diff options
| author | Vincent Ambo <tazjin@google.com> | 2019-12-23T12·26+0100 |
|---|---|---|
| committer | Vincent Ambo <tazjin@google.com> | 2019-12-23T12·26+0100 |
| commit | a260eba3cf478c99dcfd92b821934b40ed905894 (patch) | |
| tree | bcb8f7bfa47e2ab0f4d9037402133508a4eed8a6 | |
| parent | d11cda367fcb17cb98117f7dfc99a651f661542f (diff) | |
refactor(ops/kms_pass): Pin encrypted secrets into Nix store r/293
| -rw-r--r-- | .envrc | 1 | ||||
| -rw-r--r-- | ops/kms_pass.nix | 1 |
2 files changed, 1 insertions, 1 deletions
diff --git a/.envrc b/.envrc index c338a93bb8..34fe568ce9 100644 --- a/.envrc +++ b/.envrc @@ -4,4 +4,3 @@ export PATH="${PWD}/bin:${PATH}" export NIX_PATH="nixpkgs=${PWD}/default.nix" export REPO_ROOT="${PWD}" -export SECRETS_DIR="${PWD}/ops/secrets" diff --git a/ops/kms_pass.nix b/ops/kms_pass.nix index 14989b392d..b8a97d1332 100644 --- a/ops/kms_pass.nix +++ b/ops/kms_pass.nix @@ -14,6 +14,7 @@ in (writeShellScriptBin "pass" '' CMD="$1" readonly SECRET=$2 + readonly SECRETS_DIR=${./secrets} readonly SECRET_PATH="$SECRETS_DIR/$SECRET" function secret_check { |