Wire runner caches and forge secrets through agenix
This commit is contained in:
Conrad Kramer
parent
afc3e79eb0
commit
ed247b2f5e
20 changed files with 299 additions and 64 deletions
|
|
@ -4,6 +4,8 @@ Burrow secrets live in `secrets/<name>.age` and are managed with `agenix`.
|
|||
|
||||
For the Forgejo Namespace Cloud runtime:
|
||||
|
||||
- `secrets/forgejo/admin-password.age`
|
||||
- `secrets/forgejo/agent-ssh-key.age`
|
||||
- `secrets/forgejo/nsc-token.age`
|
||||
- `secrets/forgejo/nsc-dispatcher-config.age`
|
||||
- `secrets/forgejo/nsc-autoscaler-config.age`
|
||||
|
|
@ -11,7 +13,8 @@ For the Forgejo Namespace Cloud runtime:
|
|||
Use:
|
||||
|
||||
- `make secret name=forgejo/nsc-token`
|
||||
- `make secret-file name=forgejo/nsc-token file=/path/to/source`
|
||||
- `make secret-file name=forgejo/agent-ssh-key file=/path/to/source`
|
||||
|
||||
The forge host decrypts these files at activation time and feeds the resulting
|
||||
paths into `services.burrow.forgejoNsc`.
|
||||
paths into `services.burrow.forge`, `services.burrow.forgeRunner`, and
|
||||
`services.burrow.forgejoNsc`.
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue