From de60c61ede30f792f61074ef11e8f8b70ebdf4e5 Mon Sep 17 00:00:00 2001 From: Franck Cuny Date: Fri, 3 Jun 2022 17:58:45 -0700 Subject: feat(gerrit): add secret for gerrit-hook The secret is the configuration for the gerrit-hook tool. It contains the URL to our gerrit instance, the username/password for the gerrit user used by the tool, the API token for buildKite and the name of the organization in buildKite. Change-Id: I58233e085c92d4c5db5635eb9942a5e87ee9e55d Reviewed-on: https://cl.fcuny.net/c/world/+/204 Reviewed-by: Franck Cuny --- hosts/tahoe/secrets/gerrit/hooks.age | 11 +++++++++++ hosts/tahoe/secrets/secrets.nix | 5 +++++ 2 files changed, 16 insertions(+) create mode 100644 hosts/tahoe/secrets/gerrit/hooks.age diff --git a/hosts/tahoe/secrets/gerrit/hooks.age b/hosts/tahoe/secrets/gerrit/hooks.age new file mode 100644 index 0000000..49d4cb6 --- /dev/null +++ b/hosts/tahoe/secrets/gerrit/hooks.age @@ -0,0 +1,11 @@ +age-encryption.org/v1 +-> ssh-ed25519 dtgBNg wj+rkbml3wRe7LoYFOfIiDzh9ZnrpoBOgl4St35r7ic +E4RuPX2HFq5zDjCBammUWMD0/DAO9MYSrfT8stTfAfU +-> ssh-ed25519 wtownA lfMDBw2idPonRAgCdvM4utcob4fCHGM0gXcdGaRwxE8 +BHvOVEdR3hD1ttqLt+00/Cnt/YSXSDzDp3peaOTDo+o +-> [$@-grease r QDkBXm VWDz9 +YOacDaY1Zw8fwe455j3Yd9/xdLM1SaAP2vECUD2XNwVrmdhziNnvj5yIRv8oqwLy +0QjmPISVsQ +--- 7S4x/Y5YV/i+d1eBxG3UCRU6lweNobHDrpjVPodYJKo +/|y6N}0UotG;l5O?@Woa.aO\t׫7#^p̩b¼<|{o1޸WnS=W:TrYЉShRXl-Xtי(qzmQOsŁi9?d@xԚr@# +j?-?![nTa>xo \ No newline at end of file diff --git a/hosts/tahoe/secrets/secrets.nix b/hosts/tahoe/secrets/secrets.nix index 9eb8188..ed13660 100644 --- a/hosts/tahoe/secrets/secrets.nix +++ b/hosts/tahoe/secrets/secrets.nix @@ -20,6 +20,11 @@ in { mode = "0440"; }; + "gerrit/hooks.age" = { + publicKeys = all; + owner = "git"; + }; + "drone/secrets.age" = { publicKeys = all; owner = "drone"; -- cgit 1.4.1