Skip to content
Snippets Groups Projects

Add symlink to secrets

Merged Add symlink to secrets
65.secrets-via-symlink into develop
1 unresolved thread
Merged Florian Sesser requested to merge 65.secrets-via-symlink into develop
1 unresolved thread

More flexibility and less dots in config files.

Implements #65 (closed).

Merge request reports

Loading
Loading

Activity

Filter activity
  • Approvals
  • Assignees & reviewers
  • Comments (from bots)
  • Comments (from users)
  • Commits & branches
  • Edits
  • Labels
  • Lock status
  • Mentions
  • Merge request status
  • Tracking
morph/grid/testing/grid.nix
11 11 then import path
12 12 else default
13 13 );
14 sshUsers = importDef {} ../../../../PrivateStorageSecrets/staging-users.nix;
  • Florian Sesser
    Florian Sesser @florian ·
    Author Owner

    I still don't understand why we had four levels of dir traversal here and only two in config.json and it nevertheless worked.

    This MR does away with that - please double check I understood you right @jcalderone :)

    Edited by Florian Sesser
  • Jean-Paul Calderone
    Jean-Paul Calderone @jcalderone ·
    Owner

    Yea I'm not exactly sure why different grids thought Secrets was a different distance away. I have some vague idea about how these paths were getting evaluated relative to the morph working directory (plus inconsistency in what directory I ran morph from) but I'm not really confident in this explanation ... I think nix paths are relative to the source file they appear in (though that wouldn't matter for the paths in config.json since those are just strings, not nix paths). Happy to avoid this issue in the future with the secrets symlink.

  • Please register or sign in to reply
  • Jean-Paul Calderone added 3 commits

    added 3 commits

    • b0c7995c - Take the symlink out of git and add instructions about how to provide secrets
    • c6f0a564 - make users non-secret
    • 01628966 - regularize the naming a bit

    Compare with previous version

  • Florian Sesser
    Florian Sesser @florian started a thread on commit b0c7995c
    • morph/README.rst
    42 42
    43 43 Specific grid definitions live in subdirectories beneath this directory.
    44 44
    45 secrets
    46 ~~~~~~~
    47
    48 This must be created and populated before the grid can be built or deployed.
    49
    50 This directory contains all of the secrets necessary to deploy the grid.
    51 Secrets beneath this directory are referenced by ``config.json`` and ``grid.nix``
    52 (and possibly elsewhere).
    53 Some of the paths are configurable and some are just convention.
    54 This path is **ignored** by git.
  • Jean-Paul Calderone added 2 commits

    added 2 commits

    • 52e86f35 - Follow the staging payment server to its new address
    • 30912be3 - Remove an implicit dependency on some ssh_config settings

    Compare with previous version

  • Jean-Paul Calderone added 1 commit

    added 1 commit

    • 2bfab775 - Bring in production users too

    Compare with previous version

  • Jean-Paul Calderone merged

    merged

  • Jean-Paul Calderone mentioned in commit 13d8f91d

    mentioned in commit 13d8f91d

    • Please register or sign in to reply