-
Notifications
You must be signed in to change notification settings - Fork 0
/
.sops.yaml
21 lines (21 loc) · 1004 Bytes
/
.sops.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
---
creation_rules:
# Select all files ending in .sops.yaml but not files whose entire name is
# .sops.yaml also look for files with secrets in the name and ending in
# .yaml or .json (e.g. secrets.yaml, secrets.json, my-secrets.yaml,
# encrypted.sops.json, etc.) and apply the following rules to them.
- path_regex: ^(.*/)?.*(secrets|.*\.sops)\.(ya?ml|json)$
##
## NOTE: use of encrypted_regex and unencrypted_regex are mutually
## exclusive. You can only use one or the other.
##
## encrypted_regex
# Select only files containing data and stringData fields
# encrypted_regex: ^(data|stringData)$
# Select all fields (not recommended!!!)
# encrypted_regex: .*
## unencrypted_regex (recommended method)
# Do not encrypt the following header fields:
unencrypted_regex: ^(apiVersion|kind|metadata|type)$
## AGE Public Key (recipient)
age: age1uh4xmxfre8wsglm3zmz765crc5y8qc42nklgfq8hlrhglunqyguqdcac6h