From cc86a3bd61f547b194087b59eb0d3cc33ca7ab45 Mon Sep 17 00:00:00 2001 From: rouja Date: Wed, 11 Sep 2024 16:59:22 +0200 Subject: [PATCH] =?UTF-8?q?=F0=9F=94=A7(helm)=20add=20marie=20key=20to=20d?= =?UTF-8?q?ev=20sops=20secret=20(#394)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Marie's key was accidentally removed in last commit. Add her key and restore .sops.yaml file, to easily add keys for local dev secrets decryption/encryption. --- .sops.yaml | 10 ++++ src/helm/env.d/dev/secrets.enc.yaml | 73 ++++++++++++++++------------- 2 files changed, 51 insertions(+), 32 deletions(-) create mode 100644 .sops.yaml diff --git a/.sops.yaml b/.sops.yaml new file mode 100644 index 000000000..070efd50a --- /dev/null +++ b/.sops.yaml @@ -0,0 +1,10 @@ +creation_rules: + - path_regex: ./* + key_groups: + - age: + - age15fyxdwmg5mvldtqqus87xspuws2u0cpvwheehrtvkexj4tnsqqysw6re2x # jacques + - age16hnlml8yv4ynwy0seer57g8qww075crd0g7nsundz3pj4wk7m3vqftszg7 # github-repo + - age1plkp8td6zzfcavjusmsfrlk54t9vn8jjxm8zaz7cmnr7kzl2nfnsd54hwg # Anthony Le-Courric + - age12g6f5fse25tgrwweleh4jls3qs52hey2edh759smulwmk5lnzadslu2cp3 # Antoine Lebaud + - age1hnhuzj96ktkhpyygvmz0x9h8mfvssz7ss6emmukags644mdhf4msajk93r # Samuel Paccoud + - age1tl80n23wq6zxegupwn70ew0yp225ua5v4dk800x7g2w6pvlxz46qk592pa # Marie Pupo Jeammet diff --git a/src/helm/env.d/dev/secrets.enc.yaml b/src/helm/env.d/dev/secrets.enc.yaml index ebadce1f7..b0d4b6e2c 100644 --- a/src/helm/env.d/dev/secrets.enc.yaml +++ b/src/helm/env.d/dev/secrets.enc.yaml @@ -1,9 +1,9 @@ -djangoSecretKey: ENC[AES256_GCM,data:G3aGkwSwmNkkPOko/25vgs4wSYwRQP4fC6i/qonuA7g/lq/ogR0s+SvrlkaSSQf0hcU=,iv:mhwQsxuG0kjq8bIObEgZKkNentt8ZMLYUoDsWUzj620=,tag:vN6oAquA2GnD1rFdyJAb5A==,type:str] -djangoSuperUserPass: ENC[AES256_GCM,data:d+eDBgw=,iv:vypp5QaAyuN7DEnVuT/+g6B6vJQwemL459qUd4q6JdU=,tag:nCb0lpIlmCU/DmW878XCSQ==,type:str] -mail_provisioning_api_credentials: ENC[AES256_GCM,data:h6oe2gOdnqPCUeI2dRNvbMoVxqB7bCWT,iv:AwPPmhzEHWil9n/V4VgME7TCtqFq4A0Z73X4a93/BzU=,tag:Fha/dvBJLrsTSZUcfWHC2g==,type:str] +djangoSecretKey: ENC[AES256_GCM,data:cjXSpQ+4IlpM6bn0fGZ6tdhWdFwppPuOwBdPEjI5kYEnj79aMalYzUUiEPImAa8/d80=,iv:h4grzvAWhya7Gz75EoQHQN0Hp0fl7I21/6G0Xx0n2P8=,tag:QKg755yZt1gm+dyVRfGBzQ==,type:str] +djangoSuperUserPass: ENC[AES256_GCM,data:GauOc+A=,iv:GAY2S6LSS3c8y4XtpyWP0jMteYjNYnAS++VFyQIWVXM=,tag:xy9IsOIpgYYieVZVgzAhcQ==,type:str] +mail_provisioning_api_credentials: ENC[AES256_GCM,data:FQdonFAixRpzMbvjjltIUvwZ3B5e7rRs,iv:zz0GynN5rxzLWAAW1Gr5RFZ0AnPBrwUlOM0tPTrDq0s=,tag:1xmZthk6+H4KCWHwjFoJPA==,type:str] oidc: - clientId: ENC[AES256_GCM,data:LGHAuGi1QJLsQa+CqAudf/TXoKJOManq2cXLbRmmNhQ+3UJm,iv:xSNzp4Iwe+EG+/opkBU88+geVIRidfcQeI07DfHm3lU=,tag:vU/jyHw/Plvjkpg/RPbhtA==,type:str] - clientSecret: ENC[AES256_GCM,data:DXpA4OVvurzqWiF5E8Y90Ih5uwamkNsj69NzFNrtsNJ6LJUpQ7cy0WG2f8VbB9zcco0IWR0dv2PeRw/edyRIcw==,iv:aYcBKU8jRPcgqBBYxQ4P2ZHAT/o55YFOwE+qGDpmHE4=,tag:XXPYeu1swbhSRlCes9S0YQ==,type:str] + clientId: ENC[AES256_GCM,data:0mjYen3Pu6/mjInlwic+IizFaMtpstUxkB5hiaxBE4eaYrf2,iv:pb+q3KPgAqWY3/xBAyF9gHyEnmFbQQsJiXKGnCxJJhU=,tag:P6jH8LS6DZb1l2KZTkMFdg==,type:str] + clientSecret: ENC[AES256_GCM,data:/1wTDUcZglxhosbQqeJBCYf1CkhUq/bXx8RcogMsc1VVumfIyJEgKuF66BAcEuDOD7h16fZwyjCD6N9M/Uj43w==,iv:o1dwPf+H0uKRU2Rbx5UM2djB3sFDTKKdG/lXZ74e2Cc=,tag:Kay/9Jqf6SDAXMl3/eg5LQ==,type:str] sops: kms: [] gcp_kms: [] @@ -13,50 +13,59 @@ sops: - recipient: age15fyxdwmg5mvldtqqus87xspuws2u0cpvwheehrtvkexj4tnsqqysw6re2x enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBuWndXczh0REFpS3Jobk9I - R2xHZkViZWlpdTlhdVN5OHBtdVZ3QlZkblZvCnFnTnllTGlnaW0zL05wcjhoUXhP - Ym1Kcm00N2FJY1pIdk9SNzMyOU9YSTAKLS0tIHZYVUMxcGMxYzJ2TmdqblhiUnNF - WU1IZCtLc0Y1ZEI4Vkw4eGZwVkZzS3cKuoSKnLlcSMAoakDHqYPnXrQFMQ1Qrn6C - ywIBZN6E/OIATQ1IVYsmnLl9j7LS6wpUcfebY6mYKQbx+OfjG2X/DA== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBwUFg5QjJtYk52a2V1YXlC + bFBsTlZNS0tsMkNoRzVEenprV29hbGtOM0dRClVOVVVlemRzcTRpY2pSMDdQMGNY + d1JYU2kyZWgxaGlRejdKb0x6YnB0L0kKLS0tIDB2dklJWWtGNi84TCtWcTFEUEkw + eWkrU1lET0xwZHZwTHJvNE53Mm9Cc3MKNCtVwUNnllvg228ax4z4oHhA383zvkhN + 2FAEOnKe94x3e2st4WrLK+fdO/4wE544ykCm2sUzXJfTN1g6N8YPyA== -----END AGE ENCRYPTED FILE----- - recipient: age16hnlml8yv4ynwy0seer57g8qww075crd0g7nsundz3pj4wk7m3vqftszg7 enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB6WVdhc090V29TTmJhWDE2 - d2hEQlpMb21wekFiYTUrR1hFaHN4NUtFWVYwCkUxOGdVUmFGdnlSVmNHcDJ6NmtF - NklCUStTbFVVQlpzYmVhbHJhREx2ajgKLS0tIDdTbFBmNi9FR1pXTFBaZHRMWnRO - eDdydlVTeVBNRmM0dUN4TnUyRjZzZU0KjoQkiFluQ7C5eiKfoQ5tDrE526y7OWKf - VrNAeVPkb0gTxGLUWWVGPgNfEJz4aScoJQ+QSYdqF6WusxRL1Xcxlg== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBzeE9WdE43cmFxT2FLMU00 + RTdXek1xNUVseXpKeWR5Y3VEUExMSUxrQkhvClkvMUQvM0tsM3JTSUZaQjVXaGR4 + QXBMQTU2UFVHSlFhK1NsVFFmM3k5NncKLS0tIE1VcjhTQ1JLdndyT2lqbGtYeFNC + TFp0N1BSbGxkQkFNSTJZN0tod1VIdE0KtqKga/vF4AfRMOr8MsHObXRAWbwQNCgY + We6JuFyJ+qL90TT6aFe7HfZP6m+LfiweOpNkzHj7TknbvSlJ/VzJZQ== -----END AGE ENCRYPTED FILE----- - recipient: age1plkp8td6zzfcavjusmsfrlk54t9vn8jjxm8zaz7cmnr7kzl2nfnsd54hwg enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBXTUxHdnZZMnJTSmRRS3di - dVdLSXpsT2VxSVI0eFk2cEJzNVJDNGJQSlVBClNtMXJTcjYyM0k4bnpxMGtIMUdD - Nkp3ZHpPUGlNWGZ3K016d3FzZ3pRWHMKLS0tIEliL0VMM28rc3g0SExveWMvQkxN - a2ViS1B2L1lRRkZOWHFIdFJJRWZhSzgK/g5qqDU9+fdFMaCuSX9kBuDtCzk9qc7J - DsROLDZlQ1bOY6oWoNTtZtZzUwbJTOlBj3ys8FhHecKB0P+SgF6ecQ== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA1UzVZZWh1djdNQUg4VGlK + WGhQT1JTcEV1Nm5qYUp3dEpvVHc0YWV5cVIwCmR2Q1pPekZJSExYQTNRM0RacTk0 + QlkvV3g1aHhJVGRQNmYrb1dpRmFhZ00KLS0tIDJtUmRUTWdHRnJ6RVFNNS9JaTRX + ajUyZjR0VkRER2t3cHhTeU1TQzBzSFEKkmVOrv1G5/1DO1l9LNNZHryb7iMnDEVW + 3gokQTKAcYd0D5G295/8Mvrm2E7j54KP5WhVjDN/f9Lg2liYEnS06Q== -----END AGE ENCRYPTED FILE----- - recipient: age12g6f5fse25tgrwweleh4jls3qs52hey2edh759smulwmk5lnzadslu2cp3 enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBLUzU4UUYyazAwY01URGhr - THpZRjBrb0M5VEpYbmVQeSt3dU0ycFJmNFRNCmhIVG9wdmNjcEZML29MQ0JaMlMy - cU1xZmNybDRsWnJaUS9mRDFEb3BGOWMKLS0tIGdhdFpBMGZLUHZhQmk3M0xJWUlz - bktQaUVjNlQ0K0cxVWlsNE0wclBIM28KMjoLelJGgocMiVBDUDvETMh9otZBAu3x - DcakJwCOMTiw9QhicMPxdA43jPz/g3/T7Qn2GzNQVa1rcYwNgkFRkg== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBoblBGaDNobGtMc3FEK0pM + QTRKUURXdUxkcGZlaGlCYWJxN0dqWHhKWlhzClAzM1F1VHVFMjZzaURvSVpZdC9C + KzlBRWgrallpMWFpT2pzL0Q2RTF4eEEKLS0tIDk2QjNqZDNMZEdKVmdZRFlyRWZD + WE5abEdmQ29zTWJqZlBwbkdJQlNQZHMKfjtz47qD3BRVNIJ2hyyBWE/+Xj5AqY9q + vZ3T7HPq2qGZIqgFNXQAyv1pgy2ulgWdxP/fawRcR/xWerb7+PkVFg== -----END AGE ENCRYPTED FILE----- - recipient: age1hnhuzj96ktkhpyygvmz0x9h8mfvssz7ss6emmukags644mdhf4msajk93r enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBaTG1NVUtLVjE2WU15MUd0 - SkVzMytQUW8ybkhGaG4rdEFPcjhieWNIa1YwClBhQzFlc1d3cTkxZk80R2ZyQnEv - OEM5R2VMZ3hwODFvSjJzcHZqQk0rVkkKLS0tIGhKVE1keWFXUWlrdFhCekhYRjVh - QXV5a3lVZE9zeDVzMjM3NkJ2cFY3bTAKDWNYDkX1gm+cIlYYj+H0zepRVrWvauhw - I3/L9daSyzY5wmVFyTYHpdQ+jxaKvQbCvwtGcGInZA/gSJFCclBoow== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA1a21pZHNUdUtqQUZ6Z3lm + VDFORFpYNlFYUFkwRVZkS3JKR0lnVTNzdlJnCkZlTi9LMXZBMEJ1Uml1cDh4ZHRy + bGlEcjEwUlp6RWJxTnhVNE5nNkxtTVkKLS0tIFV5WERuZiszNHFjd0V5cFlJWjAw + T3RVTDRZRjRUNTkwV1pQa2NSMkgydTQK8+hb0NP+Egyq4s7SmI5MPLFKJ3Jlztbh + GqOJ6vzORZwc/jvry2IMqtiZfDsdEYTAvMz16aaxcSMCmvFuXdtmvg== -----END AGE ENCRYPTED FILE----- - lastmodified: "2024-09-10T14:37:55Z" - mac: ENC[AES256_GCM,data:c4OGHDJTe9WipJcn6WwDF5GL6npgrQxbb6vCEu7k+QAT+/+zRJVtE2Mih7mnerlabGXv+gqt0UA2BwblmCsA5G3sIRKgwXUpEEPqK973w6V61HSBRkVOKwUCdv1wx82ciaU3F2BBDizRc4nrlpaT4WoXpbmBhFHZ2iHg0ky+NGM=,iv:nEqhM8TCU+1I8jiAKbCgSgizEaeUbPbaSrBEUwS+TNE=,tag:Zc4l4z3Ol0kXtFfUp/9GOg==,type:str] + - recipient: age1tl80n23wq6zxegupwn70ew0yp225ua5v4dk800x7g2w6pvlxz46qk592pa + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB3aUJKNlZPemdaY1BBdS8z + RC9UMTdmYVBsNFpjcWtrVVZiTHVtcUNnWjNrClBYWmFMTHpUT2tERG1JUHFPUm1y + bndCZHdoaWlhL3Iza3h0YUh3WWRJZ2MKLS0tIENiV1ZvV2luOFI0b0h5Q0xJQ21M + NjlseVc1TzUyNmczRVNHMThxZVlaVVUKRCqwzf0JfHRODTCWb6hS8lz0qqjx2GPS + zCMU8WcNi0Afj0h32q7xCZzRZP5vitzA2Ro9510VwQp0sN6C6rKR+g== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2024-09-11T14:03:37Z" + mac: ENC[AES256_GCM,data:OpSIQiyQ7FlIGJnh+T2rxxHETewt27jURPqbAxlfusS4yY2pxxK40Cdv7QLUcoNKOuERnWth1qKGeY4uXqxXQK72hq4DWR32t6SoX795f/W8zqtBN378wrOQIgXwamzZQeY5aV/9NNHDTVnpjdGwGF3R+WYlfk3HpAKx/yNx5xg=,iv:EZwG1RnfoU6HTV6j0+FgrxdMNMUWT/tpO4iZubLQxkI=,tag:lwnNRrGDwRg18quW2ZHxCg==,type:str] pgp: [] unencrypted_suffix: _unencrypted version: 3.9.0