How to Handle Private GitLab Dependencies in Cargo
Effectively make even proprietary Rust crates work at your company
Cargo is an incredible package manager for Rust. It only takes a *.toml file, and a few entries, and Cargo handles everything from downloading your packages to compiling your binary. Additionally, unlike other package managers, you don’t need any artifact repository to upload your libraries or artifacts to. It is perfectly fine just to define git dependencies, and Cargo takes care of cloning a specific tag or branch and building your own package based on the source code at hand.
Cargo git dependencies work incredibly well with artifacts hosted on GitHub because the platform is easy to use and open. Other GitHub alternatives also work pretty well as long as the repository is public. Many companies, however, don’t open-source everything they do. They often use self-hosted versions of GitLab or at least their cloud offer for various reasons, like your employer probably does. This is when you quickly begin to ask yourself how to handle private GitLab dependencies in Cargo because they can become an issue.
Things that work locally don’t tend to work as well in your GitLab pipelines. Add Docker to the mix, and you end up with many issues that you first need to solve. Gladly, there is a straightforward…