refactor(ops/kms_pass): Pin encrypted secrets into Nix store
This commit is contained in:
parent
d11cda367f
commit
a260eba3cf
2 changed files with 1 additions and 1 deletions
1
.envrc
1
.envrc
|
@ -4,4 +4,3 @@
|
||||||
export PATH="${PWD}/bin:${PATH}"
|
export PATH="${PWD}/bin:${PATH}"
|
||||||
export NIX_PATH="nixpkgs=${PWD}/default.nix"
|
export NIX_PATH="nixpkgs=${PWD}/default.nix"
|
||||||
export REPO_ROOT="${PWD}"
|
export REPO_ROOT="${PWD}"
|
||||||
export SECRETS_DIR="${PWD}/ops/secrets"
|
|
||||||
|
|
|
@ -14,6 +14,7 @@ in (writeShellScriptBin "pass" ''
|
||||||
|
|
||||||
CMD="$1"
|
CMD="$1"
|
||||||
readonly SECRET=$2
|
readonly SECRET=$2
|
||||||
|
readonly SECRETS_DIR=${./secrets}
|
||||||
readonly SECRET_PATH="$SECRETS_DIR/$SECRET"
|
readonly SECRET_PATH="$SECRETS_DIR/$SECRET"
|
||||||
|
|
||||||
function secret_check {
|
function secret_check {
|
||||||
|
|
Loading…
Reference in a new issue