kamal

spacebar/kamal

Fork 0

Commit Graph

Author	SHA1	Message	Date
Donal McBreen	989d09e027	Copy env files to remote hosts Setting env variables in the docker arguments requires having them on the deploy host. Instead we'll add two new commands `kamal env push` and `kamal env delete` which will manage copying the environment as .env files to the remote host. Docker will pick up the file with `--env-file <path-to-file>`. Env files will be stored under `<kamal run directory>/env`. Running `kamal env push` will create env files for each role and accessory, and traefik if required. `kamal envify` has been updated to also push the env files. By avoiding using `kamal envify` and creating the local and remote secrets manually, you can now avoid accessing secrets needed for the docker runtime environment locally. You will still need build secrets. One thing to note - the Docker doesn't parse the environment variables in the env file, one result of this is that you can't specify multi-line values - see https://github.com/moby/moby/issues/12997. We maybe need to look docker config or docker secrets longer term to get around this. Hattip to @kevinmcconnell - this was all his idea.	2023-08-30 17:00:05 +01:00
David Heinemeier Hansson	c4a203e648	Rename to Kamal	2023-08-22 08:24:31 -07:00
Donal McBreen	8d8f9f6ada	Deploy locks Add a deploy lock for commands that are unsafe to run concurrently. The lock is taken by creating a `mrsk_lock` directory on the primary host. Details of who took the lock are added to a details file in that directory. Additional CLI commands have been added to manual release and acquire the lock and to check its status. ``` Commands: mrsk lock acquire -m, --message=MESSAGE # Acquire the deploy lock mrsk lock help [COMMAND] # Describe subcommands or one specific subcommand mrsk lock release # Release the deploy lock mrsk lock status # Report lock status Options: -v, [--verbose], [--no-verbose] # Detailed logging -q, [--quiet], [--no-quiet] # Minimal logging [--version=VERSION] # Run commands against a specific app version -p, [--primary], [--no-primary] # Run commands only on primary host instead of all -h, [--hosts=HOSTS] # Run commands on these hosts instead of all (separate by comma) -r, [--roles=ROLES] # Run commands on these roles instead of all (separate by comma) -c, [--config-file=CONFIG_FILE] # Path to config file # Default: config/deploy.yml -d, [--destination=DESTINATION] # Specify destination to be used for config file (staging -> deploy.staging.yml) -B, [--skip-broadcast], [--no-skip-broadcast] # Skip audit broadcasts ``` If we add support for running multiple deployments on a single server we'll need to extend the locking to lock per deployment.	2023-03-24 12:28:08 +00:00

Author

SHA1

Message

Date

Donal McBreen

989d09e027

Copy env files to remote hosts

Setting env variables in the docker arguments requires having them on
the deploy host.

Instead we'll add two new commands `kamal env push` and
`kamal env delete` which will manage copying the environment as .env
files to the remote host.

Docker will pick up the file with `--env-file <path-to-file>`. Env files
will be stored under `<kamal run directory>/env`.

Running `kamal env push` will create env files for each role and
accessory, and traefik if required.

`kamal envify` has been updated to also push the env files.

By avoiding using `kamal envify` and creating the local and remote
secrets manually, you can now avoid accessing secrets needed
for the docker runtime environment locally. You will still need build
secrets.

One thing to note - the Docker doesn't parse the environment variables
in the env file, one result of this is that you can't specify multi-line
values - see https://github.com/moby/moby/issues/12997.

We maybe need to look docker config or docker secrets longer term to get
around this.

Hattip to @kevinmcconnell - this was all his idea.

2023-08-30 17:00:05 +01:00

David Heinemeier Hansson

c4a203e648

Rename to Kamal

2023-08-22 08:24:31 -07:00

Donal McBreen

8d8f9f6ada

Deploy locks

Add a deploy lock for commands that are unsafe to run concurrently.

The lock is taken by creating a `mrsk_lock` directory on the primary
host. Details of who took the lock are added to a details file in that
directory.

Additional CLI commands have been added to manual release and acquire
the lock and to check its status.

```
Commands:
  mrsk lock acquire -m, --message=MESSAGE  # Acquire the deploy lock
  mrsk lock help [COMMAND]                 # Describe subcommands or one specific subcommand
  mrsk lock release                        # Release the deploy lock
  mrsk lock status                         # Report lock status

Options:
  -v, [--verbose], [--no-verbose]                # Detailed logging
  -q, [--quiet], [--no-quiet]                    # Minimal logging
      [--version=VERSION]                        # Run commands against a specific app version
  -p, [--primary], [--no-primary]                # Run commands only on primary host instead of all
  -h, [--hosts=HOSTS]                            # Run commands on these hosts instead of all (separate by comma)
  -r, [--roles=ROLES]                            # Run commands on these roles instead of all (separate by comma)
  -c, [--config-file=CONFIG_FILE]                # Path to config file
                                                 # Default: config/deploy.yml
  -d, [--destination=DESTINATION]                # Specify destination to be used for config file (staging -> deploy.staging.yml)
  -B, [--skip-broadcast], [--no-skip-broadcast]  # Skip audit broadcasts
```

If we add support for running multiple deployments on a single server
we'll need to extend the locking to lock per deployment.

2023-03-24 12:28:08 +00:00

3 Commits