Hi Folks
I am trying to authenticate to github using a github access token aka CR_PAT. This is documented here Working with the Container registry - GitHub Docs
I am wondering if there is a way to make that work using doppler. Here is what i tried but its failing with :
Error: Cannot perform an interactive login from a non TTY device
doppler run -p local-env -c dev -- echo $GITHUB_TOKEN | docker login ghcr.io -u myuser --password-stdin
BEst Regards
Hi @Y.M.O!
Welcome to the Doppler Community!
The “Error: Cannot perform an interactive login from a non TTY device” error you’re getting happens when you use --password-stdin with docker login but don’t actually pass a password in. The reason this is happening is that you’re attempting to reference an environment variable the Doppler CLI is injecting in the command it’s executing. You can do this, but not using the typical -- syntax. You’ll need to use --command like this:
doppler run -p local-env -c dev --command 'echo $GITHUB_TOKEN | docker login ghcr.io -u myuser --password-stdin'
Could you give that a shot and see if it works?
Regards,
-Joel
Hi @watsonian
Thank you for jumping on this. I tried creating a TEST env variable just in case my shell was being weird and it comes back empty.
Also if there is a better way to accomplish this than using this echo command i would appreciate. I like that doppler passes the variables directly to the process being started. But i canrt figure how to do that in this case
doppler run -p local-env -c dev --command "echo ${TEST} "
I tried this as well with no success
doppler run -p local-env -c dev --command 'bash -c "echo ${TEST}"'
HEre is the debug output log when i pass --debug
-→ doppler run -p local-env -c dev --debug --command 'bash -c "echo ${TEST}"'
Debug: Using config dir /home/my-user/.doppler
Debug: Using config file /home/my-user/.doppler/.doppler.yaml
Debug: Reading config file
Debug: Skipping CLI upgrade check due to disallowed command
Debug: Retrieving token from system keyring
Debug: Sending anonmy-userus analytics payload: '{"command":"doppler.run"}'
Debug: Performing HTTP POST to https://cli.doppler.com/v1/analytics
Debug: Using metadata file /home/my-user/.doppler/fallback/.metadata-c230865338d15171ce654737a383f212d92337862386fc149eb4d34ec78801f2.json
Debug: Reading metadata file /home/my-user/.doppler/fallback/.metadata-c230865338d15171ce654737a383f212d92337862386fc149eb4d34ec78801f2.json
Debug: Performing HTTP GET to https://api.doppler.com/v3/configs/config/secrets/download?config=dev&format=json&include_dynamic_secrets=true&project=local-env
Debug: Request ID 959a8334-5e91-44ae-a99e-0e6edb3b41a6
Debug: Using cached secrets from fallback file
Debug: Using fallback file for cache /home/my-user/.doppler/fallback/.secrets-c230865338d15171ce654737a383f212d92337862386fc149eb4d34ec78801f2.json
Debug: Decrypting cache file
Debug: Parsing encrypted file version 4
Debug: PBKDF2 key derivation used 500000 rounds and took 84 ms
@Y.M.O You need to use single quotes like this:
doppler run -p local-env -c dev --command 'echo ${TEST}'
By using double-quotes, you’re causing bash to attempt to resolve the variable before the CLI injects the secret. Using single quotes will delay evaluation until the echo command is run.
Not much difference with single quotes
-→ doppler run -p local-env -c dev --command 'echo tt ${TEST}'
tt
@Y.M.O If you run doppler secrets get TEST -p local-env -c dev, does the secret print out as expected? This should definitely work if the secret actually has a value as you can see here:
❯ doppler run -p example -c dev --command 'echo tt ${PORT}'
tt 8082
vs the output you get with double-quotes:
❯ doppler run -p example -c dev --command "echo tt ${PORT}"
tt
