about summary refs log tree commit diff
diff options
context:
space:
mode:
authorFranck Cuny <franck@fcuny.net>2022-06-03 17:58:45 -0700
committerFranck Cuny <franck@fcuny.net>2022-06-04 15:26:06 -0700
commitde60c61ede30f792f61074ef11e8f8b70ebdf4e5 (patch)
treee999d4d1296185f3b1f49029f73a957d9df3aa8b
parentfeat(gerrit-hook): add gerrit-hook to the overlays (diff)
downloadworld-de60c61ede30f792f61074ef11e8f8b70ebdf4e5.tar.gz
feat(gerrit): add secret for gerrit-hook
The secret is the configuration for the gerrit-hook tool. It contains
the URL to our gerrit instance, the username/password for the gerrit
user used by the tool, the API token for buildKite and the name of the
organization in buildKite.

Change-Id: I58233e085c92d4c5db5635eb9942a5e87ee9e55d
Reviewed-on: https://cl.fcuny.net/c/world/+/204
Reviewed-by: Franck Cuny <franck@fcuny.net>
-rw-r--r--hosts/tahoe/secrets/gerrit/hooks.age11
-rw-r--r--hosts/tahoe/secrets/secrets.nix5
2 files changed, 16 insertions, 0 deletions
diff --git a/hosts/tahoe/secrets/gerrit/hooks.age b/hosts/tahoe/secrets/gerrit/hooks.age
new file mode 100644
index 0000000..49d4cb6
--- /dev/null
+++ b/hosts/tahoe/secrets/gerrit/hooks.age
@@ -0,0 +1,11 @@
+age-encryption.org/v1
+-> ssh-ed25519 dtgBNg wj+rkbml3wRe7LoYFOfIiDzh9ZnrpoBOgl4St35r7ic
+E4RuPX2HFq5zDjCBammUWMD0/DAO9MYSrfT8stTfAfU
+-> ssh-ed25519 wtownA lfMDBw2idPonRAgCdvM4utcob4fCHGM0gXcdGaRwxE8
+BHvOVEdR3hD1ttqLt+00/Cnt/YSXSDzDp3peaOTDo+o
+-> [$@-grease r QDkBXm VWDz9
+YOacDaY1Zw8fwe455j3Yd9/xdLM1SaAP2vECUD2XNwVrmdhziNnvj5yIRv8oqwLy
+0QjmPISVsQ
+--- 7S4x/Y5YV/i+d1eBxG3UCRU6lweNobHDrpjVPodYJKo
+/|y6N}0UotG;l5O?@Woa.aO\t׫7#^p̩b¼<|{o1޸WnS=W:TrYЉShRX<grƎl%Sl:)i46A>l-Xtי(qzmQOsŁi9?d@xԚr@#
+j?-?![nTa>xo
\ No newline at end of file
diff --git a/hosts/tahoe/secrets/secrets.nix b/hosts/tahoe/secrets/secrets.nix
index 9eb8188..ed13660 100644
--- a/hosts/tahoe/secrets/secrets.nix
+++ b/hosts/tahoe/secrets/secrets.nix
@@ -20,6 +20,11 @@ in {
     mode = "0440";
   };
 
+  "gerrit/hooks.age" = {
+    publicKeys = all;
+    owner = "git";
+  };
+
   "drone/secrets.age" = {
     publicKeys = all;
     owner = "drone";