dokku / ci-docker-image Goto Github PK

View Code? Open in Web Editor NEW

35.0 4.0 24.0 225 KB

A Docker Image meant for use with CI/CD pipelines

License: MIT License

Dockerfile 1.46% Shell 81.26% Python 17.28%

continuous-deployment deployment docker dokku

ci-docker-image's Introduction

ci-docker-image

A Docker image meant for use with CI/CD pipelines

Supported CI Systems

Assuming a Docker image can be run as a CI task with environment variables injected, the following CI systems will have their variables automatically detected:

Usage

This image provides two binaries for external usage:

dokku-deploy: Triggers an app deploy at the configured GIT_REMOTE_URL
dokku-unlock: Unlocks deploys for an app at the configured GIT_REMOTE_URL

To run either binary, the following docker command can be used from a directory containing a non-shallow clone of the repository being deployed:

# where the `.env` file contains `GIT_REMOTE_URL` and `SSH_PRIVATE_KEY`

# deploy
docker run --rm -v="$PWD:/app" --env-file=.env dokku/ci-docker-image dokku-deploy

# unlock
docker run --rm -v="$PWD:/app" --env-file=.env dokku/ci-docker-image dokku-unlock

Configuration

The following environment variables are supported:

BRANCH:
- description: The branch to deploy when pushing to Dokku
- required: false
- default: ''master
CI_BRANCH_NAME
- description: The branch name that triggered the deploy. Interpolated if unavailable.
- required: false
- default: ''
CI_COMMIT
- description: The commit sha that will be pushed. Interpolated if unavailable.
- required: false
- default: ''
COMMAND:
- description: The command to run for the action
- required: false
- default: ''
DEPLOY_DOCKER_IMAGE:
- description: A docker image to deploy via git:from-image
- required: false
- default: ''
DEPLOY_USER_NAME:
- description: A username to use when deploying a docker image
- required: false
- default: ''
DEPLOY_USER_EMAIL:
- description: The email to use when deploying a docker image
- required: false
- default: ''
GIT_REMOTE_URL:
- description: The dokku app's git repository url (in SSH format)
- required: true
GIT_PUSH_FLAGS:
- description: A string containing a set of flags to set on push
- required: false
REVIEW_APP_NAME:
- description: The name of the review app to create or destroy
- required: false
- default: 'review-$APP_NAME-$CI_BRANCH_NAME'
SSH_HOST_KEY:
- description: The results of running ssh-keyscan -t rsa $HOST
- required: false
- default: ''
SSH_PRIVATE_KEY:
- description: A private SSH key that has push acces to your Dokku instance
- required: true
SSH_PASSPHRASE:
- description: If set, the passphrase to use when interacting with an SSH key that has a passphrase
- required: false
- default: ''
TRACE:
- description: Allows users to debug what the action is performing by enabling shell trace mode
- required: false
- default: ''

Hooks

This image allows a variety of file-based hooks to be triggered during the app deploy process. These hooks should be executables relative to the current working directory in which dokku-deploy script is executed - typically your repository root.

The following environment variables are available for usage in the script:

APP_NAME: The name of the remote app that will be deployed. This takes the parsed GIT_REMOTE_URL and REVIEW_APP_NAME into account.
IS_REVIEW_APP: true if a review app is being deployed, false otherwise.
SSH_REMOTE: The parsed ssh remote url.

The simplest hook is a shell script like so:

#!/bin/sh -l

echo "hello world"

Note

The Docker image in use by this repository currently only supports sh as the interpreter. If another interpreter is desired, it should be added to the environment manually.

To execute remote dokku commands, the ssh binary can be executed like so:

#!/bin/sh -l

ssh "$SSH_REMOTE" -- version

Additionally, if a Dokku command should be executed only for review apps, the IS_REVIEW_APP variable can be checked for the value true to wrap review app-specific logic:

#!/bin/sh -l
if [ "$IS_REVIEW_APP" = "true" ]; then
  ssh "$SSH_REMOTE" -- config:set "$APP_NAME" "DOMAIN=$APP_NAME.dokku.me"
  echo "configured the review app domain"
fi

The following hooks are available:

bin/ci-pre-deploy: Triggered after any app setup but before the app is deployed
bin/ci-post-deploy: Triggered after the app is deployed
bin/ci-pre-review-app-destroy: Triggered before a review app is destroyed
bin/ci-post-review-app-destroy: Triggered after a review app is deployed

Building

docker build dokku/ci-docker-image .

ci-docker-image's People

Contributors

Stargazers

Watchers

ci-docker-image's Issues

Can't add passphrase?

I want to use the action to deploy to dokku but my ssh key is also secured with a passphrase. Is there a way to pass this to the action aswell?

Cannot Push to Dokku Host because of fatal: invalid refspec

Description of problem

How reproducible

Always

Steps to Reproduce

When running the following deployment task on GitLab CI the step fails.

(Had to replace the real IP with <IP> as I'm not allow to share it.)

deploy:
  stage: deploy
  only:
    - master
  image: dokku/ci-docker-image
  variables:
    GIT_REMOTE_URL: ssh://dokku@<IP>:22/filesystem
  script:
    - dokku-deploy
  after_script:
    - dokku-unlock

Actual Results

Running with gitlab-runner 13.6.0 (8fa89735)
  on UraharaShop GitLab Runner Spb582uJ
Preparing the "docker" executor
00:01
Using Docker executor with image dokku/ci-docker-image ...
Pulling docker image dokku/ci-docker-image ...
Using docker image sha256:29211d9c54cdcdb726bc5d65fe63e9adf2c72e31dbb91662236f017a094b3299 for dokku/ci-docker-image with digest dokku/ci-docker-image@sha256:6a7b90df529ead62847771e933dc8b3a0d41b4ea90f83e82a49720c132b0f71d ...
Preparing environment
00:01
Running on runner-spb582uj-project-21553206-concurrent-0 via ubuntu-s-1vcpu-2gb-ams3-01...
Getting source from Git repository
Fetching changes with git depth set to 50...
Reinitialized existing Git repository in /builds/uraharashop/filesystem/.git/
Checking out a30771d8 as master...
Removing .cache/
Removing coverage.out
Removing report.xml
Skipping Git submodules setup
Executing "step_script" stage of the job script
00:01
$ dokku-deploy
Setting up SSH Key
Generating SSH_HOST_KEY from ssh-keyscan against <IP>:22
# <IP>:22 SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.1
# <IP>:22 SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.1
# <IP>:22 SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.1
# <IP>:22 SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.1
# <IP>:22 SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.1
Adding SSH Key to ssh-agent
Agent pid 28
Identity added: /root/.ssh/id_rsa (/root/.ssh/id_rsa)
Pushing to Dokku Host
fatal: invalid refspec 'a30771d80c847a2c0e6fa67a26853b1f3d462998:refs/heads/'
Running after_script
00:02
Running after script...
$ dokku-unlock
Setting up SSH Key
Generating SSH_HOST_KEY from ssh-keyscan against <IP>:22
# <IP>:22 SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.1
# <IP>:22 SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.1
# <IP>:22 SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.1
# <IP>:22 SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.1
# <IP>:22 SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.1
Adding SSH Key to ssh-agent
Agent pid 28
Identity added: /root/.ssh/id_rsa (/root/.ssh/id_rsa)
Unlocking Dokku deployment
load pubkey "/root/.ssh/id_rsa": invalid format
 !     Unable to remove deploy lock
Cleaning up file based variables
00:00
ERROR: Job failed: exit code 128

Expected Results

To receive Job succeeded.

Environment Information

SSH_PRIVATE_KEY is set as a protected Variable on GitLab Group level
master is a protected branch

How (deb/make/rpm) and where (AWS, VirtualBox, physical, etc.) was Dokku installed?:

Dokku was installed with ansible on a physical machine.

Additional information

It works fine with ilyasemenov/gitlab-ci-git-push

deploy:
  stage: deploy
  image: ilyasemenov/gitlab-ci-git-push
  environment:
    name: filesystem
  only:
    - master
  script:
    - git-push ssh://dokku@<IP>:22/filesystem

feature request :) ability to destroy db

Description of problem

As per discussed in dokku forum on slack we're looking into cloning our "master"/staging database so that we can have a bit better database integrity.

In the the ci-predeploy-script we can add logic to clone the master database and link the new review-app to this cloned version, but we don't have an automated solution to destroying the database on destruction of the review-app

would that be possible to implement?

Support additionnal commands when deploying review apps

I would like to know if there's a way to extend this to allow additionnal commands to run when deploying review apps?

For example, I'd like to be able to set different ENV variables for my app (database url, different 3rd party credentials etc...).

Being able to run a script would be a plus (create / remove a database created for the review app)

Incorrect default value for BRANCH in readme

The readme states the following about BRANCH:

BRANCH:

description: The branch to deploy when pushing to Dokku

required: false

default: ''master

The default value for BRANCH is not 'master'. It is the branch which triggers the CI pipeline.

Cannot use an IPv6 address in the Git URL

If you're using Dokku - especially for commercial purposes - consider donating to project development via OpenCollective or Patreon. Funds go to general development, support, and infrastructure costs.

If you'd like to sponsor specific functionality, see the project's Sponsoring document.

If you need support for a version of Dokku that is more than a year old, your issue may be closed without an answer. Please upgrade to a recent version before filing an issue.

Description of problem

Unlike IPv4 addresses, IPv6 addresses cannot be used.

How reproducible

Very

Steps to Reproduce

GIT_REMOTE_URL=ssh://[email protected]:22/example bin/parse-ssh-host
GIT_REMOTE_URL=ssh://dokku@[2606:4700:4700::1111]:22/example bin/parse-ssh-host

Actual Results

1.1.1.1
[2606

Expected Results

1.1.1.1
[2606:4700:4700::1111]

Environment Information

GitLab CI specifically, but reproducible outside.

git push stuck

If you're using Dokku - especially for commercial purposes - consider donating to project development via OpenCollective or Patreon. Funds go to general development, support, and infrastructure costs.

If you'd like to sponsor specific functionality, see the project's Sponsoring document.

If you need support for a version of Dokku that is more than a year old, your issue may be closed without an answer. Please upgrade to a recent version before filing an issue.

Description of problem

I'm using the Github Action to deploy my app, and when using it together with a VPN (Wireguard), the git push command hangs with no output (Only when running in GHA inside this container image).

Posting here because the issue only happens inside this image.

How reproducible

100% of the time in GHA, but not locally (Using the same VPN config)

Steps to Reproduce

Configure and connect to VPN
SSH into the GHA runner (Used the VPN for this)
Run docker run --rm -v $(pwd):/app -w /app -i dokku/ci-docker-image:0.7.0
Push into repo git push -v ssh://[email protected]/backend ffbd7b782de0b25d17b273026b54c590b675695f:refs/heads/main <-- Stuck, no output
Do the same outside the container and it works.

Actual Results

Git push command stuck

Expected Results

Successful deploy

Environment Information

Details

ubuntu@agendaodonto-staging:~$ dokku report
-----> uname: Linux agendaodonto-staging 5.15.0-1045-oracle #51-Ubuntu SMP Fri Sep 22 10:56:53 UTC 2023 aarch64 aarch64 aarch64 GNU/Linux
-----> memory:
total used free shared buff/cache available
Mem: 11940 4949 5567 44 1423 6724
Swap: 0 0 0
-----> docker version:
Client: Docker Engine - Community
Version: 24.0.6
API version: 1.43
Go version: go1.20.7
Git commit: ed223bc
Built: Mon Sep 4 12:31:57 2023
OS/Arch: linux/arm64
Context: default

   Server: Docker Engine - Community
    Engine:
     Version:          24.0.6
     API version:      1.43 (minimum version 1.12)
     Go version:       go1.20.7
     Git commit:       1a79695
     Built:            Mon Sep  4 12:31:57 2023
     OS/Arch:          linux/arm64
     Experimental:     false
    containerd:
     Version:          1.6.24
     GitCommit:        61f9fd88f79f081d64d6fa3bb1a0dc71ec870523
    runc:
     Version:          1.1.9
     GitCommit:        v1.1.9-0-gccaecfc
    docker-init:
     Version:          0.19.0
     GitCommit:        de40ad0

-----> docker daemon info:
Client: Docker Engine - Community
Version: 24.0.6
Context: default
Debug Mode: true
Plugins:
buildx: Docker Buildx (Docker Inc.)
Version: v0.11.2
Path: /usr/libexec/docker/cli-plugins/docker-buildx
compose: Docker Compose (Docker Inc.)
Version: v2.21.0
Path: /usr/libexec/docker/cli-plugins/docker-compose

   Server:
    Containers: 7
     Running: 7
     Paused: 0
     Stopped: 0
    Images: 20
    Server Version: 24.0.6
    Storage Driver: overlay2
     Backing Filesystem: extfs
     Supports d_type: true
     Using metacopy: false
     Native Overlay Diff: true
     userxattr: false
    Logging Driver: json-file
    Cgroup Driver: systemd
    Cgroup Version: 2
    Plugins:
     Volume: local
     Network: bridge host ipvlan macvlan null overlay
     Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
    Swarm: inactive
    Runtimes: io.containerd.runc.v2 runc
    Default Runtime: runc
    Init Binary: docker-init
    containerd version: 61f9fd88f79f081d64d6fa3bb1a0dc71ec870523
    runc version: v1.1.9-0-gccaecfc
    init version: de40ad0
    Security Options:
     apparmor
     seccomp
      Profile: builtin
     cgroupns
    Kernel Version: 5.15.0-1045-oracle
    Operating System: Ubuntu 22.04.3 LTS
    OSType: linux
    Architecture: aarch64
    CPUs: 2
    Total Memory: 11.66GiB
    Name: agendaodonto-staging
    ID: 16580e0c-186b-4144-ac5c-5674e1337ec5
    Docker Root Dir: /var/lib/docker
    Debug Mode: false
     File Descriptors: 68
     Goroutines: 68
     System Time: 2023-10-08T23:24:56.53655536Z
     EventsListeners: 1
    Experimental: false
    Insecure Registries:
     127.0.0.0/8
    Live Restore Enabled: false

-----> git version: git version 2.34.1
-----> sigil version: 0.10.1build+e443be0
-----> herokuish version:
! herokuish not supported on arm64 architecture
-----> dokku version: dokku version 0.31.4
-----> plugn version: plugn: 0.13.0build+fd5297a
-----> dokku plugins:
00_dokku-standard 0.31.4 enabled dokku core standard plugin
20_events 0.31.4 enabled dokku core events logging plugin
app-json 0.31.4 enabled dokku core app-json plugin
apps 0.31.4 enabled dokku core apps plugin
builder 0.31.4 enabled dokku core builder plugin
builder-dockerfile 0.31.4 enabled dokku core builder-dockerfile plugin
builder-herokuish 0.31.4 enabled dokku core builder-herokuish plugin
builder-lambda 0.31.4 enabled dokku core builder-lambda plugin
builder-null 0.31.4 enabled dokku core builder-null plugin
builder-pack 0.31.4 enabled dokku core builder-pack plugin
buildpacks 0.31.4 enabled dokku core buildpacks plugin
caddy-vhosts 0.31.4 enabled dokku core caddy-vhosts plugin
certs 0.31.4 enabled dokku core certificate management plugin
checks 0.31.4 enabled dokku core checks plugin
common 0.31.4 enabled dokku core common plugin
config 0.31.4 enabled dokku core config plugin
cron 0.31.4 enabled dokku core cron plugin
docker-options 0.31.4 enabled dokku core docker-options plugin
domains 0.31.4 enabled dokku core domains plugin
enter 0.31.4 enabled dokku core enter plugin
git 0.31.4 enabled dokku core git plugin
haproxy-vhosts 0.31.4 enabled dokku core haproxy-vhosts plugin
letsencrypt 0.20.3 enabled Automated installation of let's encrypt TLS certificates
logs 0.31.4 enabled dokku core logs plugin
network 0.31.4 enabled dokku core network plugin
nginx-vhosts 0.31.4 enabled dokku core nginx-vhosts plugin
openresty-vhosts 0.31.4 enabled dokku core openresty-vhosts plugin
plugin 0.31.4 enabled dokku core plugin plugin
ports 0.31.4 enabled dokku core ports plugin
postgres 1.36.0 enabled dokku postgres service plugin
proxy 0.31.4 enabled dokku core proxy plugin
ps 0.31.4 enabled dokku core ps plugin
rabbitmq 1.36.3 enabled dokku rabbitmq service plugin
redis 1.37.1 enabled dokku redis service plugin
registry 0.31.4 enabled dokku core registry plugin
repo 0.31.4 enabled dokku core repo plugin
resource 0.31.4 enabled dokku core resource plugin
run 0.31.4 enabled dokku core run plugin
scheduler 0.31.4 enabled dokku core scheduler plugin
scheduler-docker-local 0.31.4 enabled dokku core scheduler-docker-local plugin
scheduler-null 0.31.4 enabled dokku core scheduler-null plugin
shell 0.31.4 enabled dokku core shell plugin
ssh-keys 0.31.4 enabled dokku core ssh-keys plugin
storage 0.31.4 enabled dokku core storage plugin
trace 0.31.4 enabled dokku core trace plugin
traefik-vhosts 0.31.4 enabled dokku core traefik-vhosts plugin

How (deb/make) and where (AWS, VirtualBox, physical, etc.) was Dokku installed?:

Ansible playbook in OCI

Additional information

Updated the git using apk add git and nothing changed
I can see network packages reaching the server while the command is stuck (seems to be a keepalive check)

- The culprit seems to be ssh:

Details

ssh -vvv -T [email protected]
OpenSSH_9.1p1, OpenSSL 3.0.7 1 Nov 2022
debug1: Reading configuration data /etc/ssh/ssh_config
debug2: resolve_canonicalize: hostname 10.8.0.11 is address
debug3: expanded UserKnownHostsFile '/.ssh/known_hosts' -> '/root/.ssh/known_hosts'
debug3: expanded UserKnownHostsFile '/.ssh/known_hosts2' -> '/root/.ssh/known_hosts2'
debug3: ssh_connect_direct: entering
debug1: Connecting to 10.8.0.11 [10.8.0.11] port 22.
debug3: set_sock_tos: set socket 3 IP_TOS 0x48
debug1: Connection established.
debug1: identity file /root/.ssh/id_rsa type -1
debug1: identity file /root/.ssh/id_rsa-cert type -1
debug1: identity file /root/.ssh/id_ecdsa type -1
debug1: identity file /root/.ssh/id_ecdsa-cert type -1
debug1: identity file /root/.ssh/id_ecdsa_sk type -1
debug1: identity file /root/.ssh/id_ecdsa_sk-cert type -1
debug1: identity file /root/.ssh/id_ed25519 type -1
debug1: identity file /root/.ssh/id_ed25519-cert type -1
debug1: identity file /root/.ssh/id_ed25519_sk type -1
debug1: identity file /root/.ssh/id_ed25519_sk-cert type -1
debug1: identity file /root/.ssh/id_xmss type -1
debug1: identity file /root/.ssh/id_xmss-cert type -1
debug1: identity file /root/.ssh/id_dsa type -1
debug1: identity file /root/.ssh/id_dsa-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_9.1
debug1: Remote protocol version 2.0, remote software version OpenSSH_8.9p1 Ubuntu-3ubuntu0.4
debug1: compat_banner: match: OpenSSH_8.9p1 Ubuntu-3ubuntu0.4 pat OpenSSH* compat 0x04000000
debug2: fd 3 setting O_NONBLOCK
debug1: Authenticating to 10.8.0.11:22 as 'dokku'
debug1: load_hostkeys: fopen /root/.ssh/known_hosts: No such file or directory
debug1: load_hostkeys: fopen /root/.ssh/known_hosts2: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts2: No such file or directory
debug3: order_hostkeyalgs: no algorithms matched; accept original
debug3: send packet: type 20
debug1: SSH2_MSG_KEXINIT sent
debug3: receive packet: type 20
debug1: SSH2_MSG_KEXINIT received
debug2: local client KEXINIT proposal
debug2: KEX algorithms: [email protected],curve25519-sha256,[email protected],ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,ext-info-c
debug2: host key algorithms: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,[email protected],[email protected],rsa-sha2-512,rsa-sha2-256
debug2: ciphers ctos: [email protected],aes128-ctr,aes192-ctr,aes256-ctr,[email protected],[email protected]
debug2: ciphers stoc: [email protected],aes128-ctr,aes192-ctr,aes256-ctr,[email protected],[email protected]
debug2: MACs ctos: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: MACs stoc: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: compression ctos: none,[email protected],zlib
debug2: compression stoc: none,[email protected],zlib
debug2: languages ctos:
debug2: languages stoc:
debug2: first_kex_follows 0
debug2: reserved 0
debug2: peer server KEXINIT proposal
debug2: KEX algorithms: curve25519-sha256,[email protected],ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,[email protected],diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256
debug2: host key algorithms: rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp256,ssh-ed25519
debug2: ciphers ctos: [email protected],aes128-ctr,aes192-ctr,aes256-ctr,[email protected],[email protected]
debug2: ciphers stoc: [email protected],aes128-ctr,aes192-ctr,aes256-ctr,[email protected],[email protected]
debug2: MACs ctos: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: MACs stoc: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: compression ctos: none,[email protected]
debug2: compression stoc: none,[email protected]
debug2: languages ctos:
debug2: languages stoc:
debug2: first_kex_follows 0
debug2: reserved 0
debug1: kex: algorithm: [email protected]
debug1: kex: host key algorithm: ssh-ed25519
debug1: kex: server->client cipher: [email protected] MAC: compression: none
debug1: kex: client->server cipher: [email protected] MAC: compression: none
debug3: send packet: type 30
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY

Failed to connect Rails app to postgresql while deploy

If you're using Dokku - especially for commercial purposes - consider donating to project development via OpenCollective or Patreon. Funds go to general development, support, and infrastructure costs.

If you'd like to sponsor specific functionality, see the project's Sponsoring document.

If you need support for a version of Dokku that is more than a year old, your issue may be closed without an answer. Please upgrade to a recent version before filing an issue.

Description of problem

Failed to connect Rails app to postgresql while deploy via Gitlab Pipelines. But It work correctly on git push on local machine.

Please help me find solution.

GitHub Pipeline log

Running with gitlab-runner 16.3.0~beta.108.g2b6048b4 (2b6048b4)
  on green-5.saas-linux-small-amd64.runners-manager.gitlab.com/default xS6Vzpvo, system ID: s_6b1e4f06fcfd
  feature flags: FF_USE_IMPROVED_URL_MASKING:true, FF_RESOLVE_FULL_TLS_CHAIN:false
Preparing the "docker+machine" executor
00:05
Using Docker executor with image dokku/ci-docker-image ...
Pulling docker image dokku/ci-docker-image ...
Using docker image sha256:39b1b48fc10c7d58c0b6ef041e9a37821c6df75b351889f87e755bd702f08f3b for dokku/ci-docker-image with digest dokku/ci-docker-image@sha256:8e9d0242dc84e35e82b4312c6c2bc7cc191e2cb362ab756978851c2a8d91cae5 ...
Preparing environment
00:01
Running on runner-xs6vzpvo-project-44243440-concurrent-0 via runner-xs6vzpvo-s-l-s-amd64-1695480759-71fa0a3b...

Getting source from Git repository
00:01
Fetching changes...
Initialized empty Git repository in /builds/gpt-beaver/gpt-rails/.git/
Created fresh repository.
Checking out 30fa8b1e as detached HEAD (ref is main)...
Skipping Git submodules setup
$ git remote set-url origin "${CI_REPOSITORY_URL}"
Restoring cache
00:05
Checking cache for gpt-rails-production-protected...
Downloading cache from https://storage.googleapis.com/gitlab-com-runners-cache/project/44243440/gpt-rails-production-protected 
Successfully extracted cache

Executing "step_script" stage of the job script
07:57
Using docker image sha256:39b1b48fc10c7d58c0b6ef041e9a37821c6df75b351889f87e755bd702f08f3b for dokku/ci-docker-image with digest dokku/ci-docker-image@sha256:8e9d0242dc84e35e82b4312c6c2bc7cc191e2cb362ab756978851c2a8d91cae5 ...
$ dokku-deploy
Setting up SSH Key
Generating SSH_HOST_KEY from ssh-keyscan against 13.50.103.93:22
# 13.50.103.93:22 SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.9
# 13.50.103.93:22 SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.9
# 13.50.103.93:22 SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.9
# 13.50.103.93:22 SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.9
# 13.50.103.93:22 SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.9
Adding SSH Key to ssh-agent
Agent pid 32
Identity added: /root/.ssh/id_rsa (/root/.ssh/id_rsa)
Pushing to Dokku Host
remote: -----> Cleaning up...        
remote: -----> Building gpt from herokuish        
remote: -----> Adding BUILD_ENV to build environment...        
remote:        BUILD_ENV added successfully        
remote:        -----> Ruby app detected        
remote: -----> Installing bundler 2.3.25        
remote: -----> Removing BUNDLED WITH version in the Gemfile.lock        
remote: -----> Compiling Ruby/Rails        
remote: -----> Using Ruby version: ruby-3.2.2        
remote: -----> Installing dependencies using bundler 2.3.25        
remote:        Running: BUNDLE_WITHOUT='development:test' BUNDLE_PATH=vendor/bundle BUNDLE_BIN=vendor/bundle/bin BUNDLE_DEPLOYMENT=1 bundle install -j4        
remote:        Using rake 13.0.6        
remote:        Using concurrent-ruby 1.2.2        
remote:        Using i18n 1.14.1        
remote:        Using minitest 5.20.0        
remote:        Using tzinfo 2.0.6        
remote:        Using activesupport 7.0.8        
remote:        Using builder 3.2.4        
remote:        Using erubi 1.12.0        
remote:        Using racc 1.7.1        
remote:        Using nokogiri 1.15.4 (x86_64-linux)        
remote:        Using rails-dom-testing 2.2.0        
remote:        Using crass 1.0.6        
remote:        Using loofah 2.21.3        
remote:        Using rails-html-sanitizer 1.6.0        
remote:        Using actionview 7.0.8        
remote:        Using rack 2.2.8        
remote:        Using rack-test 2.1.0        
remote:        Using actionpack 7.0.8        
remote:        Using nio4r 2.5.9        
remote:        Using websocket-extensions 0.1.5        
remote:        Using websocket-driver 0.7.6        
remote:        Using actioncable 7.0.8        
remote:        Using globalid 1.2.1        
remote:        Using activejob 7.0.8        
remote:        Using activemodel 7.0.8        
remote:        Using activerecord 7.0.8        
remote:        Using marcel 1.0.2        
remote:        Using mini_mime 1.1.5        
remote:        Using activestorage 7.0.8        
remote:        Using date 3.3.3        
remote:        Using timeout 0.4.0        
remote:        Using net-protocol 0.2.1        
remote:        Using net-imap 0.3.7        
remote:        Using net-pop 0.1.2        
remote:        Using net-smtp 0.3.3        
remote:        Using mail 2.8.1        
remote:        Using actionmailbox 7.0.8        
remote:        Using actionmailer 7.0.8        
remote:        Using actiontext 7.0.8        
remote:        Using public_suffix 5.0.3        
remote:        Using addressable 2.8.5        
remote:        Using baran 0.1.8        
remote:        Using bcrypt 3.1.19        
remote:        Using msgpack 1.7.2        
remote:        Using bootsnap 1.16.0        
remote:        Using bundler 2.4.10        
remote:        Using colorize 0.8.1        
remote:        Using connection_pool 2.4.1        
remote:        Using zeitwerk 2.6.11        
remote:        Using dry-core 1.0.1        
remote:        Using dry-inflector 1.0.0        
remote:        Using dry-logic 1.5.0        
remote:        Using dry-types 1.7.1        
remote:        Using ice_nine 0.11.2        
remote:        Using dry-struct 1.6.0        
remote:        Using faraday-net_http 3.0.2        
remote:        Using ruby2_keywords 0.0.5        
remote:        Using faraday 2.7.10        
remote:        Using multipart-post 2.3.0        
remote:        Using faraday-multipart 1.0.4        
remote:        Using httpclient 2.8.3        
remote:        Using method_source 1.0.0        
remote:        Using thor 1.2.2        
remote:        Using railties 7.0.8        
remote:        Using importmap-rails 1.2.1        
remote:        Using json-schema 4.0.0        
remote:        Using tiktoken_ruby 0.0.5 (x86_64-linux)        
remote:        Using langchainrb 0.6.14        
remote:        Using pg 1.5.3        
remote:        Using puma 6.3.1        
remote:        Using rails 7.0.8        
remote:        Using redis-client 0.17.0        
remote:        Using redis 5.0.7        
remote:        Using rollbar 3.4.0        
remote:        Using ruby-openai 5.1.0        
remote:        Using sidekiq 7.1.4        
remote:        Using sprockets 4.2.0        
remote:        Using sprockets-rails 3.4.2        
remote:        Using tailwindcss-rails 2.0.30 (x86_64-linux)        
remote:        Using telegram-bot 0.15.7 from https://github.com/telegram-bot-rb/telegram-bot.git        
remote:        Using telegram-bot-types 0.7.0        
remote:        Bundle complete! 25 Gemfile dependencies, 81 gems now installed.        
remote:        Gems in the groups 'development' and 'test' were not installed.        
remote:        Bundled gems are installed into `./vendor/bundle`        
remote:        Bundle completed (4.15s)        
remote:        Cleaning up the bundler cache.        
remote:        Removing bundler (2.3.25)        
remote: -----> Detecting rake tasks        
remote: -----> Preparing app for Rails asset pipeline        
remote:        Running: rake assets:precompile        
remote:                
remote:        Rebuilding...        
remote:                
remote:        Done in 883ms.        
remote:        Asset precompilation completed (4.37s)        
remote:        Cleaning assets        
remote:        Running: rake assets:clean        
remote: -----> Detecting rails configuration        
remote:                
remote:                
remote:        -----> Discovering process types        
remote:        Procfile declares types -> web, worker        
remote: -----> Releasing gpt...        
remote: -----> Checking for predeploy task        
remote:        No predeploy task found, skipping        
remote: -----> Checking for release task        
remote:        No release task found, skipping        
remote: =====> Processing deployment checks        
remote:        No CHECKS file found. Simple container checks will be performed.        
remote:        For more efficient zero downtime deployments, create a CHECKS file. See https://dokku.com/docs/deployment/zero-downtime-deploys/ for xamples        
remote: -----> Deploying gpt via the docker-local scheduler...        
remote: -----> Deploying web (count=1)        
remote:        Attempting pre-flight checks (web.1)        
remote: -----> Executing 1 healthchecks                                                                
remote:        Running healthcheck name='default' type='uptime' uptime=10                              
remote:        Healthcheck succeeded name='default'                                                    
remote:        All checks successful (web.1)        
remote: =====> Start of gpt container output (web.1)        
remote:        [12] Puma starting in cluster mode...        
remote:        [12] * Puma version: 6.3.1 (ruby 3.2.2-p53) ("Mugi No Toki Itaru")        
remote:        [12] *  Min threads: 5        
remote:        [12] *  Max threads: 5        
remote:        [12] *  Environment: production        
remote:        [12] *   Master PID: 12        
remote:        [12] *      Workers: 2        
remote:        [12] *     Restarts: (✔) hot (✔) phased        
remote:        [12] * Listening on http://0.0.0.0:5000        
remote:        [12] Use Ctrl-C to stop        
remote:        [12] - Worker 0 (PID: 151) booted in 4.62s, phase: 0        
remote:        [12] - Worker 1 (PID: 153) booted in 4.63s, phase: 0        
remote: =====> End of gpt container output (web.1)        
remote:        Scheduling old container shutdown in 60 seconds (web.1)        
remote: =====> Triggering early nginx proxy rebuild        
remote: -----> Ensuring network configuration is in sync for gpt        
remote: -----> Configuring gpt.gpt-api.itbeaver.co...(using built-in template)        
remote: -----> Creating http nginx.conf        
remote:        Reloading nginx        
remote: -----> Deploying worker (count=0)        
remote: -----> Running post-deploy        
remote:  !     Detected IPv4 domain name with nginx proxy enabled.        
remote:  !     Ensure the default nginx site is removed before continuing.        
remote: -----> Ensuring network configuration is in sync for gpt        
remote: -----> Configuring gpt.gpt-api.itbeaver.co...(using built-in template)        
remote: -----> Creating http nginx.conf        
remote:        Reloading nginx        
remote: -----> Renaming containers        
remote:        Found previous container(s) (6b62b146dde0) named gpt.web.1        
remote:        Renaming container (6b62b146dde0) gpt.web.1 to gpt.web.1.1695481307        
remote:        Renaming container gpt.web.1.upcoming-19970 (62c7cf85318e) to gpt.web.1        
remote: -----> Checking for postdeploy task        
remote: -----> Executing postdeploy task from app.json: RAILS_ENV=production bundle exec rake db:migrate; RAILS_ENV=production bundle exec rails b:seed        
remote: =====> Start of gpt postdeploy task (24ea18495) output        
remote:  !     rake aborted!        
remote:  !     ActiveRecord::ConnectionNotEstablished: connection to server on socket "/var/run/postgresql/.s.PGSQL.5432" failed: No such file or irectory        
remote:  !     	Is the server running locally and accepting connections on that socket?        
remote:  !     /app/vendor/bundle/ruby/3.2.0/gems/activerecord-7.0.8/lib/active_record/connection_adapters/postgresql_adapter.rb:87:in `rescue in ew_client'        
remote:  !     /app/vendor/bundle/ruby/3.2.0/gems/activerecord-7.0.8/lib/active_record/connection_adapters/postgresql_adapter.rb:77:in new_client'        
remote:  !     /app/vendor/bundle/ruby/3.2.0/gems/activerecord-7.0.8/lib/active_record/connection_adapters/postgresql_adapter.rb:37:in postgresql_connection'        
remote:  !     /app/vendor/bundle/ruby/3.2.0/gems/activerecord-7.0.8/lib/active_record/connection_adapters/abstract/connection_pool.rb:656:in public_send'        
remote:  !     /app/vendor/bundle/ruby/3.2.0/gems/activerecord-7.0.8/lib/active_record/connection_adapters/abstract/connection_pool.rb:656:in new_connection'        
remote:  !     /app/vendor/bundle/ruby/3.2.0/gems/activerecord-7.0.8/lib/active_record/connection_adapters/abstract/connection_pool.rb:700:in checkout_new_connection'        
remote:  !     /app/vendor/bundle/ruby/3.2.0/gems/activerecord-7.0.8/lib/active_record/connection_adapters/abstract/connection_pool.rb:679:in try_to_checkout_new_connection'        
remote:  !     /app/vendor/bundle/ruby/3.2.0/gems/activerecord-7.0.8/lib/active_record/connection_adapters/abstract/connection_pool.rb:640:in acquire_connection'        
remote:  !     /app/vendor/bundle/ruby/3.2.0/gems/activerecord-7.0.8/lib/active_record/connection_adapters/abstract/connection_pool.rb:341:in checkout'        
remote:  !     /app/vendor/bundle/ruby/3.2.0/gems/activerecord-7.0.8/lib/active_record/connection_adapters/abstract/connection_pool.rb:181:in connection'        
remote:  !     /app/vendor/bundle/ruby/3.2.0/gems/activerecord-7.0.8/lib/active_record/connection_adapters/abstract/connection_handler.rb:211:in retrieve_connection'        
remote:  !     /app/vendor/bundle/ruby/3.2.0/gems/activerecord-7.0.8/lib/active_record/connection_handling.rb:313:in `retrieve_connection'        
remote:  !     /app/vendor/bundle/ruby/3.2.0/gems/activerecord-7.0.8/lib/active_record/connection_handling.rb:280:in `connection'        
remote:  !     /app/vendor/bundle/ruby/3.2.0/gems/activerecord-7.0.8/lib/active_record/tasks/database_tasks.rb:262:in `migrate'        
remote:  !     /app/vendor/bundle/ruby/3.2.0/gems/activerecord-7.0.8/lib/active_record/railties/databases.rake:92:in `block (2 levels) in main>'        
remote:  !     /app/vendor/bundle/ruby/3.2.0/gems/rake-13.0.6/exe/rake:27:in `<top (required)>'        
remote:  !     /app/bin/bundle:108:in `load'        
remote:  !     /app/bin/bundle:108:in `<main>'        
remote:  !     Caused by:        
remote:  !     PG::ConnectionBad: connection to server on socket "/var/run/postgresql/.s.PGSQL.5432" failed: No such file or directory        
remote:  !     	Is the server running locally and accepting connections on that socket?        
remote:  !     /app/vendor/bundle/ruby/3.2.0/gems/pg-1.5.3/lib/pg/connection.rb:819:in `connect_start'        
remote:  !     /app/vendor/bundle/ruby/3.2.0/gems/pg-1.5.3/lib/pg/connection.rb:819:in `connect_to_hosts'        
remote:  !     /app/vendor/bundle/ruby/3.2.0/gems/pg-1.5.3/lib/pg/connection.rb:759:in `new'        
remote:  !     /app/vendor/bundle/ruby/3.2.0/gems/pg-1.5.3/lib/pg.rb:63:in `connect'        
remote:  !     /app/vendor/bundle/ruby/3.2.0/gems/activerecord-7.0.8/lib/active_record/connection_adapters/postgresql_adapter.rb:78:in new_client'        
remote:  !     /app/vendor/bundle/ruby/3.2.0/gems/activerecord-7.0.8/lib/active_record/connection_adapters/postgresql_adapter.rb:37:in postgresql_connection'        
remote:  !     /app/vendor/bundle/ruby/3.2.0/gems/activerecord-7.0.8/lib/active_record/connection_adapters/abstract/connection_pool.rb:656:in public_send'        
remote:  !     /app/vendor/bundle/ruby/3.2.0/gems/activerecord-7.0.8/lib/active_record/connection_adapters/abstract/connection_pool.rb:656:in new_connection'        
remote:  !     /app/vendor/bundle/ruby/3.2.0/gems/activerecord-7.0.8/lib/active_record/connection_adapters/abstract/connection_pool.rb:700:in checkout_new_connection'        
remote:  !     /app/vendor/bundle/ruby/3.2.0/gems/activerecord-7.0.8/lib/active_record/connection_adapters/abstract/connection_pool.rb:679:in try_to_checkout_new_connection'        
remote:  !     /app/vendor/bundle/ruby/3.2.0/gems/activerecord-7.0.8/lib/active_record/connection_adapters/abstract/connection_pool.rb:640:in acquire_connection'        
remote:  !     /app/vendor/bundle/ruby/3.2.0/gems/activerecord-7.0.8/lib/active_record/connection_adapters/abstract/connection_pool.rb:341:in checkout'        
remote:  !     /app/vendor/bundle/ruby/3.2.0/gems/activerecord-7.0.8/lib/active_record/connection_adapters/abstract/connection_pool.rb:181:in connection'        
remote:  !     /app/vendor/bundle/ruby/3.2.0/gems/activerecord-7.0.8/lib/active_record/connection_adapters/abstract/connection_handler.rb:211:in retrieve_connection'        
remote:  !     /app/vendor/bundle/ruby/3.2.0/gems/activerecord-7.0.8/lib/active_record/connection_handling.rb:313:in `retrieve_connection'        
remote:  !     /app/vendor/bundle/ruby/3.2.0/gems/activerecord-7.0.8/lib/active_record/connection_handling.rb:280:in `connection'        
remote:  !     /app/vendor/bundle/ruby/3.2.0/gems/activerecord-7.0.8/lib/active_record/tasks/database_tasks.rb:262:in `migrate'        
remote:  !     /app/vendor/bundle/ruby/3.2.0/gems/activerecord-7.0.8/lib/active_record/railties/databases.rake:92:in `block (2 levels) in main>'        
remote:  !     /app/vendor/bundle/ruby/3.2.0/gems/rake-13.0.6/exe/rake:27:in `<top (required)>'        
remote:  !     /app/bin/bundle:108:in `load'        
remote:  !     /app/bin/bundle:108:in `<main>'        
remote:  !     Tasks: TOP => db:migrate        
remote:  !     (See full trace by running task with --trace)        
remote: =====> End of gpt postdeploy task (24ea18495) output        
remote:  !     Execution of postdeploy task failed: RAILS_ENV=production bundle exec rake db:migrate; RAILS_ENV=production bundle exec rails b:seed        
To ssh://13.50.103.93:22/gpt
 ! [remote rejected] 30fa8b1eb6dfb9bd36b9d2c4319bf7fa64dc0dc8 -> master (pre-receive hook declined)
error: failed to push some refs to 'ssh://13.50.103.93:22/gpt'

Running after_script
00:03
Running after script...
$ dokku-unlock
Setting up SSH Key
Generating SSH_HOST_KEY from ssh-keyscan against 13.50.103.93:22
# 13.50.103.93:22 SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.9
# 13.50.103.93:22 SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.9
# 13.50.103.93:22 SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.9
# 13.50.103.93:22 SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.9
# 13.50.103.93:22 SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.9
Adding SSH Key to ssh-agent
Agent pid 32
Identity added: /root/.ssh/id_rsa (/root/.ssh/id_rsa)
Unlocking Dokku deployment
 !     Unable to remove deploy lock

Cleaning up project directory and file based variables
00:01
ERROR: Job failed: exit code 1

Environment Information

`dokku report APP_NAME` output

-----> uname: Linux ip-172-31-1-9 5.15.0-1045-aws #50~20.04.1-Ubuntu SMP Wed Sep 6 17:29:11 UTC 2023 x86_64 x86_64 x86_64 GNU/Linux
-----> memory:
                     total        used        free      shared  buff/cache   available
       Mem:            929         594          64           3         270         167
       Swap:           999         690         309
-----> docker version:
       Client: Docker Engine - Community
        Version:           23.0.6
        API version:       1.42
        Go version:        go1.19.9
        Git commit:        ef23cbc
        Built:             Fri May  5 21:18:22 2023
        OS/Arch:           linux/amd64
        Context:           default

       Server: Docker Engine - Community
        Engine:
         Version:          23.0.6
         API version:      1.42 (minimum version 1.12)
         Go version:       go1.19.9
         Git commit:       9dbdbd4
         Built:            Fri May  5 21:18:22 2023
         OS/Arch:          linux/amd64
         Experimental:     false
        containerd:
         Version:          1.6.21
         GitCommit:        3dce8eb055cbb6872793272b4f20ed16117344f8
        runc:
         Version:          1.1.7
         GitCommit:        v1.1.7-0-g860f061
        docker-init:
         Version:          0.19.0
         GitCommit:        de40ad0
-----> docker daemon info:
       Client:
        Context:    default
        Debug Mode: true
        Plugins:
         buildx: Docker Buildx (Docker Inc.)
           Version:  v0.10.2
           Path:     /usr/libexec/docker/cli-plugins/docker-buildx
         compose: Docker Compose (Docker Inc.)
           Version:  v2.16.0
           Path:     /usr/libexec/docker/cli-plugins/docker-compose
         scan: Docker Scan (Docker Inc.)
           Version:  v0.23.0
           Path:     /usr/libexec/docker/cli-plugins/docker-scan

       Server:
        Containers: 10
         Running: 10
         Paused: 0
         Stopped: 0
        Images: 48
        Server Version: 23.0.6
        Storage Driver: overlay2
         Backing Filesystem: extfs
         Supports d_type: true
         Using metacopy: false
         Native Overlay Diff: true
         userxattr: false
        Logging Driver: json-file
        Cgroup Driver: cgroupfs
        Cgroup Version: 1
        Plugins:
         Volume: local
         Network: bridge host ipvlan macvlan null overlay
         Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
        Swarm: inactive
        Runtimes: io.containerd.runc.v2 runc
        Default Runtime: runc
        Init Binary: docker-init
        containerd version: 3dce8eb055cbb6872793272b4f20ed16117344f8
        runc version: v1.1.7-0-g860f061
        init version: de40ad0
        Security Options:
         apparmor
         seccomp
          Profile: builtin
        Kernel Version: 5.15.0-1045-aws
        Operating System: Ubuntu 20.04.5 LTS
        OSType: linux
        Architecture: x86_64
        CPUs: 2
        Total Memory: 929.3MiB
        Name: ip-172-31-1-9
        ID: cf01e361-1835-43a1-8d03-a471235dbcaa
        Docker Root Dir: /var/lib/docker
        Debug Mode: false
        Registry: https://index.docker.io/v1/
        Experimental: false
        Insecure Registries:
         127.0.0.0/8
        Live Restore Enabled: false

-----> git version: git version 2.25.1
-----> sigil version: 0.10.1build+e443be0
-----> herokuish version:
       herokuish: v0.7.1
       buildpacks:
         heroku-buildpack-multi     v1.2.0
         heroku-buildpack-ruby      v256
         heroku-buildpack-nodejs    v219
         heroku-buildpack-clojure   v90
         heroku-buildpack-python    v235
         heroku-buildpack-java      v73
         heroku-buildpack-gradle    v39
         heroku-buildpack-scala     v96
         heroku-buildpack-play      v26
         heroku-buildpack-php       v237
         heroku-buildpack-go        v178
         heroku-buildpack-nginx     v24
         buildpack-null             v3
-----> dokku version: dokku version 0.31.4
-----> plugn version: plugn: 0.13.0build+fd5297a
-----> dokku plugins:
         00_dokku-standard    0.31.4 enabled    dokku core standard plugin
         20_events            0.31.4 enabled    dokku core events logging plugin
         app-json             0.31.4 enabled    dokku core app-json plugin
         apps                 0.31.4 enabled    dokku core apps plugin
         builder              0.31.4 enabled    dokku core builder plugin
         builder-dockerfile   0.31.4 enabled    dokku core builder-dockerfile plugin
         builder-herokuish    0.31.4 enabled    dokku core builder-herokuish plugin
         builder-lambda       0.31.4 enabled    dokku core builder-lambda plugin
         builder-null         0.31.4 enabled    dokku core builder-null plugin
         builder-pack         0.31.4 enabled    dokku core builder-pack plugin
         buildpacks           0.31.4 enabled    dokku core buildpacks plugin
         caddy-vhosts         0.31.4 enabled    dokku core caddy-vhosts plugin
         certs                0.31.4 enabled    dokku core certificate management plugin
         checks               0.31.4 enabled    dokku core checks plugin
         common               0.31.4 enabled    dokku core common plugin
         config               0.31.4 enabled    dokku core config plugin
         cron                 0.31.4 enabled    dokku core cron plugin
         docker-options       0.31.4 enabled    dokku core docker-options plugin
         domains              0.31.4 enabled    dokku core domains plugin
         enter                0.31.4 enabled    dokku core enter plugin
         git                  0.31.4 enabled    dokku core git plugin
         haproxy-vhosts       0.31.4 enabled    dokku core haproxy-vhosts plugin
         letsencrypt          0.20.3 enabled    Automated installation of let's encrypt TLS certificates
         logs                 0.31.4 enabled    dokku core logs plugin
         network              0.31.4 enabled    dokku core network plugin
         nginx-vhosts         0.31.4 enabled    dokku core nginx-vhosts plugin
         openresty-vhosts     0.31.4 enabled    dokku core openresty-vhosts plugin
         plugin               0.31.4 enabled    dokku core plugin plugin
         ports                0.31.4 enabled    dokku core ports plugin
         postgres             1.35.0 enabled    dokku postgres service plugin
         proxy                0.31.4 enabled    dokku core proxy plugin
         ps                   0.31.4 enabled    dokku core ps plugin
         redis                1.37.1 enabled    dokku redis service plugin
         registry             0.31.4 enabled    dokku core registry plugin
         repo                 0.31.4 enabled    dokku core repo plugin
         resource             0.31.4 enabled    dokku core resource plugin
         run                  0.31.4 enabled    dokku core run plugin
         scheduler            0.31.4 enabled    dokku core scheduler plugin
         scheduler-docker-local 0.31.4 enabled    dokku core scheduler-docker-local plugin
         scheduler-null       0.31.4 enabled    dokku core scheduler-null plugin
         shell                0.31.4 enabled    dokku core shell plugin
         ssh-keys             0.31.4 enabled    dokku core ssh-keys plugin
         storage              0.31.4 enabled    dokku core storage plugin
         trace                0.31.4 enabled    dokku core trace plugin
         traefik-vhosts       0.31.4 enabled    dokku core traefik-vhosts plugin

Reporting a vulnerability

Hello!

I hope you are doing well!

We are a security research team. Our tool automatically detected a vulnerability in this repository. We want to disclose it responsibly. GitHub has a feature called Private vulnerability reporting, which enables security research to privately disclose a vulnerability. Unfortunately, it is not enabled for this repository.

Can you enable it, so that we can report it?

Thanks in advance!

PS: you can read about how to enable private vulnerability reporting here: https://docs.github.com/en/code-security/security-advisories/repository-security-advisories/configuring-private-vulnerability-reporting-for-a-repository

Want to pass variables from CI into Dokku app

I'm using this image to deploy review apps, and... it works!

But my application also wants a DOMAIN envvar to know its own host name. This would naturally come from the CI env itself.

I could probably do something like this:

script:
  - dokku-deploy
  - ssh dokku@$DOKKU_HOST/$CI_ENVIRONMENT_SLUG -- config:set $CI_ENVIRONMENT_SLUG DOMAIN=${CI_ENVIRONMENT_SLUG}.dokku.soapbox.pub

But it's a bit awkward. I kind of wish I could do this before dokku-deploy, but then setup-ssh wouldn't have been run, so it wouldn't have my key.

I wish this image provided a generic dokku command that I could use like regular dokku and it would "just work".

I ended up using app.json to make it connect to my database and that worked great. This is the only thing I'm missing.

CI image has no OOTB way to configure app

Description of feature

New Dokku user here. I've just converted an internal web app to Dockerfile based Dokku deployment using Gitlab CI. I used the snippet suggested in the docs, and the provided image, but was surprised to find that there was no way for me to pass through some secret config vars from CI to my app.

I ended up adding this script to the /bin dir of the official Dokku CI image (and installing BASH). Maybe I'm missing something as this seems like it would be a common requirement.

#!/bin/bash

# Adapted from dokku-deploy (https://github.com/dokku/ci-docker-image)

# Any var in the environment of the form DOKKU_VAR will set VAR
# using the Dokku config:set command.

set -e
set -o pipefail

setup-ssh

commit_sha="$(parse-ci-commit)"
app_name="$(parse-app-name)"
ssh_remote="ssh://dokku@$(parse-ssh-host):$(parse-ssh-port)"

# grep the names of the vars to set
vars=$(env | sed -n "s/^.*DOKKU_\(\S*\)=.*$/\1/p")

# build the args for config:set command
args=( )
for v in $vars;do
  n=DOKKU_$v
  args+=("${v}=${!n}")
done

ssh "$ssh_remote" -- config:set "$app_name" ${args[*]}

Deploy from image not working, results in: git:from-image: command not found

Description of problem

How reproducible

Use deploy_docker_image to deploy an docker image from ghcr.io

Steps to Reproduce

Create a workflow with the following step

  deploy-to-dokku:
    runs-on: ubuntu-latest
    needs: build-and-push-image
    steps:
      - name: Push to dokku
        uses: dokku/github-action@master
        with:
          git_remote_url: 'ssh://dokku@MY_IP_ADDRESS:22/my-app'
          ssh_private_key: ${{ secrets.SSH_PRIVATE_KEY }}
          deploy_docker_image: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ github.sha }}

Actual Results

bash: line 1: git:from-image: command not found

Expected Results

deployed 🎉

Environment Information

`dokku report MYAPP` output

Details

-----> uname: Linux racknerd-5b1c8c 5.15.0-89-generic #99-Ubuntu SMP Mon Oct 30 20:42:41 UTC 2023 x86_64 x86_64 x86_64 GNU/Linux
-----> memory: 
                      total        used        free      shared  buff/cache   available
       Mem:            7937        2339         399          38        5198        5252
       Swap:           2303         531        1772
-----> docker version: 
       Client: Docker Engine - Community
        Version:           24.0.7
        API version:       1.43
        Go version:        go1.20.10
        Git commit:        afdd53b
        Built:             Thu Oct 26 09:07:41 2023
        OS/Arch:           linux/amd64
        Context:           default
       
       Server: Docker Engine - Community
        Engine:
         Version:          24.0.7
         API version:      1.43 (minimum version 1.12)
         Go version:       go1.20.10
         Git commit:       311b9ff
         Built:            Thu Oct 26 09:07:41 2023
         OS/Arch:          linux/amd64
         Experimental:     false
        containerd:
         Version:          1.6.25
         GitCommit:        d8f198a4ed8892c764191ef7b3b06d8a2eeb5c7f
        runc:
         Version:          1.1.10
         GitCommit:        v1.1.10-0-g18a0cb0
        docker-init:
         Version:          0.19.0
         GitCommit:        de40ad0
-----> docker daemon info: 
       Client: Docker Engine - Community
        Version:    24.0.7
        Context:    default
        Debug Mode: true
        Plugins:
         buildx: Docker Buildx (Docker Inc.)
           Version:  v0.11.2
           Path:     /usr/libexec/docker/cli-plugins/docker-buildx
         compose: Docker Compose (Docker Inc.)
           Version:  v2.21.0
           Path:     /usr/libexec/docker/cli-plugins/docker-compose
       
       Server:
        Containers: 7
         Running: 7
         Paused: 0
         Stopped: 0
        Images: 17
        Server Version: 24.0.7
        Storage Driver: overlay2
         Backing Filesystem: extfs
         Supports d_type: true
         Using metacopy: false
         Native Overlay Diff: true
         userxattr: false
        Logging Driver: json-file
        Cgroup Driver: systemd
        Cgroup Version: 2
        Plugins:
         Volume: local
         Network: bridge host ipvlan macvlan null overlay
         Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
        Swarm: inactive
        Runtimes: io.containerd.runc.v2 runc
        Default Runtime: runc
        Init Binary: docker-init
        containerd version: d8f198a4ed8892c764191ef7b3b06d8a2eeb5c7f
        runc version: v1.1.10-0-g18a0cb0
        init version: de40ad0
        Security Options:
         apparmor
         seccomp
          Profile: builtin
         cgroupns
        Kernel Version: 5.15.0-89-generic
        Operating System: Ubuntu 22.04.3 LTS
        OSType: linux
        Architecture: x86_64
        CPUs: 4
        Total Memory: 7.751GiB
        Name: racknerd-5b1c8c
        ID: **********************************
        Docker Root Dir: /var/lib/docker
        Debug Mode: false
         File Descriptors: 72
         Goroutines: 66
         System Time: 2024-03-03T22:20:25.628655117Z
         EventsListeners: 0
        Experimental: false
        Insecure Registries:
         127.0.0.0/8
        Live Restore Enabled: false
       
-----> herokuish version: 
       herokuish: v0.7.2
       buildpacks:
         heroku-buildpack-multi     v1.2.0
         heroku-buildpack-ruby      v259
         heroku-buildpack-nodejs    v224
         heroku-buildpack-clojure   v91
         heroku-buildpack-python    v237
         heroku-buildpack-java      v73
         heroku-buildpack-gradle    v39
         heroku-buildpack-scala     v96
         heroku-buildpack-play      v26
         heroku-buildpack-php       v239
         heroku-buildpack-go        v181
         heroku-buildpack-nginx     v24
         buildpack-null             v3
-----> dokku version: dokku version 0.32.3
-----> dokku-event-listener version: 0.15.0build+5268732                                                             
-----> dokku-update version: dokku-update 0.7.2
-----> docker-container-healthchecker version: 0.7.2                                                                           
-----> docker-image-labeler version: 0.6.1build+c6e15a9                                                              
-----> git version: git version 2.34.1
-----> lambda-builder version:        0.5.0                                                                           
-----> netrc version: 0.7.1build+677c033
-----> plugn version: plugn: 0.13.0build+fd5297a
-----> sigil version: 0.10.1build+e443be0
-----> sshcommand version: sshcommand 0.17.1
-----> dokku plugins: 
         00_dokku-standard    0.32.3 enabled    dokku core standard plugin
         20_events            0.32.3 enabled    dokku core events logging plugin
         app-json             0.32.3 enabled    dokku core app-json plugin
         apps                 0.32.3 enabled    dokku core apps plugin
         builder              0.32.3 enabled    dokku core builder plugin
         builder-dockerfile   0.32.3 enabled    dokku core builder-dockerfile plugin
         builder-herokuish    0.32.3 enabled    dokku core builder-herokuish plugin
         builder-lambda       0.32.3 enabled    dokku core builder-lambda plugin
         builder-nixpacks     0.32.3 enabled    dokku core builder-nixpacks plugin
         builder-null         0.32.3 enabled    dokku core builder-null plugin
         builder-pack         0.32.3 enabled    dokku core builder-pack plugin
         buildpacks           0.32.3 enabled    dokku core buildpacks plugin
         caddy-vhosts         0.32.3 enabled    dokku core caddy-vhosts plugin
         certs                0.32.3 enabled    dokku core certificate management plugin
         checks               0.32.3 enabled    dokku core checks plugin
         common               0.32.3 enabled    dokku core common plugin
         config               0.32.3 enabled    dokku core config plugin
         cron                 0.32.3 enabled    dokku core cron plugin
         docker-options       0.32.3 enabled    dokku core docker-options plugin
         domains              0.32.3 enabled    dokku core domains plugin
         elasticsearch        1.35.0 enabled    dokku elasticsearch service plugin
         enter                0.32.3 enabled    dokku core enter plugin
         git                  0.32.3 enabled    dokku core git plugin
         haproxy-vhosts       0.32.3 enabled    dokku core haproxy-vhosts plugin
         letsencrypt          0.20.3 enabled    Automated installation of let's encrypt TLS certificates
         logs                 0.32.3 enabled    dokku core logs plugin
         mongo                1.36.6 enabled    dokku mongo service plugin
         network              0.32.3 enabled    dokku core network plugin
         nginx-vhosts         0.32.3 enabled    dokku core nginx-vhosts plugin
         openresty-vhosts     0.32.3 enabled    dokku core openresty-vhosts plugin
         plugin               0.32.3 enabled    dokku core plugin plugin
         ports                0.32.3 enabled    dokku core ports plugin
         postgres             1.36.0 enabled    dokku postgres service plugin
         proxy                0.32.3 enabled    dokku core proxy plugin
         ps                   0.32.3 enabled    dokku core ps plugin
         redis                1.37.1 enabled    dokku redis service plugin
         registry             0.32.3 enabled    dokku core registry plugin
         repo                 0.32.3 enabled    dokku core repo plugin
         resource             0.32.3 enabled    dokku core resource plugin
         run                  0.32.3 enabled    dokku core run plugin
         scheduler            0.32.3 enabled    dokku core scheduler plugin
         scheduler-docker-local 0.32.3 enabled    dokku core scheduler-docker-local plugin
         scheduler-null       0.32.3 enabled    dokku core scheduler-null plugin
         shell                0.32.3 enabled    dokku core shell plugin
         ssh-keys             0.32.3 enabled    dokku core ssh-keys plugin
         storage              0.32.3 enabled    dokku core storage plugin
         trace                0.32.3 enabled    dokku core trace plugin
         traefik-vhosts       0.32.3 enabled    dokku core traefik-vhosts plugin
=====> my-admin app-json information
       App json computed selected:    app.json
       App json global selected:      app.json
       App json selected:             
=====> my-admin app information
       App created at:                1705004240
       App deploy source:             docker-image
       App deploy source metadata:    ghcr.io/myapp/lungo-prod:latest
       App dir:                       /home/dokku/my-admin
       App locked:                    false
=====> my-admin builder information
       Builder build dir:             
       Builder computed build dir:    
       Builder computed selected:     
       Builder global build dir:      
       Builder global selected:       
       Builder selected:              
=====> my-admin builder-dockerfile information
       Builder dockerfile computed dockerfile path: Dockerfile               
       Builder dockerfile global dockerfile path: Dockerfile               
       Builder dockerfile dockerfile path:                          
=====> my-admin builder-herokuish information
       Builder herokuish computed allowed: true                     
       Builder herokuish global allowed: true                     
       Builder herokuish allowed:                              
=====> my-admin builder-lambda information
       Builder lambda computed lambdayml path: lambda.yml               
       Builder lambda global lambdayml path: lambda.yml               
       Builder lambda lambdayml path:                          
=====> my-admin builder-nixpacks information
       Builder nixpacks computed nixpackstoml path: nixpacks.toml            
       Builder nixpacks global nixpackstoml path: nixpacks.toml            
       Builder nixpacks nixpackstoml path:                          
       Builder nixpacks computed no cache: false                    
       Builder nixpacks global no cache: false                    
       Builder nixpacks no cache:                              
=====> my-admin builder-pack information
       Builder pack computed projecttoml path: project.toml             
       Builder pack global projecttoml path: project.toml             
       Builder pack projecttoml path:                          
=====> my-admin buildpacks information
       Buildpacks computed stack:     gliderlabs/herokuish:latest-22
       Buildpacks global stack:       
       Buildpacks list:               
       Buildpacks stack:              
=====> my-admin caddy information
       Caddy image:                   lucaslorentz/caddy-docker-proxy:2.8
       Caddy letsencrypt email:                                
       Caddy letsencrypt server:      https://acme-v02.api.letsencrypt.org/directory
       Caddy log level:               ERROR                    
       Caddy polling interval:        5s                       
       Caddy tls internal:            false                    
=====> my-admin ssl information
       Ssl dir:                       /home/dokku/my-admin/tls
       Ssl enabled:                   true                     
       Ssl hostnames:                 my-admin.upto11.nl lungo.myapp.com
       Ssl expires at:                May 18 07:41:39 2024 GMT 
       Ssl issuer:                    C = US, O = Let's Encrypt, CN = R3
       Ssl starts at:                 Feb 18 07:41:40 2024 GMT 
       Ssl subject:                   subject=CN = my-admin.upto11.nl
       Ssl verified:                  verified by a certificate authority
=====> my-admin checks information
       Checks disabled list:          none                     
       Checks skipped list:           none                     
       Checks computed wait to retire: 60                       
       Checks global wait to retire:  60                       
       Checks wait to retire:                                  
=====> my-admin docker options information
       Docker options build:          --link dokku.postgres.my-admin-pgsql:dokku-postgres-my-admin-pgsql 
       Docker options deploy:         --link dokku.postgres.my-admin-pgsql:dokku-postgres-my-admin-pgsql --restart=on-failure:10 -v /var/lib/dokku/data/storage/my-admin-uploads:/opt/app/public/uploads 
       Docker options run:            --link dokku.postgres.my-admin-pgsql:dokku-postgres-my-admin-pgsql -v /var/lib/dokku/data/storage/my-admin-uploads:/opt/app/public/uploads 
=====> my-admin domains information
       Domains app enabled:           true                     
       Domains app vhosts:            my-admin.upto11.nl lungo.myapp.com
       Domains global enabled:        true                     
       Domains global vhosts:         upto11.nl                
=====> my-admin git information
       Git deploy branch:             main                     
       Git global deploy branch:      master                   
       Git keep git dir:              false                    
       Git rev env var:               GIT_REV                  
       Git sha:                       f1961ce                  
       Git source image:              ghcr.io/myapp/lungo-prod:latest
       Git last updated at:           1709499180               
=====> my-admin haproxy information
       Haproxy image:                 byjg/easy-haproxy:4.3.0  
       Haproxy letsencrypt email:                              
       Haproxy letsencrypt server:    https://acme-v02.api.letsencrypt.org/directory
       Haproxy log level:             ERROR                    
=====> my-admin letsencrypt information
       Letsencrypt active:            true                     
       Letsencrypt autorenew:         false                    
       Letsencrypt computed dns provider:                          
       Letsencrypt global dns provider:                          
       Letsencrypt dns provider:                               
       Letsencrypt computed email:    ***@***.nl              
       Letsencrypt global email:                               
       Letsencrypt email:             ***@***.nl              
       Letsencrypt expiration:        1716018099               
       Letsencrypt computed graceperiod: 2592000                  
       Letsencrypt global graceperiod:                          
       Letsencrypt graceperiod:                                
       Letsencrypt computed lego docker args:                          
       Letsencrypt global lego docker args:                          
       Letsencrypt lego docker args:                           
       Letsencrypt computed server:   https://acme-v02.api.letsencrypt.org/directory
       Letsencrypt global server:                              
       Letsencrypt server:                                     
=====> my-admin logs information
       Logs computed max size:        10m
       Logs global max size:          10m
       Logs global vector sink:       
       Logs max size:                 
       Logs vector sink:              
=====> my-admin network information
       Network attach post create:           
       Network attach post deploy:           
       Network bind all interfaces:          false
       Network computed attach post create:  
       Network computed attach post deploy:  
       Network computed bind all interfaces: false
       Network computed initial network:     
       Network computed tld:                 
       Network global attach post create:    
       Network global attach post deploy:    
       Network global bind all interfaces:   false
       Network global initial network:       
       Network global tld:                   
       Network initial network:              
       Network static web listener:          
       Network tld:                          
       Network web listeners:                172.17.0.9:1337
=====> my-admin nginx information
       Nginx access log format:                                
       Nginx access log path:         /var/log/nginx/my-admin-access.log
       Nginx bind address ipv4:                                
       Nginx bind address ipv6:       ::                       
       Nginx client max body size:                             
       Nginx disable custom config:   false                    
       Nginx error log path:          /var/log/nginx/my-admin-error.log
       Nginx global hsts:             true                     
       Nginx computed hsts:           true                     
       Nginx hsts:                                             
       Nginx hsts include subdomains: true                     
       Nginx hsts max age:            15724800                 
       Nginx hsts preload:            false                    
       Nginx computed nginx conf sigil path: nginx.conf.sigil         
       Nginx global nginx conf sigil path: nginx.conf.sigil         
       Nginx nginx conf sigil path:                            
       Nginx proxy buffer size:       4096                     
       Nginx proxy buffering:         on                       
       Nginx proxy buffers:           8 4096                   
       Nginx proxy busy buffers size: 8192                     
       Nginx proxy read timeout:      60s                      
       Nginx last visited at:         1709499395               
       Nginx x forwarded for value:   $remote_addr             
       Nginx x forwarded port value:  $server_port             
       Nginx x forwarded proto value: $scheme                  
       Nginx x forwarded ssl:                                  
=====> my-admin openresty information
       Openresty access log format:                            
       Openresty access log path:     /var/log/nginx/my-admin-access.log
       Openresty bind address ipv4:                            
       Openresty bind address ipv6:   ::                       
       Openresty client max body size:                          
       Openresty error log path:      /var/log/nginx/my-admin-error.log
       Openresty global hsts:         true                     
       Openresty computed hsts:       true                     
       Openresty hsts:                                         
       Openresty hsts include subdomains: true                     
       Openresty hsts max age:        15724800                 
       Openresty hsts preload:        false                    
       Openresty image:               dokku/openresty-docker-proxy:0.6.0
       Openresty letsencrypt email:                            
       Openresty letsencrypt server:  https://acme-v02.api.letsencrypt.org/directory
       Openresty proxy buffer size:   4096                     
       Openresty proxy buffering:     on                       
       Openresty proxy buffers:       8 4096                   
       Openresty proxy busy buffers size: 8192                     
       Openresty proxy read timeout:  60s                      
       Openresty x forwarded for value: $remote_addr             
       Openresty x forwarded port value: $server_port             
       Openresty x forwarded proto value: $scheme                  
       Openresty x forwarded ssl:                              
=====> my-admin ports information
       Ports map:                     http:80:1337 https:443:1337
       Ports map detected:            https:1337:1337
=====> my-admin proxy information
       Proxy enabled:                 true
       Proxy type:                    nginx
=====> my-admin ps information
       Deployed:                      true
       Processes:                     1
       Ps can scale:                  true
       Ps computed procfile path:     Procfile
       Ps global procfile path:       Procfile
       Ps procfile path:              
       Ps restart policy:             on-failure:10
       Restore:                       true
       Running:                       true
       Status web 1:                  running (CID: 97bc1cb4384)
=====> my-admin registry information
       Registry computed image repo:      myapp/lungo-prod
       Registry computed push on release: true
       Registry computed server:          ghcr.io/
       Registry global push on release:   
       Registry global server:            
       Registry image repo:               myapp/lungo-prod
       Registry push on release:          true
       Registry server:                   ghcr.io
       Registry tag version:              
=====> my-admin resource information
=====> my-admin scheduler information
       Scheduler computed selected:   docker-local
       Scheduler global selected:     docker-local
       Scheduler selected:            
=====> my-admin scheduler-docker-local information
       Scheduler docker local disable chown:                          
       Scheduler docker local init process: true                     
       Scheduler docker local parallel schedule count:                          
=====> my-admin storage information
       Storage build mounts:                                   
       Storage deploy mounts:         -v /var/lib/dokku/data/storage/my-admin-uploads:/opt/app/public/uploads 
       Storage run mounts:            -v /var/lib/dokku/data/storage/my-admin-uploads:/opt/app/public/uploads 
=====> my-admin traefik information
       Traefik api enabled:           false                    
       Traefik api vhost:             traefik.dokku.me         
       Traefik basic auth password:                            
       Traefik basic auth username:                            
       Traefik dashboard enabled:     false                    
       Traefik image:                 traefik:v2.10            
       Traefik letsencrypt email:                              
       Traefik letsencrypt server:    https://acme-v02.api.letsencrypt.org/directory
       Traefik log level:             ERROR                    
       Traefik priority:

How (deb/make) and where (AWS, VirtualBox, physical, etc.) was Dokku installed?:

Using the instructions on the website. Nothing fancy.

Additional information

My guess would be that the deploy action is invalid. If I look in https://github.com/dokku/ci-docker-image/blob/master/bin/dokku-deploy#L100 I see that the cli dokku isn't being called.

So, maybe I am missing somehting in my configuration, or, should the line read as follows?

if [ -n "$DEPLOY_DOCKER_IMAGE" ]; then
  log-info "Deploying image to Dokku Host"
  ssh "$ssh_remote" -- dokku git:from-image "$remote_app_name" "$DEPLOY_DOCKER_IMAGE" "$DEPLOY_USER_NAME" "$DEPLOY_USER_EMAIL"
else
  # OMITTED
fi

Dokku-unlock command is missing the dokku binary

Description of problem

Unlock command does not work

How reproducible

In Gitlab CI, I have

    after_script:
        - dokku-unlock

This binary runs the following command:

ssh -p "$ssh_port" "dokku@$ssh_host" apps:unlock "$app"

Actual Results

This errors with bash: line 1: apps:unlock: command not found

Expected Results

It does not error

Solution

I think it's missing the dokku binary, so

ssh -p "$ssh_port" "dokku@$ssh_host" apps:unlock "$app"

should become

ssh -p "$ssh_port" "dokku@$ssh_host" dokku apps:unlock "$app"

Thanks

SSH_HOSTKEY description and ssh-keyscan in do not match bin/setup.ssh do not match

Description of problem

I could not deploy (via gitlab-ci pipeline) from the docker image because of an ssh authentication problem. The ssh logs on the server said:

Unable to negotiate with <ip> port 22: no matching host key type found.

Turns out the description of SSH_HOSTKEY in README.MD (ssh-keyscan -t rsa $HOST) does describe correctly whats happening in bin/setup.ssh– the -t rsa parameter is missing. When running ssh-keyscan manually and storing the result in the variable, the deployment works.

How reproducible

I could reproduce the problems from the ci pipeline in an docker image.

Steps to Reproduce

Setup dokku with private ssh key (ssh-rsa). (I used an digital ocean droplet which runs SSH-2.0-OpenSSH_8.2p1, don't know if this is part of the problem though.)
Run ci docker image and add private key to it.
Run the keyscan from setup.ssh:

ssh-keyscan -H -p 22 $dokku-server >/root/.ssh/known_hosts
chmod 600 "/root/.ssh/known_hosts"

Try ssh-login at dokku server: ssh dokku@host does not work
Re-run keyscan with parameter according to docs: ssh-keyscan -t rsa -H -p 22 $dokku-server >/root/.ssh/known_hosts
ssh works now

(Same goes for the ci-pipeline, if I the value of keyscan with -t rsa is added as SSH_HOSTKEY, the pipeline works.

dokku / ci-docker-image Goto Github PK

ci-docker-image's Introduction

ci-docker-image

Supported CI Systems

Usage

Configuration

Hooks

Building

ci-docker-image's People

Contributors

Stargazers

Watchers

Forkers

ci-docker-image's Issues

Description of problem

How reproducible

Steps to Reproduce

Actual Results

Expected Results

Environment Information

How (deb/make/rpm) and where (AWS, VirtualBox, physical, etc.) was Dokku installed?:

Additional information

Description of problem

Description of problem

How reproducible

Steps to Reproduce

Actual Results

Expected Results

Environment Information

Description of problem

How reproducible

Steps to Reproduce

Actual Results

Expected Results

Environment Information

How (deb/make) and where (AWS, VirtualBox, physical, etc.) was Dokku installed?:

Additional information

Description of problem

GitHub Pipeline log

Environment Information

dokku report APP_NAME output

Description of feature

Description of problem

How reproducible

Steps to Reproduce

Actual Results

Expected Results

Environment Information

dokku report MYAPP output

How (deb/make) and where (AWS, VirtualBox, physical, etc.) was Dokku installed?:

Additional information

Description of problem

How reproducible

Actual Results

Expected Results

Solution

Description of problem

How reproducible

Steps to Reproduce

Recommend Projects

Recommend Topics

Recommend Org

`dokku report APP_NAME` output

`dokku report MYAPP` output