From 560adf4cf94198cc7c5694b06abaec5dc826e3ac Mon Sep 17 00:00:00 2001
From: revol-xut <revol-xut@protonmail.com>
Date: Fri, 25 Feb 2022 00:09:45 +0100
Subject: [PATCH] adding test and production sops files

---
 .sops.yaml              | 24 +++++++++++++
 keys/sops/server.asc    | 28 ++++++++++++++++
 secrets/production.yaml | 74 +++++++++++++++++++++++++++++++++++++++++
 secrets/test.yaml       | 74 +++++++++++++++++++++++++++++++++++++++++
 4 files changed, 200 insertions(+)
 create mode 100644 .sops.yaml
 create mode 100644 keys/sops/server.asc
 create mode 100644 secrets/production.yaml
 create mode 100644 secrets/test.yaml

diff --git a/.sops.yaml b/.sops.yaml
new file mode 100644
index 0000000..c111d26
--- /dev/null
+++ b/.sops.yaml
@@ -0,0 +1,24 @@
+keys:
+  - &server age12frtpxgne7eq38mwv4meef695tvay5mdpanlzsw3nezfwpsgmu4st09uzz
+  - &revol-xut 91EBE87016391323642A6803B966009D57E69CC6
+  - &j03 9EA68B7F21204979645182E4287B083353C3241C 
+  - &nek0 523258BFC3B4533D8D2A7C5977CB2BEB699E245A 
+   # private key stored in repo, used for test VM
+  - &test age1925katzy5gws3f9hnvnlwspu6trxf488arwt6ayw3urg2mgumqhszxnmqh 
+creation_rules:
+  - path_regex: secrets/production\.yaml$
+    key_groups:
+      - pgp:
+        - *revol-xut
+        - *j03
+        - *nek0
+        age:
+        - *server
+  - path_regex: secrets/test\.yaml$
+    key_groups:
+      - pgp:
+        - *revol-xut
+        - *j03
+        - *nek0
+        age:
+        - *test
diff --git a/keys/sops/server.asc b/keys/sops/server.asc
new file mode 100644
index 0000000..b47bf42
--- /dev/null
+++ b/keys/sops/server.asc
@@ -0,0 +1,28 @@
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+
+xsFNBAAAAAABEAC6OjA56skQT7IPiuSzarkTu4jlYnOwqIctMBNC/C+I1BreSh97
+moELV+Rr7OT5nevSkzHrHMU2L8+lGhRuTiBkz1AsKPBeI31Siw6p1rDZOb2/ofxh
+B1H2ripTCZCh3nnBcW2YAnssroba0DBg/xMPtFb2iMnU47X4BZGUiMfXzbwmVM5K
+gwudFgjC+TkhsaQaUBT3NW2q5aJVGO5qY+LQMedUsKUcG1ms5uuAZcJkGetIHM3n
+LH+1jgLGrnrUg0HpOvutf6EclYYH5MjWerIx2U/qyodF4IFxJmKRYtLYCqSbKUb/
+mfdIjeHcAHmBxhMj1eXfuktjNstjCV1ZsxV+VQa8U5BiViGKpZOgGmNOrOcD1FV4
+Tugm2B+mfD9KLz1p3ij/DVtbZrAdOGPfcWqvAKr8uH1ozgx/61uqb4uNIqSaxT4A
+U57v0Bs9uU2hqp6zxjZfVovxB6YfBMVp6cgvnNAzTQgxcwHHUk0KLLTzKFoUFkDR
+O1vXgtRAhJVLaRg5fqvlb2bn/TpYRAF+Js9uF191+krNMyQX6tx3LKoyoLc9DxDQ
+91NrTBKDcfKIICeAnCZzTvTqf9NYix7v1KhUSEERSu3MP7QddyMZASREioimV/Ul
+DXfslRn6cWh6luIth29tHl7bV1fPKiONue/yf1By1a+p3dVoPmn9NtcTCwARAQAB
+zSlyb290IChJbXBvcnRlZCBmcm9tIFNTSCkgPHJvb3RAbG9jYWxob3N0PsLBYgQT
+AQgAFgUCAAAAAAkQ3NsQItaExXICGw8CGQEAAE2SEABqqjm0svmI7jKH0p0lbuWN
+iWQkpyM4x/QeBbqK0bDC2dPAUSUCx5kxcbcF1mk25YjxaLljOjjyM5w9zmz9xVL6
+MIKldyejjxdXonPbkUNNJJ+9UPZoEE+GMzIclJFWDuC1BfLv/fYZVrPWmrJw4bs4
+RzGN08N9MY2kczVoX8+c87STs7dWjYzm1uy/aT3kDt4xa1suffqRiQopr1Boqrp3
+mEQKUCaqj+/eanA3TXhsrQplnJ+JUzCMo2ES0/4YV7EpmDyBJxTtBTG302cQO0TP
+6NZptJaE8cu714JeSXxBnl6KFgXkhz/XCq/b8hdQOzfsFLtqRXlC25AIEVXJpBIp
+9zhaHxgVZy8DnHkGFipxpqhe7dIPzR78nP1eQvd4daR2GtSXW5xfcJw1aszW3xV3
+FjqZvXo9Cdr1dPE5raEHdJe35qHnc9IWHKCxj/M9i5FXGqujoPCABSgrh1pA9PgF
+zFUXh9gzRc3J1O6kT5xzgjaXF+/NGTNCGW1xQ87kGLE6B5N99ZoGpV4RdB0oGMO1
+rLJjycaQf9jczqwfoJnQ0rFWELRgOObukDhQ6u8KbaLIRGkkHlZ4oNyC0j3t5gD1
+oo3SemG+hCzjeeDT07El3w2VyKY/gfY+sCXDOr7xeKfdr80RUAVgIn3RdEunxocW
+iKQPIaw4k9zPmsvqqmxUnQ==
+=cz4x
+-----END PGP PUBLIC KEY BLOCK-----
diff --git a/secrets/production.yaml b/secrets/production.yaml
new file mode 100644
index 0000000..39f7dc7
--- /dev/null
+++ b/secrets/production.yaml
@@ -0,0 +1,74 @@
+mock-data: ENC[AES256_GCM,data:lG/8lg==,iv:QtS423GUNUIbQFfh7Wygcr4HEw6Jp1BBfwiseeLg5UM=,tag:qaqAHElIlA81efBMxU5Xew==,type:bool]
+sops:
+    kms: []
+    gcp_kms: []
+    azure_kv: []
+    hc_vault: []
+    age:
+        - recipient: age12frtpxgne7eq38mwv4meef695tvay5mdpanlzsw3nezfwpsgmu4st09uzz
+          enc: |
+            -----BEGIN AGE ENCRYPTED FILE-----
+            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBUUkR0VzBudjhWQTRjdUtk
+            Vk1uYWhraWRmR3A1d1JnalJ5NEY0d1RWRkNJCjBsSW9RcHRLZmpGb2dRL09CZEFo
+            OVJtNmhiakczUWpUcFg1OWdBZHlIcG8KLS0tIFhRRTE0NCs1Qy9MN0I4N3gvUVQ2
+            VlBmRDN4MDdQNGcxRkprbzZvU0Z1ZlkKrupz5vF/kBXrbiitLG0+TJh+ONSpVpeP
+            48V0iqoyJP83dy4QS1H+R3W89xgSohwnzxRtBY72MGh7eLsTE492cA==
+            -----END AGE ENCRYPTED FILE-----
+    lastmodified: "2022-02-24T23:06:52Z"
+    mac: ENC[AES256_GCM,data:vf8C3GNilaYvaZ1cCSzp3G203aQZtm+2HodYosMbEkMJK/v6C1XcTXkB2O10/eEp2EUJld1hqgIhbKDTdb+3G6S6497rdXUVWBq7AxA2HZG80ZKVm2Yi2CtE2FMA9Eg3Vhb+3dA1hwu6kyOezcb0s2izoX0jl5selk45gnhc1wM=,iv:03HuYVe8wjThX/BfJo6i7YjQOqx3zkc6V1qUujriaIQ=,tag:HIvqooqk613I9qMOCCHEkA==,type:str]
+    pgp:
+        - created_at: "2022-02-24T23:06:32Z"
+          enc: |
+            -----BEGIN PGP MESSAGE-----
+
+            hQILA/YLzOYaRIJJAQ/42Eqx0klsGg+iA164v8Cf6BLcj9sFDU+2y2Nh7sfPYbHf
+            999JED5YUeiKlMLWpSDeqff81omP7YhBVrrpiaHg2Aa7UQl8fGBve7mgxSGfuCOO
+            6lkdDoTXEf5I2TAo7XUsc0z+C6q8UUeW5D+TOGw3nKp9WYrwpeIgBRaReLbivF7Q
+            IPgA++eVa3fYp15wX2gPbG9kNgsO4dkodGiZa3IHsRCquIcU8dnjNaatEJ4YH5kE
+            5IBDeFcVCCsUdLHispkOkgdKIFAapjxlaitc0IjmqjvaE93RfARYS2P9e2wwtK2h
+            VPSW6MGqFMGTwas8uJdDYlyhSY+G6bAZGehaK5w3uMH09jf4uWPqPO8Grg+Ey0kp
+            L+Fqi0T9fG3sNcrNnA31CEXjwcI8jEZcOVYQg8cq4plFqUrPc0/ONkmChtw240uj
+            sJt9n9rSwyqWoQPYZRqCLxFQdv4iAOp89wF0245L6lK/0QJoM7PmEGSmngn4P/rv
+            0ypHGFEtqOF4hFN6vap0p4YjvLuaxNvqTKWQ482ZIhCgxuCnWBF0PGMWDbcnDtRk
+            Z65Obc850Df/0cSYfyGrXaWxIEYIYHYxrvsfCRFn2Eqk6YJfh5nmm9c0R0X2hl1u
+            oHAA6GrDrWrj2FHNvEAZXwOnh3CDtpn3+ZPilOZiRh9EtjtBa1QfdiHTlXfQPtJe
+            AXCF6DDwQTT5IU8itizjUkqFnZZZePL0t2KBCpPvDX7wsp3tDCgvPk/FMaNQ0Rh2
+            ylfwk95WaArweZptuca4cDqqpKv8RohHmHyBLs/u6Ven2z1Qthz3HadGjQJYmg==
+            =ENDR
+            -----END PGP MESSAGE-----
+          fp: 91EBE87016391323642A6803B966009D57E69CC6
+        - created_at: "2022-02-24T23:06:32Z"
+          enc: |-
+            -----BEGIN PGP MESSAGE-----
+
+            wcBMA/Z87ylQaotQAQgAFuli2lC5g+VdatJ3GEyGknqWSSU93zta3Sn/R9XcBJ/J
+            oRRaPA9y1z1oJ8+S/qCsmBiKxlF75zrPh5hovlveBBlq49Fy5C5MhXfvKJY7Gb+A
+            PV+YaGplzqgg5uXsHYc4gEjyPWt9DLBXYOsV8zQE/50ZEDwVFOmYtUU9iZ0gHxya
+            aKZHsFHj8Y/F5HglbZ5p96zuVJwKW6aWrvOiXvvaSGmFh9UaWkzv0m1LvHDDObG1
+            S/Mac9PTdO6EZvJLMJCJYVDgVajgwhE3HuxD1e4P1284sfM70gf/avR994Mc8qFD
+            1NjISkNO0QnuKR/ztUYCGwt8i+C4ec1Jd+4GXzMIEdLmAYBCOhgjLkXEAXIeCH1E
+            GEmvieHgi7p/pnPf3rGUZOXH/G3gPeXxta580QEYfJNr4mgfQD2T7XmXJzN1K5KG
+            D+TtWY8DuvOAHXGDAdmQ+fuZ4lPBNUYA
+            =S2YM
+            -----END PGP MESSAGE-----
+          fp: 9EA68B7F21204979645182E4287B083353C3241C
+        - created_at: "2022-02-24T23:06:32Z"
+          enc: |
+            -----BEGIN PGP MESSAGE-----
+
+            hQGMA2KDZoT6Qv5iAQwAnP2y8OClX60z1NAMmTGoOrKi/Cnc8CUbP30WawGmaPgy
+            bZbk97B4e7zoaE7HhtoMRpkPg6jh1EPXt/fuA3eBrOK+TdWJqM5/EP3PS2AzUkxv
+            LtvehVVcRkQKJ8QurGAzMG9GoJgAiGlpTEh04wlJvk9b0cNjCMnNAG2rRiRx5a8C
+            DfQLtAWIdr7q9UjQXHsIHoVnFbGADxqBGnHz74UFqoXg2syeAog6KTAtCXrl+Yf3
+            ZokZiI1Io644hvkfdnI5czIh1S7hmsy/ZcN0U+zHZk6YPjZuMyZW7rNOm+Lg5UxE
+            xDnqdEEeFEl27YB2Oxv3kyFZ62xJiyFUMQgZwLbFOUSWF72R2ky6q2pK3vnJw7ix
+            Jpmnwn6Gmr0tk6ggMoL31gTCREM/yBJ5rxlFjW87LLs+J6xL0nbzFrjHVfg6KFlK
+            JI45LtCkgl/7F/Ho3DTUe3aArEAJ00h+LFFrm/QSWkVpm8zAvAB0mLfaMQf7EAqH
+            K1QBWnBITuhLuKQAGPrT0l4BrA1qkFU1BJSAoQSbDFgnhZdBfqddgfRDwWaDWjor
+            nRyxg9FIJKEgzLqttfJtUVrXEOw9YPDUgd3JA0II4sF6jXeDNkzXvVLTpY276JBQ
+            lCnrWXqvf+aduH/7o/5R
+            =Nmng
+            -----END PGP MESSAGE-----
+          fp: 523258BFC3B4533D8D2A7C5977CB2BEB699E245A
+    unencrypted_suffix: _unencrypted
+    version: 3.7.1
diff --git a/secrets/test.yaml b/secrets/test.yaml
new file mode 100644
index 0000000..749a4b2
--- /dev/null
+++ b/secrets/test.yaml
@@ -0,0 +1,74 @@
+mock-data: ENC[AES256_GCM,data:wVfsaQ==,iv:pC7h7DNPruPymwsIkzlejwgqm/1j2LlDKy6d8Lw/OVs=,tag:ginWj5aJo0uhYvkkKo5KRw==,type:bool]
+sops:
+    kms: []
+    gcp_kms: []
+    azure_kv: []
+    hc_vault: []
+    age:
+        - recipient: age1925katzy5gws3f9hnvnlwspu6trxf488arwt6ayw3urg2mgumqhszxnmqh
+          enc: |
+            -----BEGIN AGE ENCRYPTED FILE-----
+            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBCcHdGSlF0TVlEU2pqam5U
+            Rk45YUtIT3JYMzJXRThXWDQwR0s4eVRFR1VFCjdRQWY0V0VzTEc3cmhwbzY0dzdq
+            bkZuSGgzclRORG1JMVk5SVhwcG9EWGMKLS0tIDdMVytwSW9xQTM3d1AyWTU0TjhU
+            VDcvM1FEb0hQZUwwRnVqZmRpWGF1cmcKZNj63fM9tbx1KLtp7BBe7XceC3euJb5K
+            GVboPVOt5Q5AwH+krD6nO/O2DeLLkS+53p383hSdpZ7KjvKAWHC5dA==
+            -----END AGE ENCRYPTED FILE-----
+    lastmodified: "2022-02-24T23:08:28Z"
+    mac: ENC[AES256_GCM,data:WHBzwwyI9zKmh/kD9wI9dMSCK9kALEJSVPsWpHyNBqus85jngCmKVLsG9mOguIqauZwXgRi1TX4c527Tf5A2AAKqUi87nJSSwvbzvUg9iY3L2ktmsM3GnQW1uD4awWbTwEZH1EVTqgZx6xSInSJjXJIX7/G6q4A0iuz81WPdo8w=,iv:4Z3zJAI2rkYNMq6k4talEe2rTzAj/1U6MOzeFzrdr5M=,tag:1kWq3Arx5+l7ec49hnN+6g==,type:str]
+    pgp:
+        - created_at: "2022-02-24T23:08:06Z"
+          enc: |
+            -----BEGIN PGP MESSAGE-----
+
+            hQIMA/YLzOYaRIJJARAAz9okCF9v1GszTi3MUy1WwzeI6d4Y5Zmbph6L2Nwdgj5u
+            b4hmgGdKw+QPSN2vmZqb8cITBobnouDmlnNe3AWUtKMpJbc2fW/tijvRAg92nC3u
+            5Nv2nvSs5/xWTr6uHxZsbHTLxiDkalF+GnZoJxzsR94QVWjKWcFcoLw56Fz3na4Q
+            pVz0aigaJdi6prrLUygIbwf/K117B8/6FcUjj3RPBzZa73I4X6n17EF1dQOkvj0C
+            h8MNpAY3ZDlDWASSjWOh+4zzBXR3LgwNG1yvvkC81oH4EhCV8zC3VSd9IPOd8mSC
+            HcchfbVp5nvj4yYqzQ9x4ngegmsUscqed5Bl0/RsTW/fCQIpGymScaVlHZr41oKL
+            lwymGCMtwIngXK2k8HsJOBJRD0l3bZL7w8gpwtVS12azp4SCWjxSN7KMtwrIwAmm
+            /DIq3q8OaXgj73R7Ra3S9tUQlkInXeYjf4ivXGFw1bZ/muYqbWZYCdMwUGCeFxQ+
+            KN9HW0GHAIATkzxnfQ+7Qoiv5nKBoQb27s2L2DaKs7yW4uehlOFYGVK76IMajReR
+            QiPlsCqa9Pb25RQEXW/XV8zmwI7xmZfShgePb5XTPAltrWLniD1RhiaVHNKW2Nk3
+            a0SIxnc7ySobj/u8EDiRu7uWlV31E+NbOx9dLslbqyky7yVp0lp6kI8K9Rizu37S
+            XgEwPe+cRNCc9dz519XVe4DImTOH7oHdWvP/Y7LluAuO6Q5JzU9UXOmoAYAq9uVj
+            Gb3lDhdwbfObyf8Mb73JDn4qIdwyWbCmXTHxNLNVer48ABz+a/ZLf0vpdvNcnno=
+            =Rhwu
+            -----END PGP MESSAGE-----
+          fp: 91EBE87016391323642A6803B966009D57E69CC6
+        - created_at: "2022-02-24T23:08:06Z"
+          enc: |-
+            -----BEGIN PGP MESSAGE-----
+
+            wcBMA/Z87ylQaotQAQgAfgktHEov5x+NkZBpT0tLE3NLh1RyOaFqSaSYdGQ5v7KT
+            lxLJfUMjXB9iYpfXGO/ZXiSVQqvzb8Ptt/WMwKTaIBvX5zkTx6JbEkwQQMH0Ocl3
+            TmTOewhHyyCkBLkSgpTR9cGoSQBvVK929Fg55JjgibBdljZi90ydnAx56nESkGWw
+            Db+gAd87oMZRRwr4988d18BkdpASQvcV3EidOuVUywkyRtYhDRAtftMrgKjaBZU4
+            nlux1YRKQLqLsFhR/ZePSbkqboiWwiyUIbCOnk/9T3y5ErKrEyPSp6MV7e332FYg
+            1uRkyRyzSexxuPpG2V4namgKjFWd6rSBap5mWUkHgtLmAXBQX6V6D1XzkaJz/5G8
+            Bps/1gQEadDxyuf+Nry8A7OVlAgq3LcDz3XZ4hjGvXJ4GvIioJnZWO8VtMU0YN0Z
+            tuQCMkQ0Xqq0ZRcsdsFYvJmO4nwm0usA
+            =ZESq
+            -----END PGP MESSAGE-----
+          fp: 9EA68B7F21204979645182E4287B083353C3241C
+        - created_at: "2022-02-24T23:08:06Z"
+          enc: |
+            -----BEGIN PGP MESSAGE-----
+
+            hQGMA2KDZoT6Qv5iAQv+LfRJUUOt2CKFiia8E9qFjH/MaYRhf/laa0j9dip+xDQE
+            O1ZvNBDOV0QrmZFIORVaGwnEjcvH+e+nIvNYboyPUbMrliiZPjnWhAk4yr9ofo/c
+            YBHnZJAMhAHGnc+bw+ooAKyWa4PWNLafi26gejxOrZ2wvWs8mPESJpSuJd6d2Ghs
+            avIw5QPrIguroAnf8ZV/fGm26QrFI9nFH6mqf7q02bhXiea1PU/30UpmAZz0GiMR
+            Uv2iGn30SlDzD4sUWvkLI2ZyrHT2TUQ9X3geKoTxZbccj+5X+4kAjtQvlZ5bFtbe
+            G+mwsv5bC61y+z5ST1pDClpBpzatTi6wPGRJTRLxjlOxkGhzVm/vsDELtpcI0xb+
+            HXt/huqHOlr6n21dU8kxv1vbRXKxJcxkQyO+IAFLh4Yj8olzIKWX4LCAiTn1221S
+            zMu/+cToA1GlT0eFu94oUKRHdY1XIXYBmEoEjxZQjzZ1lrVumibmvZOckxj+pP9k
+            WwmqqjyZmyaB+v2Fxfhx0l4B97L56OpwG+TcvAj9ldH6yZBMks08pIThi6ngMN9B
+            mK2a7sHO2oWLM/lTOk4sWOMqJwj5ZIzJDoUUa6s/S7n0qgZCi2h9L7XVU9g+Ro1w
+            eL6PS35L7tHCu/4FKgvc
+            =MlJl
+            -----END PGP MESSAGE-----
+          fp: 523258BFC3B4533D8D2A7C5977CB2BEB699E245A
+    unencrypted_suffix: _unencrypted
+    version: 3.7.1