Our tech team is always looking for solutions to our partners’ tech challenges. When we are working with complex websites, we need a way to manage the various code repositories for these sites. This presents an issue because not all the code repositories we work with are public. Some are proprietary or owned by a government entity and need to be kept private. Also, not all code packages we work with are stored using the same tools. This is where Satis comes in. If you’re looking for a simple static repository to store your code, Satis is your answer. 

The basics of a Composer repository

Most open-source developers take advantage of the code, libraries, and packages that are publically contributed, shared, and reused across a vast online, virtual community. We know code can be shared and collaborated on via a Version Control System (VCS) like Git. But when things get more complicated, a package source and a dependency manager like Composer helps to expand the reach and make the process of managing the code more efficient and effective. Thus, making it easier for website managers to ensure that their website is operating smoothly and engaging users with content without hiccups or slowing down load times.

To understand what Satis is and how it can be utilized, it is helpful to understand the ecosystem in which it lives. A package source is a version controlled code repository that consists of a list of code packages and their corresponding versions. A well-known package source is Packagist, which is a repository of metadata about PHP and PHP-related projects. Packagist aggregates public, open source PHP packages that are installable with Composer. 

Composer is a tool for managing those PHP packages and their dependencies. In a project’s Composer file, a developer can declare the libraries and packages that the project uses and what source repositories they are located in. With one command, Composer will automatically install and update the packages and their related dependencies for you.

By default, only the Packagist repository is registered in Composer. However, you can register other repositories with your project by declaring them in your project’s Composer file. For example, Drupal.org provides its own repository of Composer metadata for Drupal projects. When working with Drupal 8, we add the Drupal package source repository, “https://packages.drupal.org/8”, to our project’s Composer file in order to manage the Drupal modules and dependencies needed for our site. 

We can add as many repositories to our Composer file as we want. However, it’s important to note that there are different types of repositories that can be used by Composer. Not all repositories are set up so that their packages are installable by Composer. A repository that is setup so that it’s packages are installable by Composer is sometimes referred to as a “Composer repository”. 

Where Satis comes in

Forum One manages a suite of 11 Drupal websites for a government agency. Recently, we collaborated with them to start the process of migrating those sites to a new technology stack with a new Drupal 8 installation profile created by the agency. The website profile consists of more than a dozen custom modules, a “base-profile” for configuration used by all sites on the platform, and a Drupal 8 distribution that contains site-specific customizations. All of this code is managed by a static Composer repository to streamline the installation, update, and deployment processes not only for the sites but for an additional number of related agency sites. That’s where Satis comes in. Satis can be used to generate a private “Composer repository.” 

Satis hosts the Composer metadata of your private packages and provides the interface for managing the packages with Composer. Satis aggregates all your private repositories into a single JSON file, and most importantly, automates the build of that file by taking into account updates to the registered repositories. Without an automated solution, you’d have to edit your packages.json file every time you add a new version to one of your repositories, and even worse, every time you add a new set of commits to any version. 

“Private Packagist” is the only other well-known option that automates the builds of your packages.json file. Unlike Satis, it is a paid-for service which allows you to manage your own private Composer repository with per-user authentication, team management and integration in version control systems. For now, Satis is serving the needs of our private Composer repository for our government partners.