If you’re deploying a Drupal site using Composer in CircleCI and want to avoid using a personal GitHub token (to access private packages like miniorange_saml_enterprise), you can follow these detailed steps to securely store and use the token at the repository level:
Step-by-Step Solution:
Step 1: Add GitHub Token as an Environment Variable in CircleCI
-
- Log in to CircleCI.
- Navigate to your project.
- Click on Project Settings > Environment Variables.
- Add a new variable:
- Name:
GITHUB_TOKEN - Value:
your-github-token-here
This ensures the token is stored securely and not hardcoded in your pipeline or codebase.
Step 2: Configure Composer to Use the Token During the CI/CD Build
In your CircleCI config file (.circleci/config.yml), add a step before running composer install to inject the token into Composer:Example:
- run: name: Configure Composer with GitHub Token command: | composer config --global github-oauth.github.com $GITHUB_TOKENThis command tells Composer to use the GitHub token from the environment variable for authentication, allowing access to private repositories during
dependency installation. - Name:
