viktor/infra
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

[ci skip] phase 1: SOPS tooling setup (.sops.yaml, scripts/tg, .gitignore)

Browse source 
Part of SOPS multi-user secrets migration.
- .sops.yaml: defines age recipients (Viktor + CI)
- scripts/tg: wrapper that decrypts secrets before running terragrunt
- .gitignore: excludes decrypted secrets.auto.tfvars.json

No functional change — terraform.tfvars still works as before.
This commit is contained in:
Viktor Barzin 2026-03-07 13:57:42 +00:00
parent 88989cfad3
commit 7f5dbb82f4
No known key found for this signature in database
GPG key ID: 0EB088298288D958
3 changed files with 33 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

4
.gitignore vendored
View file

@ -35,6 +35,10 @@ override.tf.json
git_crypt.key
# SOPS — decrypted secrets (temporary, never commit)
/secrets.auto.tfvars.json
/secrets.auto.tfvars.json.*
# Claude Code - temporary/sensitive files
.claude/cmd_input.txt
.claude/cmd_output.txt