feat(ops/buildkite): use terraform to manage buildkite

Change-Id: I63fc8fd81679457f7dbeafc2bd10c0eded0de991 Reviewed-on: https://cl.fcuny.net/c/world/+/707 Tested-by: CI Reviewed-by: Franck Cuny <franck@fcuny.net>
author: Franck Cuny <franck@fcuny.net> 2022-08-07 14:24:28 -0700
committer: Franck Cuny <franck@fcuny.net> 2022-08-07 14:34:38 -0700
commit: a7f8992b5ebf3bb9e3badf1286a0b785d7a2c10d (patch)
tree: ca8aa578c2df7385f5ae69b6367627c4954691e0 /ops/buildkite/default.nix
parent: ci(pipeline): the pipeline to be executed with a new build (diff)
download: world-a7f8992b5ebf3bb9e3badf1286a0b785d7a2c10d.tar.gz
1 files changed, 25 insertions, 0 deletions
diff --git a/ops/buildkite/default.nix b/ops/buildkite/default.nix
new file mode 100644
index 0000000..7daf7c2
--- /dev/null
+++ b/ops/buildkite/default.nix
@@ -0,0 +1,25 @@
+{ pkgs }:
+let
+  terraform = pkgs.terraform.withPlugins (p: [
+    p.buildkite
+    p.google
+  ]);
+in
+pkgs.stdenv.mkDerivation rec {
+  name = "tf-buildkite";
+  src = ./.;
+
+  upload = pkgs.writeShellScriptBin "tf-buildkite-upload" ''
+    set -ueo pipefail
+
+    cd $(git rev-parse --show-toplevel)/ops/buildkite
+    pass gcloud/terraform/fcuny-homelab > /dev/shm/tf-fcuny-homelab
+
+    export BUILDKITE_API_TOKEN=$(pass api/buildkite-terraform-token)
+    export GOOGLE_APPLICATION_CREDENTIALS=/dev/shm/tf-fcuny-homelab
+
+    ${terraform}/bin/terraform init
+    ${terraform}/bin/terraform plan
+    ${terraform}/bin/terraform apply
+  '';
+}
author	Franck Cuny <franck@fcuny.net>	2022-08-07 14:24:28 -0700
committer	Franck Cuny <franck@fcuny.net>	2022-08-07 14:34:38 -0700
commit	a7f8992b5ebf3bb9e3badf1286a0b785d7a2c10d (patch)
tree	ca8aa578c2df7385f5ae69b6367627c4954691e0 /ops/buildkite/default.nix
parent	ci(pipeline): the pipeline to be executed with a new build (diff)
download	world-a7f8992b5ebf3bb9e3badf1286a0b785d7a2c10d.tar.gz