I'm trying to deploy a rails app with kamal by pushing the app image to the digital ocean registry instead of the default registry (which is docker hub) but I'm getting an authentication error:
ERROR: failed to solve: failed to push registry.digitalocean.com/<my_registry>/<my_repo>:<my_tag>: failed to do request: Head "https://sfo3.digitaloceanspaces.com/[REDACTED]": dial tcp: lookup sfo3.digitaloceanspaces.com on <my_server_ip>: no such host
Using:
# Credentials for your image host.
registry:
# Specify the registry server, if you're not using Docker Hub
# server: registry.digitalocean.com / ghcr.io / ...
server: registry.digitalocean.com
username:
- KAMAL_REGISTRY_PASSWORD
# Always use an access token rather than real password when possible.
password:
- KAMAL_REGISTRY_PASSWORD
Steps to reproduce:
Create a DO droplet and configures firewall (outbound requests are fully open)
Create a DO container image registry
Install kamal and modify the deploy.yml config file to set up hosts, traefik, volumes, and registry
Set KAMAL_REGISTRY_PASSWORD in the .env file, along with RAILS_MASTER_KEY
Run kamal setup
My KAMAL_REGISTRY_PASSWORD is a Digital Ocean personal access token with scopes registry (4): create, read, update, delete (I've also tried with a full access scope and the same error is thrown).
Seems that Digital Ocean stores the image layers in Digital Ocean Spaces which in turn requires its own Spaces Key to access, that's my guess.
I'm trying to deploy a rails app with kamal by pushing the app image to the digital ocean registry instead of the default registry (which is docker hub) but I'm getting an authentication error:
Using:
Steps to reproduce:
kamal
and modify thedeploy.yml
config file to set up hosts, traefik, volumes, and registryKAMAL_REGISTRY_PASSWORD
in the.env
file, along withRAILS_MASTER_KEY
kamal setup
My
KAMAL_REGISTRY_PASSWORD
is a Digital Ocean personal access token with scopesregistry (4): create, read, update, delete
(I've also tried with a full access scope and the same error is thrown).Seems that Digital Ocean stores the image layers in Digital Ocean Spaces which in turn requires its own Spaces Key to access, that's my guess.