From f81a4cbfea56342c02b46f3f5141758fe5d21505 Mon Sep 17 00:00:00 2001
From: auricom <github@xpander.eml.cc>
Date: Fri, 16 Apr 2021 09:18:28 +0200
Subject: [PATCH] feat: pre-commit & sops

---
 .pre-commit-config.yaml                       | 60 ++++++++++---------
 .sops.yaml                                    |  5 +-
 .../apps/development/drone/helm-release.yaml  |  1 +
 3 files changed, 35 insertions(+), 31 deletions(-)

diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
index 7b09437e2..f52cf5cdf 100644
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@@ -3,31 +3,35 @@
 # See https://pre-commit.com/hooks.html for more hooks
 fail_fast: false
 repos:
-- repo: https://github.com/adrienverge/yamllint.git
-  rev: v1.25.0
-  hooks:
-  - id: yamllint
-    args:
-    - -c
-    - ".github/yamllint.config.yaml"
-- repo: https://github.com/pre-commit/pre-commit-hooks
-  rev: v3.4.0
-  hooks:
-  - id: trailing-whitespace
-  - id: check-added-large-files
-    args: [--maxkb=2048]
-  - id: check-merge-conflict
-- repo: https://github.com/Lucas-C/pre-commit-hooks
-  rev: v1.1.9
-  hooks:
-  - id: forbid-crlf
-  - id: forbid-tabs
-- repo: https://github.com/jumanjihouse/pre-commit-hooks
-  rev: 2.1.5
-  hooks:
-  - id: shellcheck
-    args: [--severity=error]
-- repo: https://github.com/k8s-at-home/sops-pre-commit
-  rev: v2.0.1
-  hooks:
-  - id: sops-encrypted-check
+  - repo: https://github.com/adrienverge/yamllint.git
+    rev: v1.26.1
+    hooks:
+      - id: yamllint
+        args:
+          - -c
+          - ".github/yamllint.config.yaml"
+  - repo: https://github.com/pre-commit/pre-commit-hooks
+    rev: v3.4.0
+    hooks:
+      - id: trailing-whitespace
+      - id: check-added-large-files
+        args: [--maxkb=2048]
+      - id: check-merge-conflict
+  - repo: https://github.com/Lucas-C/pre-commit-hooks
+    rev: v1.1.9
+    hooks:
+      - id: forbid-crlf
+      - id: forbid-tabs
+  - repo: https://github.com/jumanjihouse/pre-commit-hooks
+    rev: 2.1.5
+    hooks:
+      - id: shellcheck
+        args: [--severity=error]
+  - repo: https://github.com/sirosen/fix-smartquotes
+    rev: 0.2.0
+    hooks:
+      - id: fix-smartquotes
+  - repo: https://github.com/k8s-at-home/sops-pre-commit
+    rev: v2.0.1
+    hooks:
+      - id: forbid-secrets
diff --git a/.sops.yaml b/.sops.yaml
index 5442a60c0..45c062666 100644
--- a/.sops.yaml
+++ b/.sops.yaml
@@ -1,6 +1,5 @@
 ---
 creation_rules:
-  - encrypted_regex: "((?i)(pass|secret($|[^N])|key|token|^data$|^stringData))"
+  - encrypted_regex: "^(data|stringData)$"
     pgp: >-
-      $FLUX_KEY_FP,
-      $PERSONAL_KEY_FP
+      C8F8A49D04A1AB639F8EA21CDBA4B1DCB1FA5BDD
diff --git a/cluster/apps/development/drone/helm-release.yaml b/cluster/apps/development/drone/helm-release.yaml
index 225d57eab..b8018b973 100644
--- a/cluster/apps/development/drone/helm-release.yaml
+++ b/cluster/apps/development/drone/helm-release.yaml
@@ -32,6 +32,7 @@ spec:
       DRONE_GITEA_CLIENT_ID: ${SECRET_DRONE_GITEA_CLIENT_ID}
       DRONE_GITEA_CLIENT_SECRET: ${SECRET_DRONE_GITEA_CLIENT_SECRET}
       DRONE_GITEA_SERVER: https://gitea.${SECRET_CLUSTER_DOMAIN}
+      DRONE_GIT_ALWAYS_AUTH: true
       DRONE_LOGS_TEXT: true
       DRONE_LOGS_PRETTY: true
       DRONE_LOGS_COLOR: true