about summary refs log tree commit diff
path: root/hosts
diff options
context:
space:
mode:
authorFranck Cuny <franck@fcuny.net>2022-08-06 13:50:32 -0700
committerFranck Cuny <franck@fcuny.net>2022-08-06 13:51:13 -0700
commit15a3aa6245da1dc7d0abadfa509b016d835a03dd (patch)
tree43892c76b8f73b9bdd3492af27cf01c36ff233a2 /hosts
parentfix(modules/buildkite): rename a shell script (diff)
downloadworld-15a3aa6245da1dc7d0abadfa509b016d835a03dd.tar.gz
feat(hosts/tahoe): add a token for graphql for buildkite agents
Change-Id: I17ea0baab0d74888ed1b21342c583495d3f52643
Reviewed-on: https://cl.fcuny.net/c/world/+/705
Tested-by: CI
Reviewed-by: Franck Cuny <franck@fcuny.net>
Diffstat (limited to 'hosts')
-rw-r--r--hosts/tahoe/secrets/buildkite/graphql.age9
-rw-r--r--hosts/tahoe/secrets/secrets.nix7
2 files changed, 16 insertions, 0 deletions
diff --git a/hosts/tahoe/secrets/buildkite/graphql.age b/hosts/tahoe/secrets/buildkite/graphql.age
new file mode 100644
index 0000000..b2b355f
--- /dev/null
+++ b/hosts/tahoe/secrets/buildkite/graphql.age
@@ -0,0 +1,9 @@
+age-encryption.org/v1
+-> ssh-ed25519 dtgBNg 9wM6u3f8tfdhUSmWKZy2aW15Q9NLEt+Q+2r9Zp3c2B8
+rnuasAgCi0UJW28Pjb9BqkwNk0WuHThwvCTNd+tFGkU
+-> ssh-ed25519 wtownA Xw4G1YaRMwJ1bwNmjHwFyo6vcI5P8fPg+LKcn29jgVw
+1EQrgeDwGjzPpy7oEdnSteyib03CUksd1zGMeZ5DK9o
+-> 5zXn-grease %CU]+%WC
+gboFw7YNFbVbmAcwdg
+--- wcsDAcM1XS+GqGZuaVyK/DmzlInUAXrhflWbfqOFyfk
+;–®©åöM1ºÒ|0ÊaÒ¬+u]?Ÿµ›«óÝJ§“øJÍÐÂ’ãQº­V*Zx—Ó£.š
½îTÄ_hܲ
\ No newline at end of file
diff --git a/hosts/tahoe/secrets/secrets.nix b/hosts/tahoe/secrets/secrets.nix
index d3571f4..390f2b6 100644
--- a/hosts/tahoe/secrets/secrets.nix
+++ b/hosts/tahoe/secrets/secrets.nix
@@ -22,6 +22,13 @@ in
     mode = "0440";
   };
 
+  "buildkite/graphql.age" = {
+    publicKeys = all;
+    owner = "buildkite-agent-builder-1";
+    group = "buildkite-agents";
+    mode = "0440";
+  };
+
   # the owner is gerrit, but we also want the builders to access this
   # configuration.
   "gerrit/hooks.age" = {