Hi Ludo, Ludovic Courtès <l...@gnu.org> writes:
> Hi Roman, > > r0man <roman.sche...@burningswell.com> skribis: > >> From 1522da763a3dde5cbf6657e873fee2d71b6abf15 Mon Sep 17 00:00:00 2001 >> Message-ID: >> <1522da763a3dde5cbf6657e873fee2d71b6abf15.1739309136.git.ro...@burningswell.com> >> From: Roman Scherer <ro...@burningswell.com> >> Date: Tue, 11 Feb 2025 22:23:37 +0100 >> Subject: [PATCH] gnu: forges: Use %current-system instead of "x86_64-linux". >> >> * src/cuirass/forges.scm (%default-jobset-options-systems): Use >> %current-system instead of "x86_64-linux". > > Pushed, thanks! thanks for merging the patch! > BTW, please preferably send patches to guix-patches with “PATCH Cuirass” > in the subject. Yes, will do. > I’m curious about your experience connecting Cuirass with Codeberg. My > colleague Romain has been working on the next step (allowing Cuirass to > communicate its build status back to Codeberg), which will hopefully > land soonish. About my experience: - I just moved the repository of my asahi-guix channel to Codeberg because I wanted CI integration with the Cuirass server I'm running. - It's nice to have a place to look at and see if everything is still building when I push commits to a branch I'm working on. - I'm looking forward to the status checks Romain is working on. Seeing what's going on with CI directly on Codeberg would be super nice! - I'm using a Nginx module [1] to do JWT authentication with Nginx [2]. It seems to work, but I had to disable the auth_jwt_validate_exp option. For some reason the module was complaining that the token I generated has expired. I checked my token online, and it looked ok. - This is how I generate the JWKS and JWT: [3] - There is also another JWT module for Nginx [4], but I haven't tried it yet. Not sure which is better yet. - I copied the JWKS manually on my server. I was wondering how I could automate this. I was looking into sops-guix, but then I read somewhere that mixing secrets with config can have issues with rollbacks. Do you have a recommended way how to deal with secrets? That's mostly it. I'm also curious. :) What is your plan to protect the Cuirass web-hook endpoint? I could not find anything in the Guix maintenance repo yet. Do you have some code to share? Thanks, Roman [1] https://codeberg.org/asahi-guix/maintenance/src/branch/main/modules/asahi/guix/maintenance/packages/web.scm#L18 [2] https://codeberg.org/asahi-guix/maintenance/src/branch/main/modules/asahi/guix/maintenance/services/web.scm#L39 [3] https://codeberg.org/asahi-guix/maintenance/src/branch/main/doc/NOTES.org#headline-5 [4] https://github.com/TeslaGov/ngx-http-auth-jwt-module [5] https://github.com/fishinthecalculator/sops-guix > > Ludo’.
signature.asc
Description: PGP signature
