公開したくない（できない）gem同士の依存関係の処理方法についてメモ。

hoge_gem/hoge_gem.gemspec

spec.add_runtime_dependency 'private_gem'

hoge_gem/Gemfile

source 'https://rubygems.org'
gemspec

gem 'private_gem', :git => 'https://xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx:x-oauth-basic@github.com/takeyuweb/private_gem.git'

※OAuthのトークンを含めているので依存元のGemfileもうっかり公開しないように注意。

たぶんこれで…

[vagrant@localhost hoge_gem]$ bundle install --path=vendor/bundle
Fetching https://xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx:x-oauth-basic@github.com/takeyuweb/private_gem.git
Unpacking objects: 100% (21/21), done.
Fetching gem metadata from https://rubygems.org/.........
Resolving dependencies...
Installing rake 10.3.2
Using bundler 1.7.0
Installing diff-lcs 1.2.5

private_gem at /vagrant/tmp/gemtest/hoge_gem/vendor/bundl/ruby/2.1.0/bundler/gems/private_gem-9cf23fda456f did not have a valid gemspec.
This prevents bundler from installing bins or native extensions, but that may not affect its functionality.
The validation message from Rubygems was:
  "FIXME" or "TODO" is not an author
Using private_gem 0.0.1 from https://xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx:x-oauth-basic@github.com/takeyuweb/private_gem.git (at master)
Installing rspec-support 3.1.2
Installing rspec-core 3.1.7
Installing rspec-expectations 3.1.2
Installing rspec-mocks 3.1.3
Installing rspec 3.1.0

hoge_gem at /vagrant/tmp/gemtest/hoge_gem did not have a valid gemspec.
This prevents bundler from installing bins or native extensions, but that may not affect its functionality.
The validation message from Rubygems was:
  "FIXME" or "TODO" is not an author
Using hoge_gem 0.0.1 from source at .
Your bundle is complete!
It was installed into ./vendor/bundle

[vagrant@localhost test_gem]$ bundle list
Gems included by the bundle:
  * bundler (1.7.0)
  * diff-lcs (1.2.5)
  * private_gem (0.0.1 9cf23fd)
  * rake (10.3.2)
  * rspec (3.1.0)
  * rspec-core (3.1.7)
  * rspec-expectations (3.1.2)
  * rspec-mocks (3.1.3)
  * rspec-support (3.1.2)
  * hoge_gem (0.0.1)

参考

Ruby - gemspec と Gemfile と Gemfile.lock との違い． - Qiita

LangTurn: gemspecとGemfileの役割をはっきりさせておく （原文 Clarifying the Roles of the .gemspec and Gemfile « Katz Got Your Tongue?）