kamal icon indicating copy to clipboard operation
kamal copied to clipboard
verified publisher icon basecamp

feat: ssh: use secret in key_data

Open idrista opened this issue 10 months ago • 1 comments

Support secret lookup for key_data

What’s changed?

  • key_data can now be a string to reference a secret, just like registry.username and registry.password.
  • To avoid breaking changes, the behavior is reversed compared to registry:
    • Registry.username | Registry.password : Array → lookup secret, String → raw value
    • SSH.key_data: Array → raw value, String → lookup secret

Why?

  • This makes it easier to manage SSH keys securely using .kamal/secrets.
  • Avoids exposing sensitive data in Git.

idrista avatar Feb 22 '25 22:02 idrista

would be very nice!

lucashfreitas avatar Sep 18 '25 07:09 lucashfreitas

Superseded by #1620

djmb avatar Nov 28 '25 16:11 djmb