search

basecamp / kamal

Deploy web apps anywhere.
https://kamal-deploy.org
MIT License
9.39k stars 359 forks source link

Uploading image to Digital Ocean's Registry throws an error #801

Closed bntzio closed 1 month ago

bntzio commented 1 month ago

I'm trying to deploy a rails app with kamal by pushing the app image to the digital ocean registry instead of the default registry (which is docker hub) but I'm getting an authentication error:

ERROR: failed to solve: failed to push registry.digitalocean.com/<my_registry>/<my_repo>:<my_tag>: failed to do request: Head "https://sfo3.digitaloceanspaces.com/[REDACTED]": dial tcp: lookup sfo3.digitaloceanspaces.com on <my_server_ip>: no such host

Using:

# Credentials for your image host.
registry:
  # Specify the registry server, if you're not using Docker Hub
  # server: registry.digitalocean.com / ghcr.io / ...
  server: registry.digitalocean.com
  username:
    - KAMAL_REGISTRY_PASSWORD

  # Always use an access token rather than real password when possible.
  password:
    - KAMAL_REGISTRY_PASSWORD

Steps to reproduce:

  1. Create a DO droplet and configures firewall (outbound requests are fully open)
  2. Create a DO container image registry
  3. Install kamal and modify the deploy.yml config file to set up hosts, traefik, volumes, and registry
  4. Set KAMAL_REGISTRY_PASSWORD in the .env file, along with RAILS_MASTER_KEY
  5. Run kamal setup

My KAMAL_REGISTRY_PASSWORD is a Digital Ocean personal access token with scopes registry (4): create, read, update, delete (I've also tried with a full access scope and the same error is thrown).

Seems that Digital Ocean stores the image layers in Digital Ocean Spaces which in turn requires its own Spaces Key to access, that's my guess.