jwt: fix passing private_key_file to command

2024-07-24 17:21:52 +02:00 · 2024-07-24 17:21:52 +02:00 · 7480ee03b3
parent eb6fae3100
commit 7480ee03b3
2 changed files with 9 additions and 2 deletions
--- a/buildbot_nix/github/jwt_token.py
+++ b/buildbot_nix/github/jwt_token.py
@ -51,7 +51,14 @@ class JWTToken(RepoToken):

        def rs256_sign(data: str, private_key_file: Path) -> str:
            signature = subprocess.run(
-                ["openssl", "dgst", "-binary", "-sha256", "-sign", private_key_file],
+                [
+                    "openssl",
+                    "dgst",
+                    "-binary",
+                    "-sha256",
+                    "-sign",
+                    str(private_key_file),
+                ],
                input=data.encode("utf-8"),
                stdout=subprocess.PIPE,
                check=True,
--- a/nix/master.nix
+++ b/nix/master.nix
@ -445,7 +445,7 @@ in
                                       else if (cfg.github.authType ? "app") then
                                         {
                                           id = cfg.github.authType.app.id;
-                                           secret_key_file = cfg.github.authType.app.secretKeyFile;
+                                           secret_key_file = "github-app-secret-key";
                                           installation_token_map_file = "github-app-installation-token-map.json";
                                           project_id_map_file = "github-app-project-id-map-name.json";
                                           jwt_token_map = "github-app-jwt-token";