spacebar/kamal
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Remove the envify command

Browse Source 
Instead of using `kamal envify` to generate the .env file, we now assume
that it will be in place for us.

Options in place of `kamal envify`:
1. Pre-generate the .env file
2. Create the env file in the `.pre-init` hook
3. Log into a secret store/check you are logged in in the pre-init hook
   Then use .dotenv command and variable substitution to interpolate the
   secrets.
This commit is contained in:
Donal McBreen
2024-07-30 17:26:45 +01:00
parent cbb4c87035
commit d2f57b1889
11 changed files with 8 additions and 93 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
lib/kamal/cli/main.rb
View File

@@ -10,7 +10,6 @@ class Kamal::Cli::Main < Kamal::Cli::Base
invoke "kamal:cli:server:bootstrap", [], invoke_options
say "Evaluate and push env files...", :magenta
invoke "kamal:cli:main:envify", [], invoke_options
invoke "kamal:cli:env:push", [], invoke_options
invoke "kamal:cli:accessory:boot", [ "all" ], invoke_options
@@ -179,31 +178,6 @@ class Kamal::Cli::Main < Kamal::Cli::Base
end
end
desc "envify", "Create .kamal/.env by evaluating .kamal/.env.erb (or .kamal/.env.staging.erb -> .kamal/.env.staging when using -d staging)"
option :skip_push, aliases: "-P", type: :boolean, default: false, desc: "Skip .env file push"
def envify
if destination = options[:destination]
env_template_path = ".kamal/.env.#{destination}.erb"
env_path = ".kamal/.env.#{destination}"
else
env_template_path = ".kamal/.env.erb"
env_path = ".kamal/.env"
end
if Pathname.new(File.expand_path(env_template_path)).exist?
# Ensure existing env doesn't pollute template evaluation
content = with_original_env { ERB.new(File.read(env_template_path), trim_mode: "-").result }
File.write(env_path, content, perm: 0600)
unless options[:skip_push]
reload_env
invoke "kamal:cli:env:push", options
end
else
puts "Skipping envify (no #{env_template_path} exist)"
end
end
desc "remove", "Remove Traefik, app, accessories, and registry session from servers"
option :confirmed, aliases: "-y", type: :boolean, default: false, desc: "Proceed without confirmation question"
def remove

4
lib/kamal/configuration/docs/env.yml
View File

@@ -24,14 +24,14 @@ env:
# KAMAL_REGISTRY_PASSWORD=pw
# DB_PASSWORD=secret123
# ```
# See https://kamal-deploy.org/docs/commands/envify/ for how to use generated .env files.
# See https://kamal-deploy.org/docs/commands/env/ for how to use generated .env files.
#
# To pass the secrets you should list them under the `secret` key. When you do this the
# other variables need to be moved under the `clear` key.
#
# Unlike clear valies, secrets are not passed directly to the container,
# but are stored in an env file on the host
# The file is not updated when deploying, only when running `kamal envify` or `kamal env push`.
# The file is not updated when deploying, only when running `kamal env push`.
env:
clear:
DB_USER: app