nocoffee-kamal 2.3.0.1

data/lib/kamal/commands/proxy.rb

@@ -0,0 +1,87 @@
+class Kamal::Commands::Proxy < Kamal::Commands::Base
+  delegate :argumentize, :optionize, to: Kamal::Utils
+
+  def run
+    docker :run,
+      "--name", container_name,
+      "--network", "kamal",
+      "--detach",
+      "--restart", "unless-stopped",
+      "--volume", "kamal-proxy-config:/home/kamal-proxy/.config/kamal-proxy",
+      "\$\(#{get_boot_options.join(" ")}\)",
+      config.proxy_image
+  end
+
+  def start
+    docker :container, :start, container_name
+  end
+
+  def stop(name: container_name)
+    docker :container, :stop, name
+  end
+
+  def start_or_run
+    combine start, run, by: "||"
+  end
+
+  def info
+    docker :ps, "--filter", "name=^#{container_name}$"
+  end
+
+  def version
+    pipe \
+      docker(:inspect, container_name, "--format '{{.Config.Image}}'"),
+      [ :cut, "-d:", "-f2" ]
+  end
+
+  def logs(timestamps: true, since: nil, lines: nil, grep: nil, grep_options: nil)
+    pipe \
+      docker(:logs, container_name, ("--since #{since}" if since), ("--tail #{lines}" if lines), ("--timestamps" if timestamps), "2>&1"),
+      ("grep '#{grep}'#{" #{grep_options}" if grep_options}" if grep)
+  end
+
+  def follow_logs(host:, timestamps: true, grep: nil, grep_options: nil)
+    run_over_ssh pipe(
+      docker(:logs, container_name, ("--timestamps" if timestamps), "--tail", "10", "--follow", "2>&1"),
+      (%(grep "#{grep}"#{" #{grep_options}" if grep_options}) if grep)
+    ).join(" "), host: host
+  end
+
+  def remove_container
+    docker :container, :prune, "--force", "--filter", "label=org.opencontainers.image.title=kamal-proxy"
+  end
+
+  def remove_image
+    docker :image, :prune, "--all", "--force", "--filter", "label=org.opencontainers.image.title=kamal-proxy"
+  end
+
+  def cleanup_traefik
+    chain \
+      docker(:container, :stop, "traefik"),
+      combine(
+        docker(:container, :prune, "--force", "--filter", "label=org.opencontainers.image.title=Traefik"),
+        docker(:image, :prune, "--all", "--force", "--filter", "label=org.opencontainers.image.title=Traefik")
+      )
+  end
+
+  def ensure_proxy_directory
+    make_directory config.proxy_directory
+  end
+
+  def remove_proxy_directory
+    remove_directory config.proxy_directory
+  end
+
+  def get_boot_options
+    combine [ :cat, config.proxy_options_file ], [ :echo, "\"#{config.proxy_options_default.join(" ")}\"" ], by: "||"
+  end
+
+  def reset_boot_options
+    remove_file config.proxy_options_file
+  end
+
+  private
+    def container_name
+      config.proxy_container_name
+    end
+end

data/lib/kamal/commands/prune.rb

@@ -0,0 +1,38 @@
+require "active_support/duration"
+require "active_support/core_ext/numeric/time"
+
+class Kamal::Commands::Prune < Kamal::Commands::Base
+  def dangling_images
+    docker :image, :prune, "--force", "--filter", "label=service=#{config.service}"
+  end
+
+  def tagged_images
+    pipe \
+      docker(:image, :ls, *service_filter, "--format", "'{{.ID}} {{.Repository}}:{{.Tag}}'"),
+      grep("-v -w \"#{active_image_list}\""),
+      "while read image tag; do docker rmi $tag; done"
+  end
+
+  def app_containers(retain:)
+    pipe \
+      docker(:ps, "-q", "-a", *service_filter, *stopped_containers_filters),
+      "tail -n +#{retain + 1}",
+      "while read container_id; do docker rm $container_id; done"
+  end
+
+  private
+    def stopped_containers_filters
+      [ "created", "exited", "dead" ].flat_map { |status| [ "--filter", "status=#{status}" ] }
+    end
+
+    def active_image_list
+      # Pull the images that are used by any containers
+      # Append repo:latest - to avoid deleting the latest tag
+      # Append repo:<none> - to avoid deleting dangling images that are in use. Unused dangling images are deleted separately
+      "$(docker container ls -a --format '{{.Image}}\\|' --filter label=service=#{config.service} | tr -d '\\n')#{config.latest_image}\\|#{config.repository}:<none>"
+    end
+
+    def service_filter
+      [ "--filter", "label=service=#{config.service}" ]
+    end
+end

data/lib/kamal/commands/registry.rb

@@ -0,0 +1,14 @@
+class Kamal::Commands::Registry < Kamal::Commands::Base
+  delegate :registry, to: :config
+
+  def login
+    docker :login,
+      registry.server,
+      "-u", sensitive(Kamal::Utils.escape_shell_value(registry.username)),
+      "-p", sensitive(Kamal::Utils.escape_shell_value(registry.password))
+  end
+
+  def logout
+    docker :logout, registry.server
+  end
+end

data/lib/kamal/commands/server.rb

@@ -0,0 +1,15 @@
+class Kamal::Commands::Server < Kamal::Commands::Base
+  def ensure_run_directory
+    make_directory config.run_directory
+  end
+
+  def remove_app_directory
+    remove_directory config.app_directory
+  end
+
+  def app_directory_count
+    pipe \
+      [ :ls, config.apps_directory ],
+      [ :wc, "-l" ]
+  end
+end

data/lib/kamal/commands.rb

@@ -0,0 +1,2 @@
+module Kamal::Commands
+end

data/lib/kamal/configuration/accessory.rb

@@ -0,0 +1,186 @@
+class Kamal::Configuration::Accessory
+  include Kamal::Configuration::Validation
+
+  DEFAULT_NETWORK = "kamal"
+
+  delegate :argumentize, :optionize, to: Kamal::Utils
+
+  attr_reader :name, :accessory_config, :env
+
+  def initialize(name, config:)
+    @name, @config, @accessory_config = name.inquiry, config, config.raw_config["accessories"][name]
+
+    validate! \
+      accessory_config,
+      example: validation_yml["accessories"]["mysql"],
+      context: "accessories/#{name}",
+      with: Kamal::Configuration::Validator::Accessory
+
+    @env = Kamal::Configuration::Env.new \
+      config: accessory_config.fetch("env", {}),
+      secrets: config.secrets,
+      context: "accessories/#{name}/env"
+  end
+
+  def service_name
+    accessory_config["service"] || "#{config.service}-#{name}"
+  end
+
+  def image
+    accessory_config["image"]
+  end
+
+  def hosts
+    hosts_from_host || hosts_from_hosts || hosts_from_roles
+  end
+
+  def port
+    if port = accessory_config["port"]&.to_s
+      port.include?(":") ? port : "#{port}:#{port}"
+    end
+  end
+
+  def network_args
+    argumentize "--network", network
+  end
+
+  def publish_args
+    argumentize "--publish", port if port
+  end
+
+  def labels
+    default_labels.merge(accessory_config["labels"] || {})
+  end
+
+  def label_args
+    argumentize "--label", labels
+  end
+
+  def env_args
+    [ *env.clear_args, *argumentize("--env-file", secrets_path) ]
+  end
+
+  def env_directory
+    File.join(config.env_directory, "accessories")
+  end
+
+  def secrets_io
+    env.secrets_io
+  end
+
+  def secrets_path
+    File.join(config.env_directory, "accessories", "#{name}.env")
+  end
+
+  def files
+    accessory_config["files"]&.to_h do |local_to_remote_mapping|
+      local_file, remote_file = local_to_remote_mapping.split(":")
+      [ expand_local_file(local_file), expand_remote_file(remote_file) ]
+    end || {}
+  end
+
+  def directories
+    accessory_config["directories"]&.to_h do |host_to_container_mapping|
+      host_path, container_path = host_to_container_mapping.split(":")
+      [ expand_host_path(host_path), container_path ]
+    end || {}
+  end
+
+  def volumes
+    specific_volumes + remote_files_as_volumes + remote_directories_as_volumes
+  end
+
+  def volume_args
+    argumentize "--volume", volumes
+  end
+
+  def option_args
+    if args = accessory_config["options"]
+      optionize args
+    else
+      []
+    end
+  end
+
+  def cmd
+    accessory_config["cmd"]
+  end
+
+  private
+    attr_accessor :config
+
+    def default_labels
+      { "service" => service_name }
+    end
+
+    def expand_local_file(local_file)
+      if local_file.end_with?("erb")
+        with_clear_env_loaded { read_dynamic_file(local_file) }
+      else
+        Pathname.new(File.expand_path(local_file)).to_s
+      end
+    end
+
+    def with_clear_env_loaded
+      env.clear.each { |k, v| ENV[k] = v }
+      yield
+    ensure
+      env.clear.each { |k, v| ENV.delete(k) }
+    end
+
+    def read_dynamic_file(local_file)
+      StringIO.new(ERB.new(IO.read(local_file)).result)
+    end
+
+    def expand_remote_file(remote_file)
+      service_name + remote_file
+    end
+
+    def specific_volumes
+      accessory_config["volumes"] || []
+    end
+
+    def remote_files_as_volumes
+      accessory_config["files"]&.collect do |local_to_remote_mapping|
+        _, remote_file = local_to_remote_mapping.split(":")
+        "#{service_data_directory + remote_file}:#{remote_file}"
+      end || []
+    end
+
+    def remote_directories_as_volumes
+      accessory_config["directories"]&.collect do |host_to_container_mapping|
+        host_path, container_path = host_to_container_mapping.split(":")
+        [ expand_host_path(host_path), container_path ].join(":")
+      end || []
+    end
+
+    def expand_host_path(host_path)
+      absolute_path?(host_path) ? host_path : File.join(service_data_directory, host_path)
+    end
+
+    def absolute_path?(path)
+      Pathname.new(path).absolute?
+    end
+
+    def service_data_directory
+      "$PWD/#{service_name}"
+    end
+
+    def hosts_from_host
+      [ accessory_config["host"] ] if accessory_config.key?("host")
+    end
+
+    def hosts_from_hosts
+      accessory_config["hosts"] if accessory_config.key?("hosts")
+    end
+
+    def hosts_from_roles
+      if accessory_config.key?("roles")
+        accessory_config["roles"].flat_map { |role| config.role(role).hosts }
+      end
+    end
+
+    def network
+      accessory_config["network"] || DEFAULT_NETWORK
+    end
+end

data/lib/kamal/configuration/alias.rb

@@ -0,0 +1,15 @@
+class Kamal::Configuration::Alias
+  include Kamal::Configuration::Validation
+
+  attr_reader :name, :command
+
+  def initialize(name, config:)
+    @name, @command = name.inquiry, config.raw_config["aliases"][name]
+
+    validate! \
+      command,
+      example: validation_yml["aliases"]["uname"],
+      context: "aliases/#{name}",
+      with: Kamal::Configuration::Validator::Alias
+  end
+end

data/lib/kamal/configuration/boot.rb

@@ -0,0 +1,25 @@
+class Kamal::Configuration::Boot
+  include Kamal::Configuration::Validation
+
+  attr_reader :boot_config, :host_count
+
+  def initialize(config:)
+    @boot_config = config.raw_config.boot || {}
+    @host_count = config.all_hosts.count
+    validate! boot_config
+  end
+
+  def limit
+    limit = boot_config["limit"]
+
+    if limit.to_s.end_with?("%")
+      [ host_count * limit.to_i / 100, 1 ].max
+    else
+      limit
+    end
+  end
+
+  def wait
+    boot_config["wait"]
+  end
+end

data/lib/kamal/configuration/builder.rb

@@ -0,0 +1,191 @@
+class Kamal::Configuration::Builder
+  include Kamal::Configuration::Validation
+
+  attr_reader :config, :builder_config
+  delegate :image, :service, to: :config
+  delegate :server, to: :"config.registry"
+
+  def initialize(config:)
+    @config = config
+    @builder_config = config.raw_config.builder || {}
+    @image = config.image
+    @server = config.registry.server
+    @service = config.service
+
+    validate! builder_config, with: Kamal::Configuration::Validator::Builder
+  end
+
+  def to_h
+    builder_config
+  end
+
+  def remote
+    builder_config["remote"]
+  end
+
+  def arches
+    Array(builder_config.fetch("arch", default_arch))
+  end
+
+  def local_arches
+    @local_arches ||= if local_disabled?
+      []
+    elsif remote
+      arches & [ Kamal::Utils.docker_arch ]
+    else
+      arches
+    end
+  end
+
+  def remote_arches
+    @remote_arches ||= if remote
+      arches - local_arches
+    else
+      []
+    end
+  end
+
+  def remote?
+    remote_arches.any?
+  end
+
+  def local?
+    !local_disabled? && (arches.empty? || local_arches.any?)
+  end
+
+  def cached?
+    !!builder_config["cache"]
+  end
+
+  def args
+    builder_config["args"] || {}
+  end
+
+  def secrets
+    (builder_config["secrets"] || []).to_h { |key| [ key, config.secrets[key] ] }
+  end
+
+  def dockerfile
+    builder_config["dockerfile"] || "Dockerfile"
+  end
+
+  def target
+    builder_config["target"]
+  end
+
+  def context
+    builder_config["context"] || "."
+  end
+
+  def driver
+    builder_config.fetch("driver", "docker-container")
+  end
+
+  def local_disabled?
+    builder_config["local"] == false
+  end
+
+  def cache_from
+    if cached?
+      case builder_config["cache"]["type"]
+      when "gha"
+        cache_from_config_for_gha
+      when "registry"
+        cache_from_config_for_registry
+      end
+    end
+  end
+
+  def cache_to
+    if cached?
+      case builder_config["cache"]["type"]
+      when "gha"
+        cache_to_config_for_gha
+      when "registry"
+        cache_to_config_for_registry
+      end
+    end
+  end
+
+  def ssh
+    builder_config["ssh"]
+  end
+
+  def provenance
+    builder_config["provenance"]
+  end
+
+  def git_clone?
+    Kamal::Git.used? && builder_config["context"].nil?
+  end
+
+  def clone_directory
+    @clone_directory ||= File.join Dir.tmpdir, "kamal-clones", [ service, pwd_sha ].compact.join("-")
+  end
+
+  def build_directory
+    @build_directory ||=
+      if git_clone?
+        File.join clone_directory, repo_basename, repo_relative_pwd
+      else
+        "."
+      end
+  end
+
+  def docker_driver?
+    driver == "docker"
+  end
+
+  private
+    def valid?
+      if docker_driver?
+        raise ArgumentError, "Invalid builder configuration: the `docker` driver does not not support remote builders" if remote
+        raise ArgumentError, "Invalid builder configuration: the `docker` driver does not not support caching" if cached?
+        raise ArgumentError, "Invalid builder configuration: the `docker` driver does not not support multiple arches" if arches.many?
+      end
+
+      if @options["cache"] && @options["cache"]["type"]
+        raise ArgumentError, "Invalid cache type: #{@options["cache"]["type"]}" unless [ "gha", "registry" ].include?(@options["cache"]["type"])
+      end
+    end
+
+    def cache_image
+      builder_config["cache"]&.fetch("image", nil) || "#{image}-build-cache"
+    end
+
+    def cache_image_ref
+      [ server, cache_image ].compact.join("/")
+    end
+
+    def cache_from_config_for_gha
+      "type=gha"
+    end
+
+    def cache_from_config_for_registry
+      [ "type=registry", "ref=#{cache_image_ref}" ].compact.join(",")
+    end
+
+    def cache_to_config_for_gha
+      [ "type=gha", builder_config["cache"]&.fetch("options", nil) ].compact.join(",")
+    end
+
+    def cache_to_config_for_registry
+      [ "type=registry", "ref=#{cache_image_ref}", builder_config["cache"]&.fetch("options", nil) ].compact.join(",")
+    end
+
+    def repo_basename
+      File.basename(Kamal::Git.root)
+    end
+
+    def repo_relative_pwd
+      Dir.pwd.delete_prefix(Kamal::Git.root)
+    end
+
+    def pwd_sha
+      Digest::SHA256.hexdigest(Dir.pwd)[0..12]
+    end
+
+    def default_arch
+      docker_driver? ? [] : [ "amd64", "arm64" ]
+    end
+end

data/lib/kamal/configuration/docs/accessory.yml

@@ -0,0 +1,100 @@
+# Accessories
+#
+# Accessories can be booted on a single host, a list of hosts, or on specific roles.
+# The hosts do not need to be defined in the Kamal servers configuration.
+#
+# Accessories are managed separately from the main service — they are not updated
+# when you deploy, and they do not have zero-downtime deployments.
+#
+# Run `kamal accessory boot <accessory>` to boot an accessory.
+# See `kamal accessory --help` for more information.
+
+# Configuring accessories
+#
+# First, define the accessory in the `accessories`:
+accessories:
+  mysql:
+
+    # Service name
+    #
+    # This is used in the service label and defaults to `<service>-<accessory>`,
+    # where `<service>` is the main service name from the root configuration:
+    service: mysql
+
+    # Image
+    #
+    # The Docker image to use, prefix it with a registry if not using Docker Hub:
+    image: mysql:8.0
+
+    # Accessory hosts
+    #
+    # Specify one of `host`, `hosts`, or `roles`:
+    host: mysql-db1
+    hosts:
+      - mysql-db1
+      - mysql-db2
+    roles:
+      - mysql
+
+    # Custom command
+    #
+    # You can set a custom command to run in the container if you do not want to use the default:
+    cmd: "bin/mysqld"
+
+    # Port mappings
+    #
+    # See https://docs.docker.com/network/, and especially note the warning about the security
+    # implications of exposing ports publicly.
+    port: "127.0.0.1:3306:3306"
+
+    # Labels
+    labels:
+      app: myapp
+
+    # Options
+    #
+    # These are passed to the Docker run command in the form `--<name> <value>`:
+    options:
+      restart: always
+      cpus: 2
+
+    # Environment variables
+    #
+    # See kamal docs env for more information:
+    env:
+      ...
+
+    # Copying files
+    #
+    # You can specify files to mount into the container.
+    # The format is `local:remote`, where `local` is the path to the file on the local machine
+    # and `remote` is the path to the file in the container.
+    #
+    # They will be uploaded from the local repo to the host and then mounted.
+    #
+    # ERB files will be evaluated before being copied.
+    files:
+      - config/my.cnf.erb:/etc/mysql/my.cnf
+      - config/myoptions.cnf:/etc/mysql/myoptions.cnf
+
+    # Directories
+    #
+    # You can specify directories to mount into the container. They will be created on the host
+    # before being mounted:
+    directories:
+      - mysql-logs:/var/log/mysql
+
+    # Volumes
+    #
+    # Any other volumes to mount, in addition to the files and directories.
+    # They are not created or copied before mounting:
+    volumes:
+      - /path/to/mysql-logs:/var/log/mysql
+
+    # Network
+    #
+    # The network the accessory will be attached to.
+    #
+    # Defaults to kamal:
+    network: custom
+

data/lib/kamal/configuration/docs/alias.yml

@@ -0,0 +1,26 @@
+# Aliases
+#
+# Aliases are shortcuts for Kamal commands.
+#
+# For example, for a Rails app, you might open a console with:
+#
+# ```shell
+# kamal app exec -i -r console "rails console"
+# ```
+#
+# By defining an alias, like this:
+aliases:
+  console: app exec -r console -i "rails console"
+# You can now open the console with:
+#
+# ```shell
+# kamal console
+# ```
+
+# Configuring aliases
+#
+# Aliases are defined in the root config under the alias key.
+#
+# Each alias is named and can only contain lowercase letters, numbers, dashes, and underscores:
+aliases:
+  uname: app exec -p -q -r web "uname -a"