mdebray/tvl-depot
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat(whitby): Deploy private SSH key for build agents

Browse source 
Change-Id: I5b1dfaaf28e835cac5b897e18b015d90ac3b2857
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5665
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
Reviewed-by: grfn <grfn@gws.fyi>
This commit is contained in:
Vincent Ambo 2022-05-25 18:17:25 +02:00 committed by tazjin
parent 77f096771d
commit e3a31b702a
2 changed files with 7 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
ops/machines/whitby/default.nix
View file

@ -248,6 +248,12 @@ in
group = "buildkite-agents";
};
buildkite-private-key = {
file = secretFile "buildkite-ssh-private-key";
mode = "0440";
group = "buildkite-agents";
};
gerrit-besadii-config = {
file = secretFile "besadii";
owner = "git";

1
ops/modules/tvl-buildkite.nix
View file

@ -41,6 +41,7 @@ in
inherit name;
enable = true;
tokenPath = config.age.secretsDir + "/buildkite-agent-token";
privateSshKeyPath = config.age.secretsDir + "/buildkite-private-key";
hooks.post-command = "${buildkiteHooks}/bin/post-command";
runtimePackages = with pkgs; [