diff options
| author | Jörg Thalheim <Mic92@users.noreply.github.com> | 2021-06-01 09:31:23 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2021-06-01 09:31:23 +0200 |
| commit | 846f44e88026f10c114b27e6189f0153d151694a (patch) | |
| tree | 2817822f5115badfe797c4bba264115972754483 | |
| parent | 4a41a22373fbc98ee14530081e9b50da8bf93f96 (diff) | |
| parent | 503b93754278a661391c868544085bcf3713fa89 (diff) | |
| download | nixpkgs-846f44e88026f10c114b27e6189f0153d151694a.tar nixpkgs-846f44e88026f10c114b27e6189f0153d151694a.tar.gz nixpkgs-846f44e88026f10c114b27e6189f0153d151694a.tar.bz2 nixpkgs-846f44e88026f10c114b27e6189f0153d151694a.tar.lz nixpkgs-846f44e88026f10c114b27e6189f0153d151694a.tar.xz nixpkgs-846f44e88026f10c114b27e6189f0153d151694a.tar.zst nixpkgs-846f44e88026f10c114b27e6189f0153d151694a.zip | |
Merge pull request #121667 from Mic92/buildkite
nixos/buildkite-agents: fix race-condition when installing secrets
| -rw-r--r-- | nixos/modules/services/continuous-integration/buildkite-agents.nix | 3 |
1 files changed, 1 insertions, 2 deletions
diff --git a/nixos/modules/services/continuous-integration/buildkite-agents.nix b/nixos/modules/services/continuous-integration/buildkite-agents.nix index 3dd1c40aaa4..b8982d757db 100644 --- a/nixos/modules/services/continuous-integration/buildkite-agents.nix +++ b/nixos/modules/services/continuous-integration/buildkite-agents.nix @@ -238,8 +238,7 @@ in in optionalString (cfg.privateSshKeyPath != null) '' mkdir -m 0700 -p "${sshDir}" - cp -f "${toString cfg.privateSshKeyPath}" "${sshDir}/id_rsa" - chmod 600 "${sshDir}"/id_rsa + install -m600 "${toString cfg.privateSshKeyPath}" "${sshDir}/id_rsa" '' + '' cat > "${cfg.dataDir}/buildkite-agent.cfg" <<EOF token="$(cat ${toString cfg.tokenPath})" |