spacebar/kamal
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request #91 from kjellberg/lookup_username

Browse Source 
Allow registry username to reference a secret
This commit is contained in:
David Heinemeier Hansson
2023-03-08 16:44:09 +00:00
committed by GitHub
parent 8c69990dbb a4d576f105
commit 32ab79c0cc
3 changed files with 22 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
README.md
View File

@@ -150,10 +150,14 @@ The default registry is Docker Hub, but you can change it using `registry/server
```yaml
registry:
server: registry.digitalocean.com
username: registry-user-name
password: <%= ENV.fetch("MRSK_REGISTRY_PASSWORD") %>
username:
- DOCKER_REGISTRY_TOKEN
password:
- DOCKER_REGISTRY_TOKEN
```
A reference to secret `DOCKER_REGISTRY_TOKEN` will look for `ENV["DOCKER_REGISTRY_TOKEN"]` on the machine running MRSK.
### Using a different SSH user than root
The default SSH user is root, but you can change it using `ssh/user`:

10
lib/mrsk/commands/registry.rb
View File

@@ -2,7 +2,7 @@ class Mrsk::Commands::Registry < Mrsk::Commands::Base
delegate :registry, to: :config
def login
docker :login, registry["server"], "-u", redact(registry["username"]), "-p", redact(lookup_password)
docker :login, registry["server"], "-u", redact(lookup("username")), "-p", redact(lookup("password"))
end
def logout
@@ -10,11 +10,11 @@ class Mrsk::Commands::Registry < Mrsk::Commands::Base
end
private
def lookup_password
if registry["password"].is_a?(Array)
ENV.fetch(registry["password"].first).dup
def lookup(key)
if registry[key].is_a?(Array)
ENV.fetch(registry[key].first).dup
else
registry["password"]
registry[key]
end
end
end

11
test/commands/registry_test.rb
View File

@@ -30,6 +30,17 @@ class CommandsRegistryTest < ActiveSupport::TestCase
ENV.delete("MRSK_REGISTRY_PASSWORD")
end
test "registry login with ENV username" do
ENV["MRSK_REGISTRY_USERNAME"] = "also-secret"
@config[:registry]["username"] = [ "MRSK_REGISTRY_USERNAME" ]
assert_equal \
"docker login hub.docker.com -u also-secret -p secret",
@registry.login.join(" ")
ensure
ENV.delete("MRSK_REGISTRY_USERNAME")
end
test "registry logout" do
assert_equal \
"docker logout hub.docker.com",