when:
  - event: manual
  - event: push
    branch: main

steps:
  - name: build
    image: bash
    commands:
      - |
        env
        mkdir -p ~/.ssh
        echo "$CD_SSH_KEY" > ~/.ssh/id_ed25519
        ls -l ~/.ssh/id_ed25519
        chmod 600 ~/.ssh/id_ed25519
      - nix-shell --run 'eval "$(ssh-agent -s)" && ssh-add ~/.ssh/id_ed25519 && ssh-agent -s && SHELL=$(which bash) nixops4 apply -v default'
    environment:
      CD_SSH_KEY:
        from_secret: cd_ssh_key