History

Florian Klink 4a7ec1006d feat(ops/buildkite): add tvix pipeline Change-Id: Ie701e0b77c596e07600efd1a59749d05068f0dbc Reviewed-on: https://cl.tvl.fyi/c/depot/+/8006 Tested-by: BuildkiteCI Autosubmit: flokli <flokli@flokli.de> Reviewed-by: tazjin <tazjin@tvl.su>		2023-02-01 17:11:50 +00:00
..
.gitignore	feat(ops/buildkite): Bootstrap Buildkite Terraform configuration	2022-06-06 11:05:12 +00:00
default.nix	refactor(ops/buildkite): Use tools.checks.validateTerraform	2022-06-07 09:32:13 +00:00
README.md	docs(ops/buildkite): Add documentation about this config	2022-06-06 11:05:12 +00:00
steps-depot.yml	feat(ops/buildkite): Import main depot pipeline	2022-06-06 11:05:12 +00:00
steps-tvix.yml	feat(ops/buildkite): add tvix pipeline	2023-02-01 17:11:50 +00:00
steps-tvl-kit.yml	feat(ops/buildkite): Import tvl-kit pipeline	2022-06-06 11:05:12 +00:00
tvl.tf	feat(ops/buildkite): add tvix pipeline	2023-02-01 17:11:50 +00:00

README.md

Buildkite configuration

This contains Terraform configuration for setting up our Buildkite pipelines.

Each pipeline (such as the one for depot itself, or exported subsets of the depot) needs some static configuration stored in Buildkite.

Through //tools/depot-deps a tf-buildkite binary is made available which contains a Terraform binary pre-configured with the correct providers. This is automatically on your $PATH through direnv.

However, secrets still need to be loaded to access the Terraform state and speak to the Buildkite API. These are available to certain users through //ops/secrets.

This can be done with separate direnv configuration, for example:

# //ops/buildkite/.envrc
source_up
eval $(age --decrypt -i ~/.ssh/id_ed25519 $(git rev-parse --show-toplevel)/ops/secrets/tf-buildkite.age)