pzduniak/concourse-kbfs-secrets.yaml

## concourse-kbfs-secrets.yaml
resources:
- name: keybase-image
  type: registry-image
  icon: docker
  source:
    repository: keybaseio/client
    tag: 5.6.0-20201113121711-1a3ba10881

jobs:
- name: source-secrets
  plan:
  - task: source-secrets
    image: keybase-image
    config:
      platform: linux
      outputs:
      - name: secrets
      params:
        KEYBASE_SERVICE: "1"
        KEYBASE_USERNAME: ((keybase-username))
        KEYBASE_PAPERKEY: ((keybase-paperkey))
      run:
        path: /bin/bash
        args:
        - -c
        - |
          set -euxo pipefail

          cat << EOF > /tmp/copy-secrets
          keybase fs cp ((keybase-base-path))/secrets.json ./secrets/secrets.json
          EOF
          mkdir -p /home/keybase/.config/keybase /home/keybase/.cache/keybase
          chmod +x /tmp/copy-secrets
          chown -R keybase /home/keybase/.config/keybase /home/keybase/.cache/keybase
          chmod a+w ./secrets
          /usr/bin/entrypoint.sh /tmp/copy-secrets
	resources:
	- name: keybase-image
	type: registry-image
	icon: docker
	source:
	repository: keybaseio/client
	tag: 5.6.0-20201113121711-1a3ba10881

	jobs:
	- name: source-secrets
	plan:
	- task: source-secrets
	image: keybase-image
	config:
	platform: linux
	outputs:
	- name: secrets
	params:
	KEYBASE_SERVICE: "1"
	KEYBASE_USERNAME: ((keybase-username))
	KEYBASE_PAPERKEY: ((keybase-paperkey))
	run:
	path: /bin/bash
	args:
	- -c
	- \|
	set -euxo pipefail

	cat << EOF > /tmp/copy-secrets
	keybase fs cp ((keybase-base-path))/secrets.json ./secrets/secrets.json
	EOF
	mkdir -p /home/keybase/.config/keybase /home/keybase/.cache/keybase
	chmod +x /tmp/copy-secrets
	chown -R keybase /home/keybase/.config/keybase /home/keybase/.cache/keybase
	chmod a+w ./secrets
	/usr/bin/entrypoint.sh /tmp/copy-secrets