refactor(tvl-buildkite): Prepare gerrit credentials helper

Currently this functionality is provided by a shell script stored in
/etc/secrets (which has the password value hardcoded).

This needs to happen in a separate commit from the one that changes
the pipeline to avoid breaking it (it needs to be deployed first).

Change-Id: I680754c828ccefbacfcf0d5c813a4bc19493ba4c
This commit is contained in:
Vincent Ambo 2021-12-10 21:44:37 +03:00 committed by clbot
parent 2fe8d724d7
commit 5baa9b6d87

View file

@ -17,6 +17,11 @@ let
mkdir -p $out/bin mkdir -p $out/bin
ln -s ${besadiiWithConfig "post-command"} $out/bin/post-command ln -s ${besadiiWithConfig "post-command"} $out/bin/post-command
''; '';
credentialHelper = pkgs.writeShellScriptBin "gerrit-creds" ''
echo 'username=buildkite'
echo "password=$(jq -r '.gerritPassword' /run/agenix/buildkite-besadii-config)"
'';
in { in {
options.services.depot.buildkite = { options.services.depot.buildkite = {
enable = lib.mkEnableOption description; enable = lib.mkEnableOption description;
@ -39,6 +44,7 @@ in {
runtimePackages = with pkgs; [ runtimePackages = with pkgs; [
bash bash
coreutils coreutils
credentialHelper
curl curl
git git
gnutar gnutar