modules/shared/community-builder: move secrets to sops
This commit is contained in:
parent
6528e6f959
commit
518f527936
6 changed files with 94 additions and 33 deletions
modules/shared
|
@ -26,13 +26,15 @@
|
|||
|
||||
'';
|
||||
|
||||
age.secrets.community-builder-nix-access-tokens = {
|
||||
file = "${inputs.self}/secrets/community-builder-nix-access-tokens.age";
|
||||
sops.secrets.community-builder-nix-access-tokens = {
|
||||
sopsFile = "${inputs.self}/modules/secrets/community-builder.yaml";
|
||||
mode = "444";
|
||||
};
|
||||
|
||||
# fine-grained, no permissions github token, expires 2025-10-29
|
||||
# from `nix-community-buildbot` (user account, not the github app)
|
||||
nix.extraOptions = ''
|
||||
!include ${config.age.secrets.community-builder-nix-access-tokens.path}
|
||||
!include ${config.sops.secrets.community-builder-nix-access-tokens.path}
|
||||
'';
|
||||
|
||||
# useful for people that want to test stuff
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue