|
|
|
@ -190,7 +190,9 @@ Note: The `GPG_TTY` is necessary to have the password prompt appear. src: https:
|
|
|
|
|
|
|
|
|
|
|
|
Note: `secrets.yaml` is just an example; the file can have any name
|
|
|
|
Note: `secrets.yaml` is just an example; the file can have any name
|
|
|
|
|
|
|
|
|
|
|
|
## 4. Offboarding: [Existing User]: Archive Expired Keys (EOL)
|
|
|
|
# Playbook for Removing Expired Keys
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
## Offboarding: [Existing User]: Archive Expired Keys (EOL)
|
|
|
|
|
|
|
|
|
|
|
|
To mark a key as expired:
|
|
|
|
To mark a key as expired:
|
|
|
|
1. move it to the `archive/` dir
|
|
|
|
1. move it to the `archive/` dir
|
|
|
|
@ -216,7 +218,7 @@ find groups/ -name ${keyname}
|
|
|
|
# For each group, update sops config in that repo
|
|
|
|
# For each group, update sops config in that repo
|
|
|
|
# Example:
|
|
|
|
# Example:
|
|
|
|
% cd devnso-adp-argocd
|
|
|
|
% cd devnso-adp-argocd
|
|
|
|
% ${PATH_TO_COMMUNICATION_KEYS_REPO}/bin/update_sops.sh -g devnso-adp-argocd
|
|
|
|
% ${PATH_TO_COMMUNICATION_KEYS_REPO}/bin/update_sops.sh -g devnso-adp-argocd $(find . -name secrets.yaml)
|
|
|
|
# now git commit, push, etc
|
|
|
|
# now git commit, push, etc
|
|
|
|
```
|
|
|
|
```
|
|
|
|
|
|
|
|
|
|
|
|
|
LeeW
10 months ago