From be195bab3c681ddc6b6e392e7ffd50676d775aa7 Mon Sep 17 00:00:00 2001 From: Joe Monk Date: Fri, 13 Sep 2024 20:42:35 +0100 Subject: [PATCH] Effectively look to change and change back --- clusters/kairos/apps/fluxrepo.yaml | 2 +- readme.md | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/clusters/kairos/apps/fluxrepo.yaml b/clusters/kairos/apps/fluxrepo.yaml index aea4a6d..185162b 100644 --- a/clusters/kairos/apps/fluxrepo.yaml +++ b/clusters/kairos/apps/fluxrepo.yaml @@ -14,4 +14,4 @@ spec: decryption: provider: sops secretRef: - name: sops-age + name: sops-age2 diff --git a/readme.md b/readme.md index 43697ed..b391825 100644 --- a/readme.md +++ b/readme.md @@ -32,18 +32,18 @@ Drop the user and cluster into your config and create a context to have that use I use sops with age to encrypt keys etc in git. Before pushing encrypted keys up, we'll need to re-encrypt them with a new key. -From a shell with sops and age installed, and an already known key under `$HOME/.config/sops/age/keys.txt` (or `%AppData%\sops\age\keys.txt`), create a new key in this repo `age-keygen -o keys.txt`. +From a shell with sops and age installed, and an already known key under `$HOME/.config/sops/age/keys.txt` (or `%AppData%\sops\age\keys.txt`), create a new key in this repo `age-keygen -o age.agekey`. Add that new public key to the `.sops.yaml`, and push the secret key to the cluster with: ```sh -cat keys.txt | +cat age.agekey | kubectl create secret generic sops-age \ --namespace=apps \ ---from-file=keys.txt=/dev/stdin +--from-file=age.agekey=/dev/stdin ``` -Update the encryption with `sops updatekeys`, then delete keys.txt. +Update the encryption with `sops updatekeys`, then delete age.agekey. ### Using sops