Closed mike-weiner closed 4 days ago
This is already possible via: Correct config would look something like:
ssh:
user: KAMAL_SSH_USERNAME
port: KAMAL_SSH_PORT
Doesn't look like the above config is a fix either. Still seeing:
ERROR (Socket::ResolutionError): Exception while executing on host XXX.XXX.XXX.XXX: getaddrinfo: nodename nor servname provided, or not known
The goal I'm looking to achieve here is for .kamal/secrets-common
to look something like:
KAMAL_REGISTRY_USERNAME=$KAMAL_REGISTRY_USERNAME
KAMAL_REGISTRY_PASSWORD=$KAMAL_REGISTRY_PASSWORD
KAMAL_SSH_USERNAME=$KAMAL_SSH_USERNAME
KAMAL_SSH_PORT=$KAMAL_SSH_PORT
There seems to be a slightly difference in behavior that I'd like to understand. Per https://kamal-deploy.org/docs/configuration/docker-registry/:
A reference to secret (in this case DOCKER_REGISTRY_TOKEN) will look up the secret in the local environment.
This makes it sound as if DOCKER_REGISTRY_TOKEN
is special and can only be placed as a secret in .kamal/secrets
. Looking at this source for how this is fetched, I don't think I could use something like 1Password for this secret: https://github.com/basecamp/kamal/blob/main/lib/kamal/configuration/registry.rb#L25-L31
Looking at the source for the SSH config, it looks like I could use a password manager to specify the SSH username and port: https://github.com/basecamp/kamal/blob/main/lib/kamal/configuration/ssh.rb#L13-L19. However, it doesn't look like placing it in .kamal/secrets
is supported.
If the above is accurate, why the difference in behavior?
ssh:
user: <%= ENV['KAMAL_SSH_USERNAME'] %>
port: <%= ENV['KAMAL_SSH_PORT'] %>
this works.
make sure you define these env vars before running kamal deploy
.
Thanks, @imWildCat. Exactly what I was looking for. As usual, user error on my part.
Per the
ssh
docs, theuser
andport
fields currently have to be specified in plain text, something like:I attempted to use secrets for these values:
and received:
I would prefer not to specify the user or port that I'm using for SSH to do these deployments in plain-text as I'd like to commit my config to Github. Is there a technical limitation requiring these to be strings?