I have a cap script that performs some lengthy compilation steps before running any remote code. I would like to be able to walk away while all this is happening, but as soon as the compilation is finished it will ask me for the remote server password. Is there a way I can force the script to ask for the password immediately, so that I can leave the rest to run unattended?
I know that I can set up passwordless ssh to avoid the password prompt entirely, but I am looking for a method that will allow unattended deploys for users that don’t have passwordless ssh set up yet.
I feel like I have seen a simple solution for this somewhere, but I am having trouble finding the correct search terms.
If you’re running most commands via
sudo(that is, you haveset :use_sudo, true) you can probably do this by hookingbefore "deploy", "ask_for_password", and create a task “ask_for_password” and immediately using it to perform any command withsudo, such assudo date. Sudo will prompt the first time only, then presumably has a long enough timeout to get through the deploy.If that doesn’t work…
…we’re talking about capistrano — ain’t nothin’ simple with capistrano. It’s an incredibly powerful tool, and I don’t know anyone who finds it “simple”.
Instead of setting up everyone to be able to deploy, maybe set up a host that you can let people ssh into as a user like “deployer”, then have that execute the deploys.
But deploying is a pretty significant task — not everyone should be able to do it, especially to production. I think you’re better off installing passwordless public keys of users having authority to deploy on servers they are permitted to deploy to (e.g. more to test than to staging, or production).