In a LAMP application based on Symfony2, I need to provide a specific web service in admin panel to update "on-demand" specific dependencies managed by Composer ( ~like plugins update in WordPress admin panel).
Application are deployed on servers by real user (application files owner are not www-data).
I thought these solutions :
- Apache user run directly Composer shell command (shell_exec, Symfony/Process):
composer.lockmust be writeable for Apache user$COMPOSER_HOMEpath must be defined and writable for Apache user- All concerned vendor dependency files must be writable for Apache user
- Apache user should be able to use GIT client with SSH protocol
- ... maybe other points i don't think
- Apache user run Composer shell command as real user, using sudo
sudomust be configured to allow apache user to execute (only) composer as specified real user (Run a shell command as another user or change Apache's user?)- ...
- Use third-party tool, cronjob or Event-driven I/O (
ReactPHP?)
I'm not sure if theses solutions are good, secure and simple to deploy.
What is the best way for you ? Any suggestions/ideas are welcome ! Thanks.
