From 6e239a8e90a3ce3f8a0b2a831e6eb9f349086ec5 Mon Sep 17 00:00:00 2001
From: Richie Cahill <Richie@tmmworkshop.com>
Date: Sun, 7 Jan 2024 16:57:42 -0500
Subject: [PATCH] creating groups for sops.yaml (#25)

* creating groups for sops.yaml
I used yaml anchors
https://en.wikipedia.org/wiki/YAML#Advanced_components
I also ran the redhat YAML formater

* fixed typo
---
 .sops.yaml | 72 +++++++++++++++++++++++-------------------------------
 1 file changed, 31 insertions(+), 41 deletions(-)

diff --git a/.sops.yaml b/.sops.yaml
index c4ed2b1..cadcf9d 100644
--- a/.sops.yaml
+++ b/.sops.yaml
@@ -10,6 +10,16 @@ keys:
   - &photon age13aqs2mx66dmnyd74sygnwavufv6a4pwnvcqj4ud4l94jk0tjgu6ss57slw
   - &jeeves-jr age1lffr5f5nz0nrenv3ekgy27e8sztsx4gfp3hfymkz77mqaa5a4gts0ncrrh
 
+admins: &admins
+  - *admin_alice
+  - *admin_dennis
+  - *admin_richie
+
+servers: &servers
+  - *palatine-hill
+  - *photon
+  - *jeeves-jr
+
 # add new users by executing: sops users/<user>/secrets.yaml
 # then have someone already in the repo run the below
 #
@@ -17,54 +27,34 @@ keys:
 creation_rules:
   - path_regex: systems/jeeves-jr/secrets\.yaml$
     key_groups:
-    - pgp:
-      - *admin_alice
-      - *admin_dennis
-      - *admin_richie
-      age:
-      - *jeeves-jr
+      - pgp: *admins
+        age:
+          - *jeeves-jr
 
   - path_regex: systems/palatine-hill/secrets\.yaml$
     key_groups:
-    - pgp:
-      - *admin_alice
-      - *admin_dennis
-      - *admin_richie
-      age:
-      - *palatine-hill
+      - pgp: *admins
+        age:
+          - *palatine-hill
 
   - path_regex: systems/photon/secrets\.yaml$
     key_groups:
-    - pgp:
-      - *admin_alice
-      - *admin_dennis
-      - *admin_richie
-      age:
-      - *photon
-  
+      - pgp: *admins
+        age:
+          - *photon
+
   - path_regex: users/alice/secrets\.yaml$
     key_groups:
-    - pgp:
-      - *admin_alice
-      age:
-      - *jeeves-jr
-      - *palatine-hill
-      - *photon
-    
+      - pgp:
+          - *admin_alice
+        age: *servers
   - path_regex: users/dennis/secrets\.yaml$
-    key_groups: 
-    - pgp:
-      - *admin_dennis
-      age:
-      - *jeeves-jr
-      - *palatine-hill
-      - *photon
-
+    key_groups:
+      - pgp:
+          - *admin_dennis
+        age: *servers
   - path_regex: users/richie/secrets\.yaml$
-    key_groups: 
-    - pgp:
-      - *admin_richie
-      age:
-      - *jeeves-jr
-      - *palatine-hill
-      - *photon
+    key_groups:
+      - pgp:
+          - *admin_richie
+        age: *servers