From 20b3c856139d363be81a90010b53a646a41a1627 Mon Sep 17 00:00:00 2001 From: Franck Cuny Date: Sat, 4 Jun 2022 18:10:41 -0700 Subject: fix(secrets): set the owner for buildkite agent secrets There's one user per agent. If we don't set an owner for that file, it will be owned by root. Let's set the ownership to the first builder. Change-Id: I1270e6858c0bf2797bd12c2557d84a494cef5081 Reviewed-on: https://cl.fcuny.net/c/world/+/281 Reviewed-by: Franck Cuny --- hosts/tahoe/secrets/secrets.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/hosts/tahoe/secrets/secrets.nix b/hosts/tahoe/secrets/secrets.nix index 96d96d6..8776e6a 100644 --- a/hosts/tahoe/secrets/secrets.nix +++ b/hosts/tahoe/secrets/secrets.nix @@ -16,6 +16,7 @@ in { # see https://buildkite.com/docs/agent/v3/tokens "buildkite/agent.age" = { publicKeys = all; + owner = "buildkite-agent-builder-1"; group = "buildkite-agents"; mode = "0440"; }; -- cgit 1.4.1