nix/coordinator: introduce OAuth2 client secret

Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-03-02 18:47:15 +01:00 · 2024-03-02 18:47:15 +01:00 · 7ad9c1a378
parent 81bd57ffac
commit 7ad9c1a378
1 changed files with 5 additions and 0 deletions
--- a/nix/coordinator.nix
+++ b/nix/coordinator.nix
@ -38,6 +38,10 @@ in
        type = lib.types.path;
        description = "File containing a list of nix workers";
      };
+      oauth2SecretFile = lib.mkOption {
+        type = lib.types.path;
+        description = "File containing an OAuth 2 client secret";
+      };
      buildSystems = lib.mkOption {
        type = lib.types.listOf lib.types.str;
        default = [ pkgs.hostPlatform.system ];
@ -144,6 +148,7 @@ in
        # in master.py we read secrets from $CREDENTIALS_DIRECTORY
        LoadCredential = [
          "buildbot-nix-workers:${cfg.workersFile}"
+          "buildbot-oauth2-secret:${cfg.oauth2SecretFile}"
        ]
        ++ lib.optional (cfg.cachix.signingKeyFile != null)
          "cachix-signing-key:${builtins.toString cfg.cachix.signingKeyFile}"