* E.g. look up in in [verify/.sops.yaml](verify/.sops.yaml)
## 1a. Onboarding: [New User]: create and add a gpg key
- Within this repository, create a branch titled `add_pubkey_[firstname]-[lastname]`. <!-- NOTE: Validation Hack: User will not be able to mistakenly create this literal branch, as the unpermitted chars '[' will prevent the branch from being created: "Branch name cannot contain '['" as per https://git-scm.com/docs/git-check-ref-format. I.e. it's a dirty hack to get some server-side(?) validation ;-) -->
- Web: e.g. The following link can be used to create a branch: [https://git.dev-at.de/smardigo-hetzner/communication-keys/-/branches/new?branch_name=add_pubkey_[firstname]-[lastname]](https://git.dev-at.de/smardigo-hetzner/communication-keys/-/branches/new?branch_name=add_pubkey_[firstname]-[lastname])
- CLI: e.g. `git branch add_pubkey_[firstname]-[lastname]`
1. Clone this repository
1. Create a branch titled `add_pubkey_[firstname]-[lastname]`. <!-- NOTE: Validation Hack: User will not be able to mistakenly create this literal branch, as the unpermitted chars '[' will prevent the branch from being created: "Branch name cannot contain '['" as per https://git-scm.com/docs/git-check-ref-format. I.e. it's a dirty hack to get some server-side(?) validation ;-) -->
<!--- Web: e.g. The following link can be used to create a branch: [https://git.dev-at.de/smardigo-hetzner/communication-keys/-/branches/new?branch_name=add_pubkey_[firstname]-[lastname]](https://git.dev-at.de/smardigo-hetzner/communication-keys/-/branches/new?branch_name=add_pubkey_[firstname]-[lastname]) -->
- CLI: e.g. `git branch add_pubkey_Max-Musterman`
- Note: no strict naming convention for the branch, it's strictly a Human-in-the-Loop process
- please follow steps 1-13 at the following link: https://docs.github.com/en/authentication/managing-commit-signature-verification/generating-a-new-gpg-key
1. Follow steps 1-13 at the following link: https://docs.github.com/en/authentication/managing-commit-signature-verification/generating-a-new-gpg-key
- CAVEAT: step 14 is not necessary, as it is specific to a GitHub account
- add ONLY the _PUBLIC_ part of your gpg key!!! to this repo
1. add ONLY the _PUBLIC_ part of your gpg key!!! to your branch
- file format: `<email>@netgo.de.gpg.pub`
- git: commit the new file, push
- open a MergeRequest/PullRequest
- hand-off to an Existing User of the repo.
1. git: commit the new file, push
1. open a MergeRequest
1. Hand-Off: Assign the MR to an Existing User in your Team to have your key added.
1. Hint: Look up all Existing Users at: [verify/.sops.yaml](verify/.sops.yaml)
## 1b. Onboarding: [Existing User|New User]: Add new user to groups
Access for each repo is tracked using the `./groups/` directory; each sub-directory represents a "group" (Note: some "groups" are also "roles", e.g. `admin`)
Most of the groups correspond directly to git repository names, aka "project name"
Most of the groups correspond directly to a git repository names, aka "project name"
LeeW
10 months ago