From 8df5b8e0842d3a97bb25052c86ced7a1e8b16e33 Mon Sep 17 00:00:00 2001
From: Lee Watson <lee.watson@netgo.de>
Date: Fri, 14 Feb 2025 12:23:12 +0000
Subject: [PATCH] ADP-179 sops manage keys

archives old keys, updates doc
---
 README.md                                              | 10 +++++++++-
 archive/.gitignore                                     |  0
 .../joshua.kapfer@netgo.de.gpg.pub.2025.02.04.archived |  0
 .../matthias.friedrich@netgo.de.gpg.pub                |  0
 .../sven.ketelsen@netgo.de.gpg.pub                     |  0
 5 files changed, 9 insertions(+), 1 deletion(-)
 create mode 100644 archive/.gitignore
 rename joshua.kapfer@netgo.de.gpg.pub => archive/joshua.kapfer@netgo.de.gpg.pub.2025.02.04.archived (100%)
 rename matthias.friedrich@netgo.de.gpg.pub => archive/matthias.friedrich@netgo.de.gpg.pub (100%)
 rename sven.ketelsen@netgo.de.gpg.pub => archive/sven.ketelsen@netgo.de.gpg.pub (100%)

diff --git a/README.md b/README.md
index 680f7cd..66e749a 100644
--- a/README.md
+++ b/README.md
@@ -20,6 +20,14 @@ gpg --import /path/to/keys/*.gpg.pub
 gpg --list-keys --keyid-format=long
 ```
 
+# EOL: Archive Expired Keys
+
+To mark a key as expired, move it to the `archive/` dir as follows:
+
+```bash
+mv ${keyname} "archive/${keyname}_$(date '+%Y-%m-%d').archive"
+```
+
 # Configure SOPS
 
 SOPS is used for encrypting secrets, e.g. credentials for various systems
@@ -64,4 +72,4 @@ sops -e -i secrets.yaml
 
 # decript, print to console
 sops -d secrets.yaml
-```
\ No newline at end of file
+```
diff --git a/archive/.gitignore b/archive/.gitignore
new file mode 100644
index 0000000..e69de29
diff --git a/joshua.kapfer@netgo.de.gpg.pub b/archive/joshua.kapfer@netgo.de.gpg.pub.2025.02.04.archived
similarity index 100%
rename from joshua.kapfer@netgo.de.gpg.pub
rename to archive/joshua.kapfer@netgo.de.gpg.pub.2025.02.04.archived
diff --git a/matthias.friedrich@netgo.de.gpg.pub b/archive/matthias.friedrich@netgo.de.gpg.pub
similarity index 100%
rename from matthias.friedrich@netgo.de.gpg.pub
rename to archive/matthias.friedrich@netgo.de.gpg.pub
diff --git a/sven.ketelsen@netgo.de.gpg.pub b/archive/sven.ketelsen@netgo.de.gpg.pub
similarity index 100%
rename from sven.ketelsen@netgo.de.gpg.pub
rename to archive/sven.ketelsen@netgo.de.gpg.pub