Skip to content

Commit

Permalink
Adds catalyst flight push support; reduces metrics retention
Browse files Browse the repository at this point in the history
  • Loading branch information
@johnalotoski
johnalotoski committed Nov 17, 2020
1 parent 47a2ef1 commit f72c93a
Show file tree
Hide file tree
Showing 2 changed files with 10 additions and 4 deletions.
12 changes: 9 additions & 3 deletions modules/macs/guest/apply.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -143,6 +143,8 @@ EOF
echo Setting up signing...
# shellcheck disable=SC1091
source /Volumes/CONFIG/signing.sh
# shellcheck disable=SC1091
source /Volumes/CONFIG/signing-catalyst.sh
security create-keychain -p "$KEYCHAIN" ci-signing.keychain
security default-keychain -s ci-signing.keychain
security set-keychain-settings ci-signing.keychain
Expand All @@ -159,16 +161,20 @@ EOF

cp /private/var/root/Library/Keychains/ci-signing.keychain-db /Users/nixos/Library/Keychains/
chown nixos:staff /Users/nixos/Library/Keychains/ci-signing.keychain-db
mkdir -p /var/lib/buildkite-agent
mkdir -p /var/lib/buildkite-agent/.private_keys
cp /private/var/root/Library/Keychains/ci-signing.keychain-db /var/lib/buildkite-agent/
cp /Volumes/CONFIG/signing.sh /var/lib/buildkite-agent/
cp /Volumes/CONFIG/signing-catalyst.sh /var/lib/buildkite-agent/
cp /Volumes/CONFIG/signing-config.json /var/lib/buildkite-agent/
cp /Volumes/CONFIG/code-signing-config.json /var/lib/buildkite-agent/
cp /Volumes/CONFIG/catalyst-ios-build.json /var/lib/buildkite-agent/
cp /Volumes/CONFIG/catalyst-env.sh /var/lib/buildkite-agent/
cp "/Volumes/CONFIG/AuthKey_${CATALYSTKEY}.p8" "/var/lib/buildkite-agent/.private_keys/AuthKey_${CATALYSTKEY}.p8"
chown buildkite-agent:admin /var/lib/buildkite-agent/{ci-signing.keychain-db,signing.sh,signing-config.json,code-signing-config.json}
chown buildkite-agent:admin /var/lib/buildkite-agent/{catalyst-ios-build.json,catalyst-env.sh}
chmod 0400 /var/lib/buildkite-agent/signing.sh
chown -R buildkite-agent:admin /var/lib/buildkite-agent/{signing-catalyst.sh,catalyst-ios-build.json,catalyst-env.sh,.private_keys}
chmod 0700 /var/lib/buildkite-agent/.private_keys
chmod 0400 /var/lib/buildkite-agent/{signing.sh,signing-catalyst.sh} /var/lib/buildkite-agent/.private_keys/*

export KEYCHAIN
sudo -Eu nixos -- security unlock-keychain -p "$KEYCHAIN" /Users/nixos/Library/Keychains/ci-signing.keychain-db
sudo -Eu buildkite-agent -- security unlock-keychain -p "$KEYCHAIN" /var/lib/buildkite-agent/ci-signing.keychain-db
Expand Down
2 changes: 1 addition & 1 deletion modules/monitoring-services.nix
View file
Original file line number Diff line number Diff line change
Expand Up @@ -634,7 +634,7 @@ in {
enable = true;
listenAddress = "127.0.0.1:9090";
webExternalUrl = "https://${cfg.webhost}/prometheus/";
extraFlags = [ "--storage.tsdb.retention=8760h" ];
extraFlags = [ "--storage.tsdb.retention=4380h" ];

alertmanagers = [{
scheme = "http";
Expand Down

0 comments on commit f72c93a

Please sign in to comment.