Decrypt sops secrets in Forgejo action
Some checks failed
/ blog-pim (push) Failing after 2m28s

This commit is contained in:
Pim Kunis 2024-05-01 23:28:18 +02:00
parent df01977bba
commit 65f8237015
3 changed files with 8 additions and 4 deletions

View file

@ -14,4 +14,7 @@ jobs:
- run: nix run nixpkgs#kubectl -- config set-context my-context --cluster=my-cluster --user=my-service-account - run: nix run nixpkgs#kubectl -- config set-context my-context --cluster=my-cluster --user=my-service-account
- run: nix run nixpkgs#kubectl -- config use-context my-context - run: nix run nixpkgs#kubectl -- config use-context my-context
- run: nix run nixpkgs#kubectl -- get pods - run: nix run nixpkgs#kubectl -- get pods
- run: |
mkdir -p ~/.config/sops/age
echo -n "${{ secrets.AGE_SECRET_KEY }}" > ~/.config/sops/age/keys.txt
- run: nix run nixpkgs#sops --decrypt src/secrets/sops.yaml | grep "paperless-ngx:"

View file

@ -1,2 +1,2 @@
creation_rules: creation_rules:
- age: age189laethzry4ylnd790dmpuc4xjjuwqxruc76caj3ceqhqug4g9qs0upuvw - age: "age189laethzry4ylnd790dmpuc4xjjuwqxruc76caj3ceqhqug4g9qs0upuvw,age1x7wv7s2z2cxcvys223rzkzrx33l85rg6jy4klr07atf5r3d8yp3qrwg4lx"

View file

@ -16,6 +16,7 @@ forgejo:
lfsJwtSecret: ENC[AES256_GCM,data:TZaptdiX/3HT2Q5lHqAOEQBkT3gV49dD6+RIludIcJVA6AevijgDonuVQA==,iv:hwU0K4JjFs8LaSNe5Dqmsj5Vz/w3sOWgSrnEW22bM/M=,tag:RJTDtYqRQdGVQ6PO2V+31g==,type:str] lfsJwtSecret: ENC[AES256_GCM,data:TZaptdiX/3HT2Q5lHqAOEQBkT3gV49dD6+RIludIcJVA6AevijgDonuVQA==,iv:hwU0K4JjFs8LaSNe5Dqmsj5Vz/w3sOWgSrnEW22bM/M=,tag:RJTDtYqRQdGVQ6PO2V+31g==,type:str]
internalToken: ENC[AES256_GCM,data:28sIm0OW2G48ZECjCf5WM9/O5kbo54S96aD20MYfGrK0pbxgAwLjL8jXO/dNobSQ+26vet2WKfLbC9MPdBjhsQ5zC/keGHUFw6TPqnuhFchTLnP+JvMoqNZzcRo2kHi/EM93luG6xQvy,iv:Iy+1EVS7lvLust4MPkxyFonna/q1NVzRyMcTSJ3F5oM=,tag:v075jl/jtqcjSkEhRZVO2g==,type:str] internalToken: ENC[AES256_GCM,data:28sIm0OW2G48ZECjCf5WM9/O5kbo54S96aD20MYfGrK0pbxgAwLjL8jXO/dNobSQ+26vet2WKfLbC9MPdBjhsQ5zC/keGHUFw6TPqnuhFchTLnP+JvMoqNZzcRo2kHi/EM93luG6xQvy,iv:Iy+1EVS7lvLust4MPkxyFonna/q1NVzRyMcTSJ3F5oM=,tag:v075jl/jtqcjSkEhRZVO2g==,type:str]
runnerToken: ENC[AES256_GCM,data:F6PsbkhT1epKfi9MpLpMqDosloVkhIiq/olBi/bbt8k88qxfw0vwvg==,iv:I/LH8V0Um+PCpjSrcjiZAN71nXcqv1m84wBUPLWT33Q=,tag:Y3qhbt7OqkRbHOCXRKLUeg==,type:str] runnerToken: ENC[AES256_GCM,data:F6PsbkhT1epKfi9MpLpMqDosloVkhIiq/olBi/bbt8k88qxfw0vwvg==,iv:I/LH8V0Um+PCpjSrcjiZAN71nXcqv1m84wBUPLWT33Q=,tag:Y3qhbt7OqkRbHOCXRKLUeg==,type:str]
agePrivateKey: ENC[AES256_GCM,data:sEsVKpDd9VQKiaQNeLMqnA5304yf+4byCG2n4PIITM7c/HBRsdqpd4/BQEiYo8w95d41SjnFBay36KX+GWvJrx9vmCx7FPmv2kU=,iv:9jCW6ZL9nhcLZiGGmcylJKGh9erTOJdCTyWQXA1cgRY=,tag:ZgSeIcqDsvJipH+M1KGhMA==,type:str]
atticd: atticd:
jwtToken: ENC[AES256_GCM,data:DTiREnIdZxsewzLXeZgERBJKorUuqI71TgmUyKyc8iH6ioJLciU/9wfLiO+ltUA+3eEnuyuJHTpFwtLS0Wrjh5G4kYNkiX6Mw1bEJZnR+x2xJAJmfa4sJw==,iv:8jJfPosy02vezJOA0oKSphUItWqQ0Pr1cc8rBSuSawE=,tag:p+dZBP5+EYHjtTH9EkdYsw==,type:str] jwtToken: ENC[AES256_GCM,data:DTiREnIdZxsewzLXeZgERBJKorUuqI71TgmUyKyc8iH6ioJLciU/9wfLiO+ltUA+3eEnuyuJHTpFwtLS0Wrjh5G4kYNkiX6Mw1bEJZnR+x2xJAJmfa4sJw==,iv:8jJfPosy02vezJOA0oKSphUItWqQ0Pr1cc8rBSuSawE=,tag:p+dZBP5+EYHjtTH9EkdYsw==,type:str]
databaseURL: ENC[AES256_GCM,data:beyFNmbapw9asGHZN52taNx6klO3IQJ7wXbYTvo1NMaFyvo5qk2osocrwkeVv3w8bUWGgbQ/LKLuvg==,iv:qGFwhuLj0ApY9EpclM0x1nVBqXjv8XZC58cy6AE3AtQ=,tag:an+slq4Wlh7/sunX44yxOQ==,type:str] databaseURL: ENC[AES256_GCM,data:beyFNmbapw9asGHZN52taNx6klO3IQJ7wXbYTvo1NMaFyvo5qk2osocrwkeVv3w8bUWGgbQ/LKLuvg==,iv:qGFwhuLj0ApY9EpclM0x1nVBqXjv8XZC58cy6AE3AtQ=,tag:an+slq4Wlh7/sunX44yxOQ==,type:str]
@ -34,8 +35,8 @@ sops:
dVBPbkRib1M1cmVKZzl4TWpoSml2WDQK45jJDXpPXIBoaANhjZSWYVZ8mI51LAin dVBPbkRib1M1cmVKZzl4TWpoSml2WDQK45jJDXpPXIBoaANhjZSWYVZ8mI51LAin
EqgBj7VKY+CQbw1gMd1Fdh8iDYraowwcLyd/ZhZ/M0kIdkCc5E1a5g== EqgBj7VKY+CQbw1gMd1Fdh8iDYraowwcLyd/ZhZ/M0kIdkCc5E1a5g==
-----END AGE ENCRYPTED FILE----- -----END AGE ENCRYPTED FILE-----
lastmodified: "2024-04-27T18:37:27Z" lastmodified: "2024-05-01T21:17:22Z"
mac: ENC[AES256_GCM,data:LP0gbW3AI0hKE3dfVdDC0+BMtz2fRbtgfxVF7zPZ6cg09cXaOlNPExAxEIzp0pBtTN7114hL3MNzczov64ES9YvP8XIXDcEZzQxVqUgkacgrCIfm1Zd2o1sIT9ORreK04+S4gnvMgbXq9TAEnxnK2SVhvthwmLVw3MXjBb2+/wc=,iv:Nf7c+AdaU8yCnhHYKwERdMzFw0qY0y0c8VMxa/Hcg50=,tag:SRvJ0YqimkswD8Ljp69jog==,type:str] mac: ENC[AES256_GCM,data:Z854yGCEukya2IxAiNp/vmOpf+MqY6Pfvk2uhhH6UPoijvt7gU/AacmieKXNc+lErqh9mxwBoEoY/SwTYymqEsjm3vAWn9mrgvs6dfaTYuyFPg0ZrnV2pT5GiCLbmPhBKw/Fx53MLmB2CcYvYtJkoZk0+pSBOKpI+Mzr1tUOn98=,iv:3wZVY4KjXriFcpCAzjRZsVo/X7gi6WLVRzalKcA41Nk=,tag:evss+EvaaMpj3LyJCNOTZw==,type:str]
pgp: [] pgp: []
unencrypted_suffix: _unencrypted unencrypted_suffix: _unencrypted
version: 3.8.1 version: 3.8.1