From a008c844b1c32e2d0b412d535cb623f017a45b9b Mon Sep 17 00:00:00 2001 From: LeeW Date: Fri, 7 Mar 2025 09:34:55 +0100 Subject: [PATCH] ADP-216: updates README from UAT feedback for step2 - make procedural --- README.md | 34 ++++++++++++++++++++++++++-------- 1 file changed, 26 insertions(+), 8 deletions(-) diff --git a/README.md b/README.md index e1fbc82..21a5253 100644 --- a/README.md +++ b/README.md @@ -75,26 +75,28 @@ For verification purposes, this repo also contains a _sample_ `.sops.yaml` to wh ### Update Project SOPS Config -The following commands explain how to update the `.sops.yaml` for a repository: +The following commands explain how to update the `.sops.yaml` for a repository. + +Note: For a worked-through example, see next section. 1. **Prerequisite** 1. Obtain Project Repo - - CLI: **e.g.**: `git clone git@git.dev-at.de:cloud-solutions/nso/devnso-adp-argocd.git` + - CLI:: `git clone ` 1. **Create Branch** - - CLI: **e.g.**: `git checkout -b add_pubkey_[firstname]-[lastname] origin/main` + - CLI: `git checkout -b add_pubkey_[firstname]-[lastname] origin/main` 1. **Configure Project Repo for New User** 1. List available groups: - CLI: `${PATH_TO_COMMUNICATION_KEYS_REPO}/bin/update_sops.sh --list_groups` + - Reminder: Group Name usually corresponds to Repository Name 1. Update sops config AND all secrets files: - CLI: `${PATH_TO_COMMUNICATION_KEYS_REPO}/bin/update_sops.sh -g $(find . -name secrets.yaml)` - - **e.g.**: `${PATH_TO_COMMUNICATION_KEYS_REPO}/bin/update_sops.sh -g devnso-adp-argocd $(find . -name secrets.yaml)` 1. **Commit the changes, Create Change Request (PR/MR)** 1. git: commit the changes to `.sops.yaml` and secrets files (`secrets.yaml`) files - - CLI: **e.g.** `git add .sops.yaml $(find . -name secrets.yaml)` + - CLI: `git add .sops.yaml $(find . -name secrets.yaml)` - **CAVEAT**: check for other changes with `git status` ! The files do not always follow consistent conventions. - - CLI: **e.g.** `git commit -m "adds . to sops config` + - CLI: `git commit -m "adds . to sops config"` 1. git: push branch - - CLI: **e.g.**: `git push -u origin add_pubkey_[firstname]-[lastname]` + - CLI: `git push -u origin add_pubkey_[firstname]-[lastname]` 1. gitlab: open a MergeRequest, Review, Merge 1. **Status**: New User has access to SOPS-Encrypted Secrets within Project Repo 1. **Hand-Off**: Proceed to next steps; Instruct New User to verify access to secrets @@ -112,7 +114,7 @@ Obtain Repo ```shell ## OPINIONATED GIT - use preferred method -git checkout -b `add_pubkey_[firstname]-[lastname]` origin/main +git checkout -b add_pubkey_max-musterman origin/main ``` **Configure Project Repo for New User** @@ -138,6 +140,22 @@ devnso-adp-argocd # SUCCESS: all users with keys in this dir should have functional keys ``` +**Commit the changes, Create Change Request (PR/MR)** +```shell +# git: commit the changes to `.sops.yaml` and secrets files (`secrets.yaml`) files +% git add .sops.yaml $(find . -name secrets.yaml) +# **CAVEAT**: check for other changes with `git status` ! The files do not always follow consistent conventions. +# output: +% git status +... +no changes added to commit (use "git add" and/or "git commit -a") + +% git commit -m "adds max.musterman to sops config" + +git push -u origin add_pubkey_max-musterman +``` + +Now proceed to with the remaining steps, i.e. gitlab: open a MergeRequest, Review, Merge ## 3. Onboarding: [New User] Configure SOPS