From 20b3c856139d363be81a90010b53a646a41a1627 Mon Sep 17 00:00:00 2001
From: Franck Cuny <franck@fcuny.net>
Date: Sat, 4 Jun 2022 18:10:41 -0700
Subject: fix(secrets): set the owner for buildkite agent secrets

There's one user per agent. If we don't set an owner for that file, it
will be owned by root. Let's set the ownership to the first builder.

Change-Id: I1270e6858c0bf2797bd12c2557d84a494cef5081
Reviewed-on: https://cl.fcuny.net/c/world/+/281
Reviewed-by: Franck Cuny <franck@fcuny.net>
---
 hosts/tahoe/secrets/secrets.nix | 1 +
 1 file changed, 1 insertion(+)

diff --git a/hosts/tahoe/secrets/secrets.nix b/hosts/tahoe/secrets/secrets.nix
index 96d96d6..8776e6a 100644
--- a/hosts/tahoe/secrets/secrets.nix
+++ b/hosts/tahoe/secrets/secrets.nix
@@ -16,6 +16,7 @@ in {
   # see https://buildkite.com/docs/agent/v3/tokens
   "buildkite/agent.age" = {
     publicKeys = all;
+    owner = "buildkite-agent-builder-1";
     group = "buildkite-agents";
     mode = "0440";
   };
-- 
cgit 1.4.1