From 59aa029934c9dc5242bbc0d39460f4ebcbcbae72 Mon Sep 17 00:00:00 2001
From: zowoq <59103226+zowoq@users.noreply.github.com>
Date: Fri, 17 Mar 2023 11:33:19 +1000
Subject: [PATCH 1/3] tasks.py: skip empty repos when updating hound
---
tasks.py | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tasks.py b/tasks.py
index c4ceaba..3640a66 100644
--- a/tasks.py
+++ b/tasks.py
@@ -114,7 +114,6 @@ def update_hound_repos(c):
"nix-community/nixpkgs",
"nix-community/nsncd",
"nix-community/rkwifibt",
- "NixOS/nixops-dashboard", # empty repo causes an error
]
resp = {}
@@ -141,6 +140,7 @@ def update_hound_repos(c):
"url": repo["clone_url"],
}
for repo in repos
+ if repo["size"] != 0 # skip empty repos
if repo["full_name"] not in disallowed_repos
if repo["archived"] is False
}
From 40f71e4a3c37d3312a727e5e106e334dd9c3854b Mon Sep 17 00:00:00 2001
From: zowoq <59103226+zowoq@users.noreply.github.com>
Date: Fri, 17 Mar 2023 11:34:06 +1000
Subject: [PATCH 2/3] .sops.yaml: format
---
.gitignore | 1 +
.sops.yaml | 106 ++++++++++++++++++++++++++---------------------------
2 files changed, 54 insertions(+), 53 deletions(-)
diff --git a/.gitignore b/.gitignore
index 44b3974..823d783 100644
--- a/.gitignore
+++ b/.gitignore
@@ -9,3 +9,4 @@ result-*
# needed for treefmt
!.github
+!.sops.yaml
diff --git a/.sops.yaml b/.sops.yaml
index bfde39c..d913d97 100644
--- a/.sops.yaml
+++ b/.sops.yaml
@@ -13,70 +13,70 @@ keys:
creation_rules:
- path_regex: ^secrets.yaml$
key_groups:
- - age:
- - *mic92
- - *ryantm
- - *zimbatm
- - *zowoq
+ - age:
+ - *mic92
+ - *ryantm
+ - *zimbatm
+ - *zowoq
- path_regex: terraform/secrets.yaml$
key_groups:
- - age:
- - *github_actions
- - *hercules_tf
- - *mic92
- - *ryantm
- - *zimbatm
- - *zowoq
+ - age:
+ - *github_actions
+ - *hercules_tf
+ - *mic92
+ - *ryantm
+ - *zimbatm
+ - *zowoq
- path_regex: build01/[^/]+\.yaml$
key_groups:
- - age:
- - *build01
- - *mic92
- - *ryantm
- - *zimbatm
- - *zowoq
+ - age:
+ - *build01
+ - *mic92
+ - *ryantm
+ - *zimbatm
+ - *zowoq
- path_regex: build02/[^/]+\.yaml$
key_groups:
- - age:
- - *build02
- - *mic92
- - *ryantm
- - *zimbatm
- - *zowoq
+ - age:
+ - *build02
+ - *mic92
+ - *ryantm
+ - *zimbatm
+ - *zowoq
- path_regex: build03/[^/]+\.yaml$
key_groups:
- - age:
- - *build03
- - *mic92
- - *ryantm
- - *zimbatm
- - *zowoq
+ - age:
+ - *build03
+ - *mic92
+ - *ryantm
+ - *zimbatm
+ - *zowoq
- path_regex: build04/[^/]+\.yaml$
key_groups:
- - age:
- - *build04
- - *mic92
- - *ryantm
- - *zimbatm
- - *zowoq
+ - age:
+ - *build04
+ - *mic92
+ - *ryantm
+ - *zimbatm
+ - *zowoq
- path_regex: roles/hercules-ci/.+\.yaml$
key_groups:
- - age:
- - *build02
- - *build03
- - *build04
- - *mic92
- - *ryantm
- - *zimbatm
- - *zowoq
+ - age:
+ - *build02
+ - *build03
+ - *build04
+ - *mic92
+ - *ryantm
+ - *zimbatm
+ - *zowoq
- path_regex: roles/.+\.yaml$
key_groups:
- - age:
- - *build01
- - *build02
- - *build03
- - *build04
- - *mic92
- - *ryantm
- - *zimbatm
- - *zowoq
+ - age:
+ - *build01
+ - *build02
+ - *build03
+ - *build04
+ - *mic92
+ - *ryantm
+ - *zimbatm
+ - *zowoq
From fde3b6153079f672199babe62aa3f52ebe29d49a Mon Sep 17 00:00:00 2001
From: zowoq <59103226+zowoq@users.noreply.github.com>
Date: Fri, 17 Mar 2023 11:34:43 +1000
Subject: [PATCH 3/3] .sops.yaml: remove github_actions
---
.sops.yaml | 2 --
terraform/secrets.yaml | 59 ++++++++++++++++++------------------------
2 files changed, 25 insertions(+), 36 deletions(-)
diff --git a/.sops.yaml b/.sops.yaml
index d913d97..c761610 100644
--- a/.sops.yaml
+++ b/.sops.yaml
@@ -3,7 +3,6 @@ keys:
- &build02 age1kh6yvgxz9ys74as7aufdy8je7gmqjtguhnjuxvj79qdjswk2r3xqxf2n6d
- &build03 age1qg7tfjwzp6dxwkw9vej6knkhdvqre3fu7ryzsdk5ggvtdx854ycqevlwnq
- &build04 age1r464z5e2shvnh9ekzapgghevr9wy7spd4d7pt5a89ucdk6kr6yhqzv5gkj
- - &github_actions age1hdmmmv423xajuv4pjumnj35j34e4rhta3wgatjafy3dxf38yycysqzl4mn
- &hercules_tf age1lk9prt0l75xyj4r9lvel5cdac4ll8jnywrm0fp8nackeqzmwkfqq974lst
- &mic92 age17n64ahe3wesh8l8lj0zylf4nljdmqn28hvqns2g7hgm9mdkhlsvsjuvkxz
- &ryantm age1d87z3zqlv6ullnzyng8l722xzxwqr677csacf3zf3l28dau7avfs6pc7ay
@@ -21,7 +20,6 @@ creation_rules:
- path_regex: terraform/secrets.yaml$
key_groups:
- age:
- - *github_actions
- *hercules_tf
- *mic92
- *ryantm
diff --git a/terraform/secrets.yaml b/terraform/secrets.yaml
index c6778df..9d4df16 100644
--- a/terraform/secrets.yaml
+++ b/terraform/secrets.yaml
@@ -9,59 +9,50 @@ sops:
azure_kv: []
hc_vault: []
age:
- - recipient: age1hdmmmv423xajuv4pjumnj35j34e4rhta3wgatjafy3dxf38yycysqzl4mn
- enc: |
- -----BEGIN AGE ENCRYPTED FILE-----
- YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBMaXNzeGRhNk93VTMwWVly
- c0FKQXJiM2xjNElqb09YL0VKY1orRkpUZndBCi9oNnIvck9NeGRDWm9hbGF4RWd3
- bUhwVGsrV1dNMGErTjhhbk96YTc3MUUKLS0tIDAyOGtJOHZndVM2Mm9ja2Juck9o
- Mm0xdzRNOERBTjBSejd4Y01kYjBpRTQK3olfsRDAezCEx0GIDUcGmmkJyZNeiXN6
- NFatlmRBSr4JH6X0JHfWzsC9oc3ursytLf7Hf3t/4mHg1EefgaML9A==
- -----END AGE ENCRYPTED FILE-----
- recipient: age1lk9prt0l75xyj4r9lvel5cdac4ll8jnywrm0fp8nackeqzmwkfqq974lst
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
- YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBDL0NMSmdYV3RraUh6M0c3
- d3I2dksrQ3dXdGpXVTFsRnVBNy9vRjFkK20wCmJkSzBvNzFyVi9EMFl4eWFNYno1
- VGxOdkF2VHU5Mmp6K2gwSnc4OG1oUXMKLS0tIHh4bWxEVjdubk5TeWhONU0xamxt
- dERwMTNibXpNSjlKTkJhK0FEZi9IekkKER40oOuP7YgRXN2R0G8rTDOk4qoayKHG
- 4SYSVqULCn/79ayYkx2XDLim2Wuws9yyxxG5TiZd70Ym3V7TPF3eTA==
+ YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA5eTRMQndYSTR2bEFEdnow
+ dXlCbUUyOE9tenVvbjd4VnBUMFlpMkdlTVVFCmxkdTA1cHYwU21TVEJKRTA2U0Iv
+ OXFLS1Q0SjdqeTk4elVrSk5ZOVlYTUUKLS0tIFQyZHJlV3JnSU92OGk0UWpLbFlS
+ MWVNaEg1TzA0Yzg3SUloMzkweUpTVmsK6bRHF7Cx7EP4wNVnf7ARH60Bo5extVL7
+ ngA9HzqaWRVNwjXv+yL+HircUx89u0opch+dEm+BDmwzhYfJG/cOdA==
-----END AGE ENCRYPTED FILE-----
- recipient: age17n64ahe3wesh8l8lj0zylf4nljdmqn28hvqns2g7hgm9mdkhlsvsjuvkxz
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
- YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAyTTFITkFIYzJIRnA4am0x
- Y1UrS1VkYllKczUwYmtOcGswMEJ6d05TVWw0CnpZWmhCQWNjd2Jyd3hCeXVJeHlX
- ZHJhK0xPY2RVVXBNNzdEQ3FFeENpbUUKLS0tIHRJckYwL0p3ZlZjZVVIaDg2a1ho
- d2M0U05YaExrZmh5czFPSVRXUFlsNGsKT9YmqWb9t1N1A8+Qm8ZqXIVh+xOh0B66
- luiM+s2yrxus4d8E0YPQqpqUTWnHKYaQ33/pWwH9JJqFBFMU9ISpig==
+ YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBmNDJjNW9Pd0NTMDd1OGJR
+ MzhyOHFCNDlGYjNsRkVCVktSdTQxMmhaVWhBCllNVGlpazl1ODZtajZLZGhoWEll
+ cjI3UG93L2pFTXZTVDZoVkFoTHNXNnMKLS0tIHVwMFo1MFpDcmpzcWFXeGhHY29D
+ YWFsOWY1VVFPMmgxZEdLZVhPWkFhd0EKjHvQcU3ujBmdrO8Sed1iEMRm/GCe4hV9
+ 3uAyAPllxhtzyYMrenlbb0hbAEW3rDNHsYZL5BpcDO02wvPguzYtDA==
-----END AGE ENCRYPTED FILE-----
- recipient: age1d87z3zqlv6ullnzyng8l722xzxwqr677csacf3zf3l28dau7avfs6pc7ay
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
- YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBpYVhzMkF6M3cwc0l3Zzlr
- dE1ha2hkK3lPZkgvZkR5Sk5HV1FlcjkveEVZCnErNGRHbFRJZWZCQUg2Ukx4V094
- dkZ6QTJqaG9Pa0FBMk5VWHJaNUE4N1UKLS0tIFVyNDdHczhZaDlkeVZEMFErTEVW
- ME9vKzJIV2U3U1lYM3huUTRkOS8zbzgKAPHThcG53rpyNnqaJWc5PeUi1VtyAqEj
- Egv6gsELcg993JyvXx6920/8tSMt1cGUW4vfvHkhBUF9TM/Bn1hS0A==
+ YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBGQlk1RCtWWnVPeGRJL0s2
+ SkhmQnJTdm1OMTVSQkxrTDk1bUtRbXM0cGdvClpCVE9qYVlMUzN5SElzWDhsZnIz
+ SmNEK3J1U2RQRDhraE90YUVHUW1KQjAKLS0tIDhJeFZWcFFabnNqNkpmZnV4YUJl
+ OXR1TXBlYXg5eDFDbWlzcVVXb0ZxOFEK6UT/ZWPjvcSJApHCu+6a0sSi0q2cL5QS
+ tP5KOBVSLUnQosJD3coFvkJGVx44HrS58CUj+Et+DNahaZp+4tsvQA==
-----END AGE ENCRYPTED FILE-----
- recipient: age1jrh8yyq3swjru09s75s4mspu0mphh7h6z54z946raa9wx3pcdegq0x8t4h
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
- YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBySUgxNnl4cGxOTDVVMFFo
- bVVBV3JOdjgremxWMW8veXpXV0FhQ3lQeTNzCnZHVm9RZWFXYzVnS3RzOGlScy9L
- aWxLN1RPcEltUGtGRklSRmZvM05INlUKLS0tIEFlWGxZMDFXaXZiMTFyNEQ2ejcw
- WGdnV0F6ZHZQTkQ3K291VnVBR2JrdncKzqwRD0XNz9GOKtlBC5quRY8uGaYXY5rf
- sHWz57NYh3w+QeF/dGe1Ny777ur5rwQbeFgnFjN7lavkWwrKKVzZFA==
+ YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB0NC9qdnpBZU02blRyMEtk
+ K2VxUmxSQThNMTJIc0dwT0pKMzZsa0htOTA0Cm5oQk4rNlRHQVFMeEtQTHBwd05U
+ SThrd2lwS2lrUWdORUdvaVkydmUwTGsKLS0tIGIwenVjRDBIRnRqTU1aV1FzWFE2
+ NVJBUzJoVUljQ0lMY3VHLzJ0WlVqck0KNby54A1qjNo42SYkxm3ynlRhnCS869DF
+ 4CUBF7eNq9Amw4xB3jviMxSJ6NeoKftRfILI/+BMSZwUw75knJK0Eg==
-----END AGE ENCRYPTED FILE-----
- recipient: age1m7xhem3qll35d539f364pm6txexvnp6k0tk34d8jxu4ry3pptv7smm0k5n
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
- YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBlZTJUNEFXN2pNUnYvZUpV
- RzU5SUJkR0g3RmJLbWhFdFc1alBJNjMrNnlNCjdYY0VwRzkrcmhWOGg3SGQ5eVQy
- ZUo3ejZsRVdCTENBMG1kcXhHSzdkZkEKLS0tIEJvZEx4T3NFS1hDT3NGc1ZTejQ4
- akl4L2M1ZE1lZGpWVnRTRmw2OXJFdG8KBOVFOXsyEYPAiaUoC51Op/yBsgxo1SYM
- fcHbyvKqhV5gea/IKYbIE8XKM0ERgTi72tQBducylvclDh7sXYL6LA==
+ YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBnNW9jT01QWVg4dTdKandQ
+ Y1BnSGQ1YjNVT3RIVzJ3c0hqY3I4eWNiMUFVCmRhTjdHd20wU01DcjJKYUZUV3A4
+ aUZnK2NLNnZOa0NHTXp6Tm1xRmozaHMKLS0tIGREUUdvbEEvOVNudDFkSDZwZlVH
+ MFF3YWRKbGc0bEhBNlRLQ1RhOFY3NUEK7nju7xYip/QNWPEEKQrfj+zq3u8xqVH0
+ suEpKSDhj4Ny+c4+plx5TGlER8kDB/uRFGOBEuXD2TSTRnPewyRwyg==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2023-02-15T03:05:31Z"
mac: ENC[AES256_GCM,data:n3I8BMP5sTYiSZwmW0QXZ61WUANo7smy1W1Ctfb1Xuv/5kOTKaqaMu5osk7DTBihtXTuQIgTKqvnWaZ/V0PAQJpu6kt5SoUmfzL3QeVUbvrWhKd2EpWhncD1ZmL7WvpLYXTD6a2ubGm7n+4NuwgYXZbG4xy/Q+ASDeum4MthgtE=,iv:h6+ah6wQDMkcaj4+Hy+7jWF58XeepJKW+tnW6bLF1gg=,tag:j4telEtpvSWqkwk7U3OWZA==,type:str]