From bd44b8e1308541573c1bd4eaf742efcf84613ec1 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= <joerg@thalheim.io>
Date: Tue, 25 Oct 2022 09:52:43 +0200
Subject: [PATCH] add zowoq's key to sops policies
---
.sops.yaml | 9 +++++++++
1 file changed, 9 insertions(+)
diff --git a/.sops.yaml b/.sops.yaml
index 25bb9cc..a425423 100644
--- a/.sops.yaml
+++ b/.sops.yaml
@@ -6,6 +6,7 @@ keys:
- &build02 age1kh6yvgxz9ys74as7aufdy8je7gmqjtguhnjuxvj79qdjswk2r3xqxf2n6d
- &build03 age1qg7tfjwzp6dxwkw9vej6knkhdvqre3fu7ryzsdk5ggvtdx854ycqevlwnq
- &build04 age1vr4suv4lhtt8f59s25eukdfk67j7av72gvj7sk7ux6thusct3utqmn3pmf
+ - &zowoq age1m7xhem3qll35d539f364pm6txexvnp6k0tk34d8jxu4ry3pptv7smm0k5n
# scan new hosts like this:
# $ nix-shell -p ssh-to-age --run 'ssh-keyscan buildXX.nix-community.org | ssh-to-age'
creation_rules:
@@ -14,6 +15,7 @@ creation_rules:
- age:
- *mic92
- *ryantm
+ - *zowoq
pgp:
- *zimbatm
- path_regex: terraform/secrets.yaml$
@@ -21,6 +23,7 @@ creation_rules:
- age:
- *mic92
- *ryantm
+ - *zowoq
pgp:
- *zimbatm
- path_regex: build01/[^/]+\.yaml$
@@ -29,6 +32,7 @@ creation_rules:
- *mic92
- *ryantm
- *build01
+ - *zowoq
pgp:
- *zimbatm
- path_regex: build02/[^/]+\.yaml$
@@ -37,6 +41,7 @@ creation_rules:
- *mic92
- *ryantm
- *build02
+ - *zowoq
pgp:
- *zimbatm
- path_regex: build03/[^/]+\.yaml$
@@ -45,6 +50,7 @@ creation_rules:
- *mic92
- *ryantm
- *build03
+ - *zowoq
pgp:
- *zimbatm
- path_regex: build04/[^/]+\.yaml$
@@ -53,6 +59,7 @@ creation_rules:
- *mic92
- *ryantm
- *build04
+ - *zowoq
pgp:
- *zimbatm
- path_regex: roles/hercules-ci/.+\.yaml$
@@ -63,6 +70,7 @@ creation_rules:
- *build02
- *build03
- *build04
+ - *zowoq
pgp:
- *zimbatm
- path_regex: roles/.+\.yaml$
@@ -74,5 +82,6 @@ creation_rules:
- *build02
- *build03
- *build04
+ - *zowoq
pgp:
- *zimbatm