<ixxie>
johanot - I was wondering whether you tend to put all your manifests in one repo or if there are patterns which allow the manifest for each microservice to be defined within the repo for the service itself
<johanot>
ixxie: We have most of our manifests in the same repo as our nix closures. That way we can use builtins.readDir as an easy way to copy them to the store and reference them from systemd-units. But we have slooowly started moving manifests with secrets out of that repo.
<johanot>
with the obvious goal of not having secrets in the store
<ixxie>
right
<ixxie>
johanot: I was kinda hoping to be able to design a CI/CD process where I could just have some manifest.nix in a repo and it just gets deployed
<ixxie>
that is, the manifest.nix would be in the repo with the project code itself
<ixxie>
of course with interdependencies between manifests that might be tricky
<ixxie>
and I guess it would also get problematic since the manifests aren't always corresponding one-to-one with repos
<ixxie>
anyway thanks again; sorry if I am annoying with all these questions