re-encrypt state with lassulus keys
This commit is contained in:
parent
fc0bfa55b4
commit
70bafcb31f
|
|
@ -1,6 +1,12 @@
|
|||
keys:
|
||||
- &joerg age17n64ahe3wesh8l8lj0zylf4nljdmqn28hvqns2g7hgm9mdkhlsvsjuvkxz
|
||||
- &lassulus age1eq0e6uhjj2tja8v338tkdz8ema2aw5anpuyaq2uru7rt4lq7msyqqut6m2
|
||||
# To generate new admin key, run (requires [age](https://github.com/FiloSottile/age)):
|
||||
# ```
|
||||
# mkdir -p ~/.config/sops/age/
|
||||
# age-keygen -o ~/.config/sops/age/keys.txt
|
||||
# ```
|
||||
# Provide the generated key to a pre-existing admin and wait for him to re-encrypt all secrets in this repo with it. After pulling the re-encrypted secrets you can read them with `sops some-file`.
|
||||
creation_rules:
|
||||
- path_regex: targets/.*/terraform.tfstate$
|
||||
key_groups:
|
||||
|
|
|
|||
|
|
@ -8,7 +8,11 @@
|
|||
"age": [
|
||||
{
|
||||
"recipient": "age17n64ahe3wesh8l8lj0zylf4nljdmqn28hvqns2g7hgm9mdkhlsvsjuvkxz",
|
||||
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBsQ1VZejVPbnJnS1dHVW1y\nWWRKMHR3NjB1azVkRCttMytrcmgwaEZxWW5ZCm5MeGN0bFRYajlXSTVMM2haQytC\neUhXbEhwTkVjbGNxYVNHKzZ0NTFPQ0EKLS0tIDlFQzNMbXBUSUMyZ2dtSHJHWGNJ\nbUE4OEhpZDRnWEZqVGVNdEVHekQ5QzQKH7LQ/Ih6GHdqHSt0EtpYbrG+CYwyFIHF\nZ/bcRSvrBYlLs4bh5MxJbxYyUNRGGQjESDuT/bZL8HkicWYjQONu7w==\n-----END AGE ENCRYPTED FILE-----\n"
|
||||
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBaYzNBNHRaSmd6d09WZWNE\nL1Bva0NhRDU5YTdWQkw2d2p4bXc5OTh0c3hNCkpQVkt4WVk5TXJZcng3VWdsWUtS\nWHQvQnVWQXYyWGhQUzRIaC83aVU0V1kKLS0tIEFvK25qNGV6djJsSW1rckhpMyt6\nZ09EbjhCZnFDbUxoN1Fta2tJTHpUeUkKUwuOA6OWhze6vwRWJWRl55p8Jp+FZBBk\nFXsCRQeeFe/8OBC9eyNoF8JYvyp9jCuNKZt7jo8c4p5nbcj+b/3KFA==\n-----END AGE ENCRYPTED FILE-----\n"
|
||||
},
|
||||
{
|
||||
"recipient": "age1eq0e6uhjj2tja8v338tkdz8ema2aw5anpuyaq2uru7rt4lq7msyqqut6m2",
|
||||
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB5RSthcVFndFhmc0ltaW8x\nSzdIaktEaFFKdWxFcjVCY3pnYllPSUNDMkNnClJsV2JVRDNNUk5Hcm5ieWN5d3dH\nUVB5MVJ2RlRrTnNGTG5XVWpoaXo4SlUKLS0tIERtRDdkUUhNNm9kL3FtdWg2Q1lQ\nZjU2eWNwalRLNW1IUlZVTSthd3lFcVkK9OvZVQ9yK99Xb8EULx3gut5meXWjwO3j\nNHGknvMRL9dCdWJ1sMjHvDvnAyMuYrYaGkqXr8eINbclfccK7NqdIA==\n-----END AGE ENCRYPTED FILE-----\n"
|
||||
}
|
||||
],
|
||||
"lastmodified": "2023-07-04T15:50:45Z",
|
||||
|
|
|
|||
|
|
@ -8,7 +8,11 @@
|
|||
"age": [
|
||||
{
|
||||
"recipient": "age17n64ahe3wesh8l8lj0zylf4nljdmqn28hvqns2g7hgm9mdkhlsvsjuvkxz",
|
||||
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBaR2U3NEVhT1NhbjdYTGFu\nNGRob3FDYVhsL2lvb2g1MmdJSGMrSHllN0dvCk51VW9kVldoOTFFcmhYdk1MTy9P\nTEFXNnB0K09FUHM4MjlRL3F0UFlRWG8KLS0tIGVSK3RnQ0FWTWRyYzcrWjhtR3hy\nc1AvRHlBVWQ0cjc0OW1OQ24wTTdqMmMKmyaZiei+OzrUXNeHnhDyk0wiIRNoBv8e\nnDp2m9lxpGhluvU8lUtdwYzwoLuAs/31diMujm9IyEqpeuBRlaHotA==\n-----END AGE ENCRYPTED FILE-----\n"
|
||||
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB3MGZBS2ZrS2RjeXRXNUN0\nUFhFdGNEd3Vxc3JJVmtvUG1Md2hKZDB0VTFrCmk4S0FxZUZScjlybk9RLzBsOUwx\nMVYvTUxoazdha1lYdUhiOERSMzE3dXMKLS0tIHlWcUtRSEZabGd3RkdGbU13Ulhh\nMDRQNGwvRFRLalp5NDdRVjlBbGM1WGMKcP1vquesh8IJfwU02/I7TX3AxfwzM027\nzUmKIsoax+/ScdnG2ftZ4dOm/LicuplGSwUQsXBB8x4Q2PziuWwEeg==\n-----END AGE ENCRYPTED FILE-----\n"
|
||||
},
|
||||
{
|
||||
"recipient": "age1eq0e6uhjj2tja8v338tkdz8ema2aw5anpuyaq2uru7rt4lq7msyqqut6m2",
|
||||
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBWM0RneTlsNHJpVmVVa3h2\nLzZBR1pNRnppOEdURXJQWHdVYThDRFFkVmdZCnRzWVpFdFRnMlJ4eStlUTZKVEVU\ndWNWWEltWHc2UzBYQ3ZiM0FwcmdmcTgKLS0tIFRPN3lwNDZFYXJwa0dUS0FPRDVn\nb1JqQk0rZWp0cmdEcGhrcW5PYmxNaTgKGSnlZ+E7QfMln5jNpWgN51kTaLi8oMAV\nMlI3jlZtIOseNiKeMdVDQsn+2ILyqxAUVPwwgTLQxMxttg9u5Zlm7w==\n-----END AGE ENCRYPTED FILE-----\n"
|
||||
}
|
||||
],
|
||||
"lastmodified": "2023-07-05T10:45:58Z",
|
||||
|
|
|
|||
Loading…
Reference in New Issue
Block a user