Support build-briefcase.sh
For now, I'm supporting two CI pipelines: - build-socrates - build-briefcase Conceptually, build-briefcase should cover what build-socrates does now, but eventually I would like build-socrates to call `switch-to-configuration` so that all of my websites, etc. stay fresh.
This commit is contained in:
parent
1bb32b1bcc
commit
42efb3b08a
3 changed files with 7 additions and 2 deletions
6
ci/scripts/build-briefcase.sh
Normal file
6
ci/scripts/build-briefcase.sh
Normal file
|
@ -0,0 +1,6 @@
|
||||||
|
set -euo pipefail
|
||||||
|
|
||||||
|
nix-build . \
|
||||||
|
-I briefcase="$(pwd)" \
|
||||||
|
-I nixpkgs=/home/wpcarro/nixpkgs-channel \
|
||||||
|
--show-trace
|
|
@ -29,7 +29,6 @@ in {
|
||||||
website = readTree ./website;
|
website = readTree ./website;
|
||||||
lisp = readTree ./lisp;
|
lisp = readTree ./lisp;
|
||||||
gopkgs = readTree ./gopkgs;
|
gopkgs = readTree ./gopkgs;
|
||||||
monzo_ynab = readTree ./monzo_ynab;
|
|
||||||
third_party = readTree ./third_party;
|
third_party = readTree ./third_party;
|
||||||
tools = readTree ./tools;
|
tools = readTree ./tools;
|
||||||
buildHaskell = readTree ./buildHaskell;
|
buildHaskell = readTree ./buildHaskell;
|
||||||
|
|
|
@ -118,7 +118,7 @@ in {
|
||||||
# systemd.services.monzo-token-server = {
|
# systemd.services.monzo-token-server = {
|
||||||
# enable = true;
|
# enable = true;
|
||||||
# description = "Ensure my Monzo access token is valid";
|
# description = "Ensure my Monzo access token is valid";
|
||||||
# script = "${briefcase.monzo_ynab.tokens}/bin/token-server";
|
# script = "${briefcase.tools.monzo_ynab.tokens}/bin/token-server";
|
||||||
# # TODO(wpcarro): I'm unsure of the size of this security risk, but if a
|
# # TODO(wpcarro): I'm unsure of the size of this security risk, but if a
|
||||||
# # non-root user runs `systemctl cat monzo-token-server`, they could read the
|
# # non-root user runs `systemctl cat monzo-token-server`, they could read the
|
||||||
# # following, sensitive environment variables.
|
# # following, sensitive environment variables.
|
||||||
|
|
Loading…
Reference in a new issue