build.yml: Start using webfactory/ssh-agent

Signed-off-by: Henri Rosten <henri.rosten@unikie.com>

Author: henrirosten

.github/workflows/build.yml

@@ -132,6 +132,10 @@ jobs:
         run: sudo apt-get update; sudo apt-get install -y inxi git
       - name: Print runner system info
         run: sudo inxi -c0 --width -1 --basic --memory-short
+      - uses: webfactory/ssh-agent@a6f90b1f127823b31d4d4a8d96047790581349bd # v0.9.1
+        with:
+          ssh-private-key: |
+            ${{ secrets.BUILDER_SSH_KEY }}
       - name: Checkout
         uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
         with:
@@ -152,9 +156,8 @@ jobs:
           git log --oneline -n$(( COMMITS + CONTEXT ))
       - name: Install nix
         uses: cachix/install-nix-action@02a151ada4993995686f9ed4f1be7cfbb229e56f # v31
-      - name: Prepare build
+      - name: Prepare remote builds
         run: |
-          sh -c "umask 377; echo '${{ secrets.BUILDER_SSH_KEY }}' >builder_key"
           sudo sh -c "echo '${{ vars.BUILDER_SSH_KNOWN_HOST }}' >>/etc/ssh/ssh_known_hosts"
       - name: Build ${{ matrix.arch }}.${{ matrix.target }}
         run: |
@@ -169,6 +172,5 @@ jobs:
           nix run --inputs-from .# nixpkgs#nix-fast-build -- \
             --flake .#packages.${{ matrix.arch }}.${{ matrix.target }} \
             --remote "$BUILDER" \
-            --remote-ssh-option IdentityFile builder_key \
             --option accept-flake-config true \
             --no-download --skip-cached --no-nom