when:
  - event: manual
  - event: push
    branch: main

steps:
  - name: build
    image: nixos/nix
    commands:
      - |
        mkdir -p ~/.ssh
        echo "$CD_SSH_KEY" > ~/.ssh/id_ed25519
        ls -l ~/.ssh/id_ed25519
        chmod 600 ~/.ssh/id_ed25519
      - nix-shell -p strace --run 'strace -f -o ssh-agent.log ssh-agent -s'
      - cat ssh-agent.log
      - |
        eval "$(ssh-agent -s)"
        ssh-add ~/.ssh/id_ed25519
      - nix-shell --run 'eval "$(ssh-agent -s)" && ssh-add ~/.ssh/id_ed25519 && ssh-agent -s && SHELL=$(which bash) nixops4 apply -v default'
    environment:
      CD_SSH_KEY:
        from_secret: cd_ssh_key