the composer.lock file (without updating):
composer update -vvv composer install -vvv
Reviewing the remote-cache repository, the requested packages are cached successfully:
To configure the Artifactory credentials, the auth.json file should be configured as well. Generally, it should contain the following:
{
"http-basic": {
"$ARTIFACTORY_HOST": {
"username": "$USER",
"password": "$PASSWORD"
}
}
} More information can be found on the PHP Composer repositories documentation page.
NOTE: In this example, the composer 2.2.9 was used along with PHP 7.4.3.
Working against virtual repositories using composer V1 is not supported. When working against virtual repositories, composer V2 should be used.