Hey guys,
I’ve found a couple different methods for adding private repos or paid plugins to composer. I thought I’d ask your guys’ preferred method before doing anything.
Here’s the method I’m planning on trying first. It involves creating a repository on your own server.
It may seem a little more complicated than it needs to be. That’s why I thought I’d see if anyone has any better ideas.
And replace ACCESSKEY, EXPIREDATE & SIGNATURE for your actual credentials (which you can find here: https://www.gravityhelp.com/downloads/ when logged in)
I marked that as the solution. I opened another topic I want to resolve before trying this. But I’ll come back to it if it doesn’t work. Seems like it should. Thanks again for coming up with the url. I have no idea how you located it.
I just tested it and it works!
You can normally find these download url’s by logging in to these premium plugin accounts and look for the download page. There you normally have download links to the latest version of the plugin.
So adding this to your composer.json lets you install two very popular premium plugins using composer:
I’ve ended up using more than one or two commercial plugins that don’t have accessible/stable download links, so ended up with the following.
Create a new private repo (commercial-plugins-example for this example)
Add each plugin folder to the repo, 1 commit for each plugin
Add that private repo to composer.json (as per docs)
WordPress won’t recognise any plugins that are not in the root of the /plugins folder. You could maintain a loader in the commercial plugins repo, but I experimented with little bit of composer magic instead.
Add the following scripts to composer.json, after require
The scripts/copy_commercial_plugins file will look something like this (make your own changes as required):
# Copy all commercial plugins into plugins folder
rsync -av web/app/plugins/commercial-plugins-example/* web/app/plugins/ --exclude composer.json
You could move instead of copy to ensure the commercial plugin repo is removed, but I’m okay leaving it where it is (it’s in a handy spot for local updates).
When a plugin requires an update:
Download the update directly from developer, or update the plugin via /wp-admin
Copy updated plugin folder into commercial plugins repo, commit with version in message
Push new commit to remote
Run composer update
Pros:
A little more robust – won’t break build/deploy steps if a download link becomes invalid or expires for whatever reason
Learn a bit about composer! Running scripts on update/install is super powerful
Cons:
Keeping the commercial plugin repo up-to-date is a bit of a chore, especially with plugins that are updated frequently
Haven’t had to rollback a plugin yet, but that could be a little messy
Since I often have several sites using a paid plugin like gravity forms, I create a git repo with the source of the plugin and a composer.json file, so that I can add it as a source control repository and it is easy for me to update many sites at once. I just update my gravityforms repository, then composer update each site.
Some of those plugins are GPL like gravityforms, so I just put it on a public github repo. Sometimes it is a custom proprietary plugin that I use on multiple sites, in which case I use a private repo.
I follow jwilliams approach. If there’s a better way, I’m all for it. But I’ve gotten used to this. I create a private repo on bitbucket usually. In my main project, I’ll add a line like this for each private repo used in that project.
When I checkin the plugin to it’s private repo, I attach a tag that is the version number of the plugin update. Everytime there is a plugin update, I unzip the file on top of the package, check it in, and add a tag for that version. That allows me to install any version of the private paid plugin that I want.
Edit: tweaked to also install the plugin - note that this will not work on an initial remote deploy, as by default the WP site hasn’t been configured so WP-CLI cannot perform any plugin actions.
Thanks for sharing @runofthemill, this has been helpful. I would assume if you put in a default database for Trellis to fire up on initial provisioning and deployment this would be resolved.
For anyone looking into this, using https://s3.amazonaws.com URLs does not work very well since the expiredate and signature parameters are reset very often.
Thankfully, Gravity Forms provides an API to get a fresh URL - they use it themselves in the CLI addon for installing the package.
I created a composer install helper that works similarly to “private-composer-installer”, but is more specific to Gravity Forms since it needs to do an API call to retrieve the correct URL.