1 files changed, 15 insertions, 4 deletions

diff --git a/cluster/staging/app/ci/deploy/builder.hcl b/cluster/staging/app/ci/deploy/builder.hcl
index a7b3ddf..ad7a716 100644
--- a/cluster/staging/app/ci/deploy/builder.hcl
+++ b/cluster/staging/app/ci/deploy/builder.hcl
@@ -6,8 +6,8 @@ job "builder" {
   priority = 100
 
   parameterized {
-    payload = "forbidden"
-    meta_required = [ "REPO_URL", "COMMIT", "BRANCH" ]
+    payload = "optional"
+    meta_required = [ "REPO_URL", "COMMIT", "BRANCH", "FLAVOR" ]
   }
 
   reschedule {
@@ -22,10 +22,15 @@ job "builder" {
       args = [ "/tmp/builder.sh" ]
       volumes = [ 
         "local/builder.sh:/tmp/builder.sh",
-        "local/nix.conf:/etc/nix/nix.conf"
+        "local/nix.conf:/etc/nix/nix.conf",
+        "local/secrets:/var/run/secrets/albatros",
       ]
     }
 
+    dispatch_payload {
+      file = "secrets/secret.txt"
+    }
+
     template {
       data = <<EOH
 #!/usr/bin/env bash
@@ -39,7 +44,12 @@ git fetch origin ${NOMAD_META_COMMIT}
 git checkout ${NOMAD_META_COMMIT} -b ${NOMAD_META_BRANCH}
 export COMMIT=${NOMAD_META_COMMIT}
 export BRANCH=${NOMAD_META_BRANCH}
-./build.sh
+export REPO_URL=${NOMAD_META_REPO_URL}
+export FLAVOR=${NOMAD_META_FLAVOR}
+if [[ -s /var/run/secrets/albatros/secret.txt ]]; then
+  export SECRET_PATH=/var/run/secrets/albatros/secret.txt
+fi
+./.albatros
 
       EOH
       destination = "local/builder.sh"
@@ -57,6 +67,7 @@ filter-syscalls = false
 sandbox = false
 keep-outputs = true
 keep-derivations = true
+experimental-features = nix-command flakes
       EOH
       destination = "local/nix.conf"
     }