48d31b7770
sourcehut does not censor secret strings in build logs, but this workaround should avoid the issue.
22 lines
582 B
YAML
22 lines
582 B
YAML
image: nixos/latest
|
|
sources:
|
|
- https://git.tazj.in/
|
|
secrets:
|
|
# cachix/tazjin
|
|
- 3cea9995-9a90-4bb5-9b50-5d00c3694757
|
|
tasks:
|
|
- setup: |
|
|
# sourcehut does not censor secrets in builds, hence this hack:
|
|
echo -n 'export CACHIX_SIGNING_KEY=' > cachix-preamble
|
|
cat cachix-preamble ~/.cachix-tazjin >> ~/.buildenv
|
|
cachix use tazjin
|
|
- build: |
|
|
cd git.tazj.in
|
|
nix-build ci-builds.nix > built-paths
|
|
- cache: |
|
|
cd git.tazj.in
|
|
cat built-paths | cachix push tazjin
|
|
triggers:
|
|
- action: email
|
|
condition: failure
|
|
to: mail@tazj.in
|