spacebar/kamal
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Allow registry username to be a reference to secret

Browse Source
This commit is contained in:
Rasmus
2023-03-07 09:49:08 +01:00
parent 8c69990dbb
commit f531874be4
2 changed files with 15 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
README.md
View File

@@ -150,10 +150,14 @@ The default registry is Docker Hub, but you can change it using `registry/server
```yaml
registry:
server: registry.digitalocean.com
username: registry-user-name
password: <%= ENV.fetch("MRSK_REGISTRY_PASSWORD") %>
username:
- DOCKER_REGISTRY_TOKEN
password:
- DOCKER_REGISTRY_TOKEN
```
A reference to secret `DOCKER_REGISTRY_TOKEN` will look for `ENV["DOCKER_REGISTRY_TOKEN"]` on the machine running MRSK.
### Using a different SSH user than root
The default SSH user is root, but you can change it using `ssh/user`:

16
lib/mrsk/commands/registry.rb
View File

@@ -2,7 +2,7 @@ class Mrsk::Commands::Registry < Mrsk::Commands::Base
delegate :registry, to: :config
def login
docker :login, registry["server"], "-u", redact(registry["username"]), "-p", redact(lookup_password)
docker :login, registry["server"], "-u", redact_credentials("username"), "-p", redact_credentials("password")
end
def logout
@@ -10,11 +10,13 @@ class Mrsk::Commands::Registry < Mrsk::Commands::Base
end
private
def lookup_password
if registry["password"].is_a?(Array)
ENV.fetch(registry["password"].first).dup
else
registry["password"]
end
def redact_credentials(key)
value = if registry[key].is_a?(Array)
ENV.fetch(registry[key].first).dup
else
registry[key]
end
redact(value)
end
end