diff options
author | Vincent Ambo <mail@tazj.in> | 2022-03-30T09·52+0200 |
---|---|---|
committer | clbot <clbot@tvl.fyi> | 2022-03-30T11·06+0000 |
commit | e70428e75b624f9aa467fbd563e016abac587a82 (patch) | |
tree | 0830ad1ac80a7bc9d512a33b95f21825b4599885 | |
parent | 3badee71bb605a3be7c472cd53209fee3b927cd0 (diff) |
refactor(ops/pipelines): Configurable GraphQL token location r/3924
For external users of the pipeline construction, the token might be in a different path than `/run/agenix/buildkite-graphql-token`. It is made configurable through the BUILDKITE_TOKEN_PATH environment variable. This should be configured on the pipeline level to apply to all steps. Change-Id: I23c52e2d705e4134b8b013f8603f92e5533a6e44 Reviewed-on: https://cl.tvl.fyi/c/depot/+/5424 Autosubmit: tazjin <tazjin@tvl.su> Tested-by: BuildkiteCI Reviewed-by: asmundo <asmundo@gmail.com>
-rwxr-xr-x | nix/buildkite/fetch-parent-targets.sh | 3 | ||||
-rw-r--r-- | ops/pipelines/static-pipeline.yaml | 4 |
2 files changed, 5 insertions, 2 deletions
diff --git a/nix/buildkite/fetch-parent-targets.sh b/nix/buildkite/fetch-parent-targets.sh index ca65646abdc5..8afac1e5ec04 100755 --- a/nix/buildkite/fetch-parent-targets.sh +++ b/nix/buildkite/fetch-parent-targets.sh @@ -14,6 +14,7 @@ set -ueo pipefail # build all targets. : ${DRVMAP_PATH:=pipeline/drvmap.json} +: ${BUILDKITE_TOKEN_PATH:=~/buildkite-token} git fetch -v origin "${BUILDKITE_PIPELINE_DEFAULT_BRANCH}" @@ -25,7 +26,7 @@ function most_relevant_builds { set -u curl 'https://graphql.buildkite.com/v1' \ --silent \ - -H "Authorization: Bearer $(cat /run/agenix/buildkite-graphql-token)" \ + -H "Authorization: Bearer $(cat ${BUILDKITE_TOKEN_PATH})" \ -d "{\"query\": \"query { pipeline(slug: \\\"$BUILDKITE_ORGANIZATION_SLUG/$BUILDKITE_PIPELINE_SLUG\\\") { builds(commit: [\\\"$FIRST\\\",\\\"$SECOND\\\",\\\"$THIRD\\\"]) { edges { node { uuid }}}}}\"}" | \ jq -r '.data.pipeline.builds.edges[] | .node.uuid' } diff --git a/ops/pipelines/static-pipeline.yaml b/ops/pipelines/static-pipeline.yaml index 23a1fba4f21a..2936f56d2c61 100644 --- a/ops/pipelines/static-pipeline.yaml +++ b/ops/pipelines/static-pipeline.yaml @@ -4,6 +4,8 @@ # If something fails during the creation of the pipeline, the fallback # is executed instead which will simply report an error to Gerrit. --- +env: + BUILDKITE_TOKEN_PATH: /run/agenix/buildkite-graphql-token steps: # Run pipeline for tvl-kit when new commits arrive on canon. Since # it is not part of the depot build tree, this is a useful @@ -85,7 +87,7 @@ steps: readonly FAILED_JOBS=$(curl 'https://graphql.buildkite.com/v1' \ --silent \ - -H "Authorization: Bearer $(cat /run/agenix/buildkite-graphql-token)" \ + -H "Authorization: Bearer $(cat ${BUILDKITE_TOKEN_PATH})" \ -d "{\"query\": \"query BuildStatusQuery { build(uuid: \\\"$BUILDKITE_BUILD_ID\\\") { jobs(passed: false) { count } } }\"}" | \ jq -r '.data.build.jobs.count') |