lix-project/buildbot-nix
15
0
Fork 0
Code Issues 13 Pull requests 7 Packages Projects Releases Wiki Activity

nix/coordinator: introduce OAuth2 client secret

Browse source 
Signed-off-by: Raito Bezarius <raito@lix.systems>
This commit is contained in:
raito 2024-03-02 18:47:15 +01:00
parent 81bd57ffac
commit 7ad9c1a378
1 changed files with 5 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
nix/coordinator.nix
View file

@ -38,6 +38,10 @@ in
type = lib.types.path; type = lib.types.path;
description = "File containing a list of nix workers"; description = "File containing a list of nix workers";
}; };
oauth2SecretFile = lib.mkOption {
type = lib.types.path;
description = "File containing an OAuth 2 client secret";
};
buildSystems = lib.mkOption { buildSystems = lib.mkOption {
type = lib.types.listOf lib.types.str; type = lib.types.listOf lib.types.str;
default = [ pkgs.hostPlatform.system ]; default = [ pkgs.hostPlatform.system ];
@ -144,6 +148,7 @@ in
# in master.py we read secrets from $CREDENTIALS_DIRECTORY # in master.py we read secrets from $CREDENTIALS_DIRECTORY
LoadCredential = [ LoadCredential = [
"buildbot-nix-workers:${cfg.workersFile}" "buildbot-nix-workers:${cfg.workersFile}"
"buildbot-oauth2-secret:${cfg.oauth2SecretFile}"
] ]
++ lib.optional (cfg.cachix.signingKeyFile != null) ++ lib.optional (cfg.cachix.signingKeyFile != null)
"cachix-signing-key:${builtins.toString cfg.cachix.signingKeyFile}" "cachix-signing-key:${builtins.toString cfg.cachix.signingKeyFile}"