Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

build01: add initial marvin-mk2 configuration #25

Merged
merged 2 commits into from
Jun 11, 2020
Merged

build01: add initial marvin-mk2 configuration #25

merged 2 commits into from
Jun 11, 2020

Conversation

timokau
Copy link
Contributor

@timokau timokau commented Jun 10, 2020

Adding marvin-mk2, see #24.

This is a work in progress.

@timokau timokau marked this pull request as draft June 10, 2020 21:14
@timokau timokau mentioned this pull request Jun 10, 2020
Closed
Mic92
Mic92 reviewed Jun 10, 2020
View reviewed changes
build01/marvin-mk2.nix Outdated
# FIXME
environment.GH_KEY_FILE = "";
# FIXME
environment.GH_APP_ID_FILE = "";
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

By the way you can use EnvironmentFile to pass secrets from a file.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

That's quite nice. Potentially it means that the secret could even be owned by root isn't it?
I had a quick look at the EnvironmentFile documentation but it doesn't mention what user it will use to read the file.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Oh, nice! Thanks.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Having it owned by root might be nice, but since its exposed in the environment anyways the security benefits are probably marginal.

Mic92
Mic92 reviewed Jun 10, 2020
View reviewed changes
build01/marvin-mk2.nix Outdated Show resolved Hide resolved
zimbatm
zimbatm reviewed Jun 11, 2020
View reviewed changes
build01/marvin-mk2.nix Outdated Show resolved Hide resolved
@timokau timokau force-pushed the marvin-mk2-init branch 6 times, most recently from d9ed244 to aee6b2a Compare June 11, 2020 19:45
@timokau timokau marked this pull request as ready for review June 11, 2020 19:45
@timokau timokau force-pushed the marvin-mk2-init branch 5 times, most recently from 827d900 to 0d07cd7 Compare June 11, 2020 20:00
@timokau timokau mentioned this pull request Jun 11, 2020
Merged
@timokau timokau force-pushed the marvin-mk2-init branch 2 times, most recently from 03a1d78 to 3aef26e Compare June 11, 2020 21:00
@timokau timokau mentioned this pull request Jun 11, 2020
Open
@adisbladis adisbladis merged commit 1798a15 into nix-community:master Jun 11, 2020
@timokau
Copy link
Contributor Author

timokau commented Jun 11, 2020

Thanks @adisbladis for all your help 🎉

@timokau timokau deleted the marvin-mk2-init branch June 11, 2020 21:12
@timokau timokau mentioned this pull request Jun 13, 2020
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@zimbatm zimbatm zimbatm left review comments

@Mic92 Mic92 Mic92 left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@timokau @zimbatm @Mic92 @adisbladis