From 0d68e364d1a1eec22e298b0cace448a022d596ba Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Charlotte=20=F0=9F=A6=9D=20Delenk?= <lotte@chir.rs>
Date: Wed, 16 Nov 2022 17:06:53 +0100
Subject: [PATCH] set up secrets in the pr action

---
 .github/workflows/pr.yml | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/pr.yml b/.github/workflows/pr.yml
index 4de51a6b..3904e21f 100644
--- a/.github/workflows/pr.yml
+++ b/.github/workflows/pr.yml
@@ -17,6 +17,14 @@ jobs:
             experimental-features = nix-command flakes ca-derivations
             post-build-hook = ${{ github.workspace }}/scripts/post-build-hook
             substituters = https://cache.chir.rs/
+      - name: Set up secrets
+        run: |
+          echo "$NIX_CACHE_KEY" > ~/cache.key
+          sudo mkdir /root/.aws
+          echo "$AWS_CREDENTIALS" | sudo tee /root/.aws/credentials > /dev/null
+        env:
+          NIX_CACHE_KEY: ${{secrets.NIX_CACHE_KEY}}
+          AWS_CREDENTIALS: ${{secrets.AWS_CREDENTIALS}}
       - run: |
 
           for job in nixos-8gb-fsn1-1 nutty-noon thinkrac installer nas; do
@@ -34,8 +42,9 @@ jobs:
             python scripts/diff-drvs.py old-$job.json new-$job.json >> review
             echo '```' >> review
           done
+          mv review .github/workflows
       - uses: harupy/comment-on-pr@master
         env:
-          GITHUB_TOKEN: ${{ github.workspace }}/${{ secrets.GITHUB_TOKEN }}
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
         with:
           filename: review
-- 
2.47.0