fix: ssh auth for flakehub workflow

DivitMittal · DivitMittal · commit 48c082456133 · 2025-05-09T21:11:44.000+05:30
diff --git a/.github/workflows/darwin-build.yml b/.github/workflows/darwin-build.yml
@@ -6,34 +6,35 @@ jobs:
       contents: write
     runs-on: macos-latest
     steps:
-    - name: Checkout repo
-      uses: actions/checkout@main
-      with:
-        fetch-depth: 1
-    - name: Set env var
-      run: echo "OS_NIXCFG=$(pwd)" >> "$GITHUB_ENV"
-    - uses: DeterminateSystems/nix-installer-action@v17
-    - name: Configure to use personal binary cache @ Cachix
-      uses: cachix/cachix-action@master
-      with:
-        authToken: ${{ secrets.CACHIX_AUTH_TOKEN }}
-        name: divitmittal
-    - name: SSH-agent with auth for private repos
-      uses: webfactory/ssh-agent@master
-      with:
-        ssh-private-key: ${{ secrets.SSH_PRIVATE_KEY }}
-    - name: Builds a nix-darwin configuration
-      run: nix build --accept-flake-config .#darwinConfigurations.L1.config.system.build.toplevel
-        --impure --show-trace
+      - name: Checkout repo
+        uses: actions/checkout@main
+        with:
+          fetch-depth: 1
+      - name: Set env var
+        run: echo "OS_NIXCFG=$(pwd)" >> "$GITHUB_ENV"
+      - uses: DeterminateSystems/nix-installer-action@v17
+      - name: Configure to use personal binary cache @ Cachix
+        uses: cachix/cachix-action@master
+        with:
+          authToken: ${{ secrets.CACHIX_AUTH_TOKEN }}
+          name: divitmittal
+      - name: SSH-agent with auth for private repos
+        uses: webfactory/ssh-agent@master
+        with:
+          ssh-private-key: ${{ secrets.SSH_PRIVATE_KEY }}
+      - name: Builds a nix-darwin configuration
+        run:
+          nix build --accept-flake-config .#darwinConfigurations.L1.config.system.build.toplevel
+          --impure --show-trace
     timeout-minutes: 30
-'on':
+"on":
   pull_request:
     branches:
-    - master
+      - master
   push:
     branches:
-    - master
+      - master
     paths-ignore:
-    - '**/*.md'
-    - .github/**
-  workflow_dispatch: {}
+      - "**/*.md"
+      - .github/**
+  workflow_dispatch: {}
diff --git a/.github/workflows/flake-check.yml b/.github/workflows/flake-check.yml
@@ -6,33 +6,33 @@ jobs:
       contents: write
     runs-on: ubuntu-latest
     steps:
-    - name: Checkout repo
-      uses: actions/checkout@main
-      with:
-        fetch-depth: 1
-    - name: Set env var
-      run: echo "OS_NIXCFG=$(pwd)" >> "$GITHUB_ENV"
-    - uses: DeterminateSystems/nix-installer-action@v17
-    - name: Configure to use personal binary cache @ Cachix
-      uses: cachix/cachix-action@master
-      with:
-        authToken: ${{ secrets.CACHIX_AUTH_TOKEN }}
-        name: divitmittal
-    - name: SSH-agent with auth for private repos
-      uses: webfactory/ssh-agent@master
-      with:
-        ssh-private-key: ${{ secrets.SSH_PRIVATE_KEY }}
-    - name: Run nix flake check
-      run: nix flake check --impure --all-systems --no-build
+      - name: Checkout repo
+        uses: actions/checkout@main
+        with:
+          fetch-depth: 1
+      - name: Set env var
+        run: echo "OS_NIXCFG=$(pwd)" >> "$GITHUB_ENV"
+      - uses: DeterminateSystems/nix-installer-action@v17
+      - name: Configure to use personal binary cache @ Cachix
+        uses: cachix/cachix-action@master
+        with:
+          authToken: ${{ secrets.CACHIX_AUTH_TOKEN }}
+          name: divitmittal
+      - name: SSH-agent with auth for private repos
+        uses: webfactory/ssh-agent@master
+        with:
+          ssh-private-key: ${{ secrets.SSH_PRIVATE_KEY }}
+      - name: Run nix flake check
+        run: nix flake check --impure --all-systems --no-build
     timeout-minutes: 30
-'on':
+"on":
   pull_request:
     branches:
-    - master
+      - master
   push:
     branches:
-    - master
+      - master
     paths-ignore:
-    - '**/*.md'
-    - .github/**
+      - "**/*.md"
+      - .github/**
   workflow_dispatch: {}
diff --git a/.github/workflows/flakehub-publish-tagged.yml b/.github/workflows/flakehub-publish-tagged.yml
@@ -12,19 +12,27 @@ on:
 jobs:
   flakehub-publish:
     runs-on: "ubuntu-latest"
+    environment:
+      name: dev
     permissions:
       id-token: "write"
       contents: "read"
     steps:
-      - uses: "actions/checkout@v4"
+      - uses: "actions/checkout@main"
         with:
           ref: "${{ (inputs.tag != null) && format('refs/tags/{0}', inputs.tag) || '' }}"
+      - name: Set env var
+        run: echo "OS_NIXCFG=$(pwd)" >> "$GITHUB_ENV"
       - uses: "DeterminateSystems/nix-installer-action@main"
         with:
           determinate: true
+      - name: SSH-agent with auth for private repos
+        uses: webfactory/ssh-agent@master
+        with:
+          ssh-private-key: ${{ secrets.SSH_PRIVATE_KEY }}
       - uses: "DeterminateSystems/flakehub-push@main"
         with:
           visibility: "public"
           name: "DivitMittal/OS-nixCfg"
           tag: "${{ inputs.tag }}"
-          include-output-paths: true
+          include-output-paths: true
diff --git a/.github/workflows/home-build.yml b/.github/workflows/home-build.yml
@@ -6,34 +6,35 @@ jobs:
       contents: write
     runs-on: macos-latest
     steps:
-    - name: Checkout repo
-      uses: actions/checkout@main
-      with:
-        fetch-depth: 1
-    - name: Set env var
-      run: echo "OS_NIXCFG=$(pwd)" >> "$GITHUB_ENV"
-    - uses: DeterminateSystems/nix-installer-action@v17
-    - name: Configure to use personal binary cache @ Cachix
-      uses: cachix/cachix-action@master
-      with:
-        authToken: ${{ secrets.CACHIX_AUTH_TOKEN }}
-        name: divitmittal
-    - name: SSH-agent with auth for private repos
-      uses: webfactory/ssh-agent@master
-      with:
-        ssh-private-key: ${{ secrets.SSH_PRIVATE_KEY }}
-    - name: Builds a home-manager configuration
-      run: nix build --accept-flake-config .#homeConfigurations.L1.activationPackage
-        --impure --show-trace
+      - name: Checkout repo
+        uses: actions/checkout@main
+        with:
+          fetch-depth: 1
+      - name: Set env var
+        run: echo "OS_NIXCFG=$(pwd)" >> "$GITHUB_ENV"
+      - uses: DeterminateSystems/nix-installer-action@v17
+      - name: Configure to use personal binary cache @ Cachix
+        uses: cachix/cachix-action@master
+        with:
+          authToken: ${{ secrets.CACHIX_AUTH_TOKEN }}
+          name: divitmittal
+      - name: SSH-agent with auth for private repos
+        uses: webfactory/ssh-agent@master
+        with:
+          ssh-private-key: ${{ secrets.SSH_PRIVATE_KEY }}
+      - name: Builds a home-manager configuration
+        run:
+          nix build --accept-flake-config .#homeConfigurations.L1.activationPackage
+          --impure --show-trace
     timeout-minutes: 30
-'on':
+"on":
   pull_request:
     branches:
-    - master
+      - master
   push:
     branches:
-    - master
+      - master
     paths-ignore:
-    - '**/*.md'
-    - .github/**
-  workflow_dispatch: {}
+      - "**/*.md"
+      - .github/**
+  workflow_dispatch: {}
diff --git a/.github/workflows/nixos-build.yml b/.github/workflows/nixos-build.yml
@@ -6,34 +6,35 @@ jobs:
       contents: write
     runs-on: ubuntu-latest
     steps:
-    - name: Checkout repo
-      uses: actions/checkout@main
-      with:
-        fetch-depth: 1
-    - name: Set env var
-      run: echo "OS_NIXCFG=$(pwd)" >> "$GITHUB_ENV"
-    - uses: DeterminateSystems/nix-installer-action@v17
-    - name: Configure to use personal binary cache @ Cachix
-      uses: cachix/cachix-action@master
-      with:
-        authToken: ${{ secrets.CACHIX_AUTH_TOKEN }}
-        name: divitmittal
-    - name: SSH-agent with auth for private repos
-      uses: webfactory/ssh-agent@master
-      with:
-        ssh-private-key: ${{ secrets.SSH_PRIVATE_KEY }}
-    - name: Builds a nixos configuration
-      run: nix build --accept-flake-config .#nixosConfigurations.WSL.config.system.build.toplevel
-        --impure --show-trace
+      - name: Checkout repo
+        uses: actions/checkout@main
+        with:
+          fetch-depth: 1
+      - name: Set env var
+        run: echo "OS_NIXCFG=$(pwd)" >> "$GITHUB_ENV"
+      - uses: DeterminateSystems/nix-installer-action@v17
+      - name: Configure to use personal binary cache @ Cachix
+        uses: cachix/cachix-action@master
+        with:
+          authToken: ${{ secrets.CACHIX_AUTH_TOKEN }}
+          name: divitmittal
+      - name: SSH-agent with auth for private repos
+        uses: webfactory/ssh-agent@master
+        with:
+          ssh-private-key: ${{ secrets.SSH_PRIVATE_KEY }}
+      - name: Builds a nixos configuration
+        run:
+          nix build --accept-flake-config .#nixosConfigurations.WSL.config.system.build.toplevel
+          --impure --show-trace
     timeout-minutes: 30
-'on':
+"on":
   pull_request:
     branches:
-    - master
+      - master
   push:
     branches:
-    - master
+      - master
     paths-ignore:
-    - '**/*.md'
-    - .github/**
-  workflow_dispatch: {}
+      - "**/*.md"
+      - .github/**
+  workflow_dispatch: {}
