Commit graph

4 commits

Author SHA1 Message Date
d796fe1dfd nix/pkgs: fix up copybara/secretsync for new nixpkgs 2020-05-16 19:20:59 +01:00
823eab4775 secretsync: escape $ in variable content
GitLab doesn't treat $ as literals in file content, which means that it
tries to do variable interpolation.

This is bad and annoying, because e.g. password hashes tend to contain $,
so they get variable-interpolated and thus corrupted.

Fix this by escaping $ on input to GitLab.
2020-05-10 12:11:26 +01:00
a9cb53fa16 secretsync: add concept of manifest variable
This is a file-type variable which contains the original mapping of
VARIABLE_NAME to VARIABLE_DATA.

This can be used to automatically repopulate a repository with
secrets that were originally taken from it and transmitted via
GitLab variables (i.e. out-of-band).
2020-05-09 14:26:54 +01:00
6266b42b66 secretsync: add
This is a helper utility for syncing filesystem files into GitLab variables, for
deploy-time secrets.
2020-05-09 12:45:13 +01:00