From 8749e4e860d39f541239f58e4d4faa13b22ffbe9 Mon Sep 17 00:00:00 2001
From: Spencer Krum <nibz@spencerkrum.com>
Date: Thu, 23 Jun 2016 10:10:39 -0700
Subject: [PATCH 1/5] Script to automate encrypting secrets

---
 bin/encrypt_credentials.sh | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)
 create mode 100755 bin/encrypt_credentials.sh

diff --git a/bin/encrypt_credentials.sh b/bin/encrypt_credentials.sh
new file mode 100755
index 0000000..9748941
--- /dev/null
+++ b/bin/encrypt_credentials.sh
@@ -0,0 +1,16 @@
+#!/bin/bash
+
+set -eu
+
+rm puppet_credentials.asc
+
+recipients=""
+for recp in `cat recipients.txt`
+do
+    echo "--recipient ${recp}"
+    recipients="${recipients} --recipient ${recp}"
+    gpg --recv-keys ${recp}
+done
+
+gpg --sign --encrypt --armor $recipients puppet_credentials
+

From 1db6191f31e1c9cb9c38459d5547bf236cc5b1e7 Mon Sep 17 00:00:00 2001
From: Spencer Krum <nibz@spencerkrum.com>
Date: Thu, 23 Jun 2016 10:12:20 -0700
Subject: [PATCH 2/5] Update docs with new scripts

---
 README.md | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index 3d1a9fc..ccbc692 100644
--- a/README.md
+++ b/README.md
@@ -17,13 +17,17 @@ To generate the list of encrypted blobs for puppet forge deployment:
 to decrypt:
 
 
-gpg -d puppet_credentials.asc > puppet_credentials
+```
+bin/decrypt_credentials.sh
+```
 
 
 to encrypt:
 
 
-gpg -a -e -s $(for human in $(cat recipients.txt); do echo "-r ${human}"; done) puppet_credentials
+```
+./bin/encrypt_credentials.sh
+```
 
 
 # syncing labels

From 64814eb257a8200314bbd9a4039f891997029e0b Mon Sep 17 00:00:00 2001
From: Spencer Krum <nibz@spencerkrum.com>
Date: Thu, 23 Jun 2016 10:12:31 -0700
Subject: [PATCH 3/5] Ignore vim swp files in gitignore

---
 .gitignore | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.gitignore b/.gitignore
index f2523b9..3ac4d21 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1 +1,2 @@
 puppet_credentials
+.swp

From 2f5ace34585ce40a989784b4013113754d65813e Mon Sep 17 00:00:00 2001
From: Spencer Krum <nibz@spencerkrum.com>
Date: Thu, 23 Jun 2016 10:12:43 -0700
Subject: [PATCH 4/5] Add rubygems api key to credentials

---
 puppet_credentials.asc | 125 +++++++++++++++++++++--------------------
 1 file changed, 63 insertions(+), 62 deletions(-)

diff --git a/puppet_credentials.asc b/puppet_credentials.asc
index c3e237c..0062100 100644
--- a/puppet_credentials.asc
+++ b/puppet_credentials.asc
@@ -1,66 +1,67 @@
 -----BEGIN PGP MESSAGE-----
 Version: GnuPG v1
 
-hQIMA6yDZbMBdngRAQ//aw+Mw1yx3Cee1SDWt/L2pUZkrpZf7gzPs8vIhRZrcWu6
-xrJj7XgaapG1vL9YY+TNaGJSgKCPuCt61BSaGafouCU3SlXKO2ai2zuQ173ccD2L
-2cgqz3mIIffQyo415zei3Ne89NhZSWuWVAl53Rb71Ta1TP4jhX6DwkYalagRrunA
-tziej9J4cxEyHtVh764nX82OFwZIDq/Ywl1kd9EZpWNJZOPEZOnvi5VnGwqUfldT
-Wwh4sUtk3aXC18GeAyVAU4KcQQc6AH91GJdRQrXr+IAn2fvzz0JFvqdx9kr74Y6k
-7ghCw0Z6ZRELUzMWrKZT3swGi2hlSNYzX8Zp0xG52L4YPW95vdlRzhNKrYLOyakD
-3AIHIPSVNP7mLacqqqrmMRJSo2tIfdlXeNE7rJX67oaCtXGKtlelnyJ9u2orwiPb
-5pEQniTQPhNeABTSZBCusGmfZDNuiXDFimacOvMf0gI6ItGnYGx4TS6M09O/xdZg
-CZpCYthOR3zYS032zLZ3zOL/hEppA2pq3u557UmrYzNERh5tllhkLm3ifsQDYwjL
-hqnKVdZHDvk43mtKwOkivyQCrxhKVjW+u+vOVRMhEpXtEEoBSFwQ07RyPSH77T8i
-Hx8rKJX2JNFfAkv6xDZtbp7O/VMQ8AcAraESVXSAShxcwrIhiuj3gA7WSeXzUcWF
-AgwD6uoht2P68bIBD/9vcueWlxinFF3wcADH3xXN6U3Xh13s2Kdh0ujW3ASGclfm
-BHiHA9qsKcrQeqp3aHwgroqLE0VN+K0VhzN8jYnvawZ91DK6uzkwMnrZ/81ajQjr
-zDh1xkLaZejICTBzJbOGHzEI+iaIbYcVu+Oo6AgIO/sJLXyaST8faqbrOM9Ao8lw
-D+rQqNaeLwRB1TayNy0ZAzCv9mAaSafRkxOMCDRqhTSiTpcnfL6wlUvQDRcTIFFY
-0uvR0vas8JBJcYVKSfPF5fGUzYkkr3ZbUdo8Hwl7l6xGhK5FrHsXZl0w6pAMnxXY
-gXwKt2qTuFCikhi9lVkLqiPFCLMUWjgB/FTuNaTKje/6dHlgReM31qM8dXH+E6rY
-Q+i1F/E/3GF24o7CEbxTohzgNNgK2BZisAUDQULuqH5y8qu2IdD0GpYqGvx36w2D
-0QV156CtBOTfObbUOX+P0aaLssjFFjyk9wliJXb6rfhPaA3ACsLWR9u2YEDIFHFg
-WV+7JqtXE/yeM9fYyZjXvIh7MnA1iSc+EL0QwUxjd9kR60grnmXIpcVbbmR5nInR
-J9A6WYJYRBfKJdb2tyWGDxRsqqW4jle53VKLcJAIi61L8UBm5UL1ftfS7b/3e62v
-K3wTu9LPoweNKGPrxqxUc1jYYRnnzDBFw+gn5AVczDJtSIzkS2QU+4MK+IsHC4UB
-DANIoq9d9zLucgEH/is7YiA82Y5fh/1yGXfEyVbvxgrBWaUgtQbdHVjVCRMHsWIY
-NjUYtttXMEHr3Ed0wq/TX5FBPJRJABS/HMW3dX3ewVmTJld3eLrNu9+CO3Eh77k1
-gKvauEAXvb8G5PLak5wiBd9y7q2hS+SLvo9HytaWAUYlnOSU8Qp36TbF3UoDECjG
-ze37MehDrSY4BqZxv21djFwyNLLZ3vde4zQIJcdrmkqgwBMGSlmhBC4qdiEoYerX
-tA+EqqW0iGPZiq6q/W2lopoOhPJyH7aZCKQD6wL9ikr7pjK2ZtPsRcBLgpG7WRfU
-OvZVmcF4Ec4wgNuGNphYf/iiRj69rfveOpULM2eFAgwDbfHaD7mqMwABD/9+d+tf
-hsxYc3Iu24XXdb+x04+fixmMVCIYPlp4fBbke3xpyYg0dAL7HxPnRDxIlk6Usdvy
-g/qIgb8gWHc0FoeCc75qwwhsfteca5guyejyuIsK72n6c0PMLwr7PppsHyMYvuTz
-uxCL1zuf5mJ9xyQjyxJYUPS+tCXzQqqBsRAi9VCKDER91qt+xZMXW8Z/qWbWFlcF
-QY8DeJw4Zl1L5MIImr66ppfinbDSi9Y2z9i4QZAh6Jtd1lrz37/3oGo1GM2pPnko
-uvvdZQZZz7yGjKQQlTKIP7e+CloiKfauMF4JS4wye/33En8GL30M6BnTyAsFGcvO
-SxBnG9fWPIOYCXnL0W4l+QAsqs4dJy/g1TsOSl9t1IpBW34Hr79e+N3ISNdw1MmA
-v6IqHZ9qlJeeypk0jtlqMOZibfZFJVnmalCZx+IOsBxZcAzSKPuotoR7sPJ5FMGP
-xL/1l+QT7HotH+Z2unR3zZLXD4+ctT67QSkW6thV95MTU6gpjSiL+Xn1wVK9q/v5
-3vg2EzI0iv4LivoOhC9noNWHKnKqd55JsDfv4IcwdgJvGKGdJ5FlOZy6cMdmP76A
-iLx1OTZ3f6FREWC6Fria2H4Zq/P3qdauFgNlpk8E7RtvSMN6ua2LbVVorXhOlWdB
-H/WqkCgh8PS9dBBmVxszk1TvhENZpxAEew3P1tLqASA74/8TfiQ9GW4yuo/RhvaH
-oIV+o6+CB5q/oPBO7ON0aCGigjqdZWLX7xjG0R2d5MkFfK972VWMlyqmcSjrsDFB
-rOKj3Bhdv8nZCjFPYzjxn/6EdUgOkTaheKrBNA0fw848tTGR8Be/lY5FsWzjOTKK
-EXKmwR9Fm9UEWy/a8+NPodWzIYnt3YkM6Qrwwz0bbcryyoamo/chVjG6KoPbFsjE
-sX+SPBWvxGWluPrdHf3RixWjtyTOb+VN8AZYWHcRsEtioV9XIcjNGmkHMe6gzUr4
-/1N5/CxlCHotxptIR9bdwMRtFQO1at5ClpHVHnAbVkLjcDNlFX/nz/s/GGAO8EhB
-8eI08PV5kvUKNhkXW/wTpunKHW8/qqd9RdG2eq0nqcefJ6JkEc+P171/lr/mfpLP
-QUJXOZoDc49GPf/slxEZVeu/uDy1AJPcZr3PAl6ZAgmnPCe4RrHDbtYio8YPsiQ2
-ot+kBUX8WYHaTkXI71aBH1ExpguEL/cBExQPrEzJ94/XxGaGpGbq8fl01zWRGqPl
-68mk7IXdxKropb8jaQqHZOtINSdtmdMKsGrASNEcWMSDX+7dnRS5CDFwB9W3qYi0
-2jLvicJ2go24egteoBnyi1vPubopDseMJN3Szulweqgh5AXzzRXlFOHr4xAVHdCe
-Xbv7U2K733JDdBqpYl4/hP6BPcT4jqCRb84W7fZNpGlmtESv6Hcc5BT8iIeV3Vh1
-H9wyIqaQiddNz/pdawlW4HZyCqaa5AOxqUURrP4PQeVYSdQR+9RHlVEvaLZuNi35
-GMgGjohGKF8mqWFxPweKhl4roBq7PnIi4dKb4f7aihyY4WPIztTF5OReXL9HPvN3
-6La1ujruAUyzzblg87gbemQdEeN1ih4zYSheoiB+UR28f6FUbSw5aikZvyeh91Zo
-Q8W0oHWTZ/klpWqlXAXtPQeQlqehDHwWwRw6ccePZnsvENVVYD+niaaUZzFT6c88
-ybK0j1Rkf/CdoXGnAQm/lnu4TSKhOmT2Ae2hGql1MIJEtuNJcWIZSBRkUlb1caDU
-5k/aoo4yAe3sxwgJdDD7lt92K2ijUG0bN6IDs9Xh0WDl2ohe/9AUKYi4deajbkQN
-XegTV/KFt2fHwiTGqCvr/pK2zj1yLwcudjSpijpYsRszcEjKw3IdK9VosoP1RTtj
-6THZVfXeh9l0yfZdchIdQY0bHSIgu1XLBpLzwmVGWzy0soNMbd6ziYL/gpBOb17/
-u2w3x2SN3LtaBNTV1S9qop8SySLW6GDb9+NNafNcYhiN8f3v/sRUMBeayS/Hkyu7
-MTRMB7loDn0DdrPBMcurqmFS9+nEMHgOzVVsDIAUNOM8C4ocvNkHEksTsOxSRCjz
-8zM8QaJ6FOKfvXCTVOmaLQmDo50aGkLggn9VZCPRy7emavVOAhr3
-=12MC
+hQIMA+rqIbdj+vGyAQ/+P5aC14xL+vlH63bGgQTTBr/9qNYR3OsO9wfW2VAkUu84
+idybXle8umRKb0fVyUY0vNc3TZBs2LHDlXcNmiycoi3uxuE/fk7QRZHhyUvj9AGs
+J60eR378Ztc0sO17GGZhdvbE+FMJ201c2KKgtbNsW6bQcerlt6owgq8RYD1v+H/w
+FznPWQYeIpla409CYpo4H7nxXCG5Nw502/vas2zVlEsgwyeP2/M9rnoAXb207gRp
+Ysqye+vUegwbyA+0qvDXCB/XxxpmxBmLsAcRIl1PQoj4MI2bclKT5Cx9mX9y1FtD
+9vv6DRRwgZnVOzWxhUQtObDzPKKM8H35JV4HTKBSbBcKbZ1U8l4c0ACyCyD/qvAK
+4MpP/hm81PbUFDmw37EisyRz1siucl1O0Q9Dpq+Ydv2JRJylmcNQbTg4GJUd1UTE
+Dk6Fx3SM9o9n97EI3+SjB+Kw27E4oy0jmEpZ25AhF/9I/+AeR2gJNU37N496hiLs
+5g8zjs9UPZFsX6RXcPUXAMkqIVAT7eRjiDnfXigM0mNP+if4YSCu6nb7CK1bPB0N
+C/+ufipQJ3Vv/+zjgsgVk/JCFLc4nhLrpn1gg0ShOSCWWAP1eYFcXMFuyBEE63m/
+ZR+7A2S/jXhE/jIKU7c0o+zo60OINxmf/Csuiqc2ZwdeM5lOZjXiZHofeRHqr6qF
+AQwDSKKvXfcy7nIBB/wMtPgjhicg+KdtXiSbojqD5IiT+b2gplUDVeNMkxBuo/ft
+AzZnW87R5vF1LDwQ7CpqcsXNQqa5O0q/dnFLiCKQFV8JaH0xexmkrmHN4DxJ0Nby
+PKuKCSuMn+JpYM1W2jvnUL+L7CyCii39k7P6nnwzlUJQQ6Rv+4QJSiOeokwdpaXU
+vSBEBYBS7DvKV1Qy3kgzowo9w9oheABicPnblg9Quct9r2VIeNw926dXCIZy48KH
+6SXAqqWUzNZjO/Jx23czOP3pinPkp/TDRe9yMsLCr81KwWLKQwOMaW8xdFhMFGbW
+IICWl+A/rRNAacD3/h4STqpeSBI0pKTYYmVm/uCZhQIMA23x2g+5qjMAARAAjLwu
+dU7kCvAVjHmyPUyPVCXNdaTAEuP3BdFPdgr216EkszvYuu+i93hUpGdhudQ3wlRn
+Ob32UMSTPW1QE7clCyrWf8do4dW7FpKDYu/szHsFPm91atD868FQRqSuc/BI9S3/
+PU8Squ3z/byLnqolvI1gkxigDQKNmbda4dTuaew/KARD/seiX2qx6AlEH+HXss7k
+qtwb+yzZqbrkdgJsiR2C6CEzFwhERckhwvd9WmU4/XV1Op42+nchnaVaD/Qq3VTr
+ZLCC8tNcomIteuH3DetkDLgXSXTuLin5/KIoBI8hMLXXjNCVm19V7g+7hN3Ftj4Z
+Wvmq1CdrDZiSUubQIf5h/y5AALQzdv0W6y4Foy0Dk7FA1W1cys/5NwzLAT6fKdBe
+TiNFS4fvtJ1W0+5wWpIp7FbcLv5Yl6bc8OeHj5TqzodIY/rOBcKSJ2fFAFLZ4EJy
+TQIGXSRzGxcdd6z2biF5kDJ0v0rT6lOUWNa3J1Q6nP/Iq5kNMQ1zG3ay4mbOtqv0
+Kw1PcryK8KbVeyR9rBUlijnz6LnBbvoYxtLqv/eAdC8vFABXqs6VWF3l1S/KhaKj
+rbowOd/hKdEwu6MlguIGBMfm9ft4+QH9zVW07q0kGgrpl5DcUcJROfunaQLTO6Z7
+1aL7WEF9LA5d42P5a3x7HOa2rM1zE/Tzs2XeAJ6FAgwDrINlswF2eBEBEAC2/Jcv
+AoY+UQJCurJAOHODPbMrIwVPXWfkrvGp54eU1Fp7V4qiegBkmKc8QjzlwJhcAGxc
+J2coSShuCbDsfuFZdSyB0IK+ap9rueCHvb5+cIQxdQogEvAU1RbLsQpkwe2d32jB
+Gf3C5T5CxLH3JjCwVShs3oT9k5/eOl1pSAXkFYoIUzuyjBKn3Pa+HFacXq6zs1bq
+50n2W0psPuSPr8mDT0oLEtXay9DiVVczR6Il+YmFHCPxuJDKg9jb2jUMhjZmf3Yh
+ricnm/O1WNBg+X6FnrChHdZiWZxTq1wd9pTNMk7hUyFzATAIrXo1CMOWdEDDfIql
+MkrBf4tRCRO1VSkJmztzuYEaND8ClLL0uELcG8J1s7VaoOCFfpjYWAo2Ogwfj0Ln
+gS3ELuyMT/1OetoDQBKzxUBCsBlotDrCpaJuUvJG77wr1/jdb5855vKWAno/CTBv
+WjZGrrLbYwVjrzwstRefA8E+12uYyLpbhHVxUgZbKd/eEEiU6I9mCAZEvnXoVMR1
+LyDzXZCc/1kf/ynHg9Bkt6rieYNx3zKWi7OtqQqVHk2bcgtdxtpb9SB+oSmuKZSl
+IepLLxt9w/G2d8hvKZci1GsLCvCcEcK1nSW8Vpv5JeSsD3Gbr9xpw/G5ttoFQLNM
+Azqt+SgC5+8d+7fkcpMMi8Rn8xC8LPX2wLoM9NLqAdfol7btOEM7DzMXdbtd723R
+GAhVXKQ/VhnTnPARO42A98kKClS79g7Ux9Z9P5boyFiEynw5I3C2vXYNbD8rkLq8
+qv3kp4neW6vsgm6PjTTr6bZt1yvzgGq4k2sHm2WPqa3HMVgJm9U0DPICV+bkNuUY
+gIQtlJdEiVGMBfEHn6gkNKMEDFwFkTh58aU/MxVYMLKIuqBqHTqDr4BKi+cgvYz9
+5zHfNGYKwb9+qd9ZZOPhzDS4Wy8eazaz+95/LEDY7WzzLFuyPM+uSgtuWbxYkkSE
+wIU6szZcWMSbv/8dGQ6GICJonkzFyNZORxe4wfTzg9DvqnyN1aWXiwRMMxhUD6sx
+Psi+eQr7aQM3i73P7w3xlKqggoGSkXPA9NSgy3XXDvuKAHgWX+17oG2ZJ4msRMOU
+uRcmYRiJKjYHq42+AdUcs8jEabDoO8DIfDlN1bwjRVFyXdWn2UnJXO0u3rWp4MUK
+LKl0TmC1SqS5cQjv3G4eJDksP2CdpS/RKA2jVGdHOfgfaSYi5kq489G+XLihdbMk
+TEkMLY53/vLhP4DAXYbOG0np4zTUB1Ym7DT8f4GOot9VlKumMBgWQEt00nUmyC36
+dOhkIuJRio+w8Pxpl7JCbT17WmhyPmxxecGATwRPAQOVQ1bIx0e5NzebtpLCdrMr
+dw0tO9JCDcR6xaR1XdfapaIfRP6q8F9glDrzbUO1E1fHYyApw90H4p1L8aAq97RC
+rvu2hOIClQAQ1ZAL2q55vks6SEnC5EtrQSpNb+6sZ3f30akG2f8hsJmJg6MHaPej
+EI1oCWi4OwJQYoE0Isbvj7nnUSrXVBn4DfQ5Z+cVChtdxWn6b+U+M9lm0ENey3GM
+FSfrOGl+3/hs3iqoAjpNHE/UyXSa2CxP8d9cwjzBXnMpxbxjNK8XRQCflJxrZB7O
+HFr7nqC30TgDMicXMiFVTVHVjJLuV/+i0D3jPQDIMT1HUZz3WMQm+mOxNxsKnR7s
+zLyrSGc7xSimrhkhlRVIE82w17cH3w8TqLfoIFlhtkYN3ZbZ1BUK2iCMY3bVUOjq
+dkzKNsmcAAaIS7cBmt3cmY9VmySbE5IlNFYMudDKAi6LFbFr7znl64mQWpbjQ7js
+0Lz6wrNo7juLh50orVEM/C1rnATrj/6gzNEHAzjPwuPB9ziXldIp9UVl0QN6SXlf
+rFy0ixovxSV4K0cOcw77gvCPFjN6600Gp8bNnu4vWsM1WZLXrduT7GzrEVJxCYnw
+Pt0KTqSiFSPD1keA1u3w3Zxld3Gm/m5GUcd1DB8gPDE4TUjgLwcRglhfb/3kz2tQ
+LT7p2hJBklkdsgu0H/JLVCc/vxd3HUBZix+vUcDPuqPpdedaiwqQZDtQjGdCqFNn
+BRCXmIZHBvjaXGIKHsuJqpI/o1LPbZnnDxWYW62T0B+Cw0DFo9qZZYN0AGFtrTTM
+7s9RTl9VX/5zV9Cj75F2VZgXxYFYYpiTANKjyFBXa3rL/w==
+=63kz
 -----END PGP MESSAGE-----

From 70d32cabb6c40d9f8eec200a7503af9fcb6144bc Mon Sep 17 00:00:00 2001
From: Spencer Krum <nibz@spencerkrum.com>
Date: Fri, 1 Jul 2016 15:03:20 -0700
Subject: [PATCH 5/5] Improve shell hygiene

---
 README.md                  |  2 +-
 bin/encrypt_credentials.sh | 14 ++++++--------
 2 files changed, 7 insertions(+), 9 deletions(-)

diff --git a/README.md b/README.md
index ccbc692..6482391 100644
--- a/README.md
+++ b/README.md
@@ -18,7 +18,7 @@ to decrypt:
 
 
 ```
-bin/decrypt_credentials.sh
+./bin/decrypt_credentials.sh
 ```
 
 
diff --git a/bin/encrypt_credentials.sh b/bin/encrypt_credentials.sh
index 9748941..4d3c0f7 100755
--- a/bin/encrypt_credentials.sh
+++ b/bin/encrypt_credentials.sh
@@ -4,13 +4,11 @@ set -eu
 
 rm puppet_credentials.asc
 
-recipients=""
-for recp in `cat recipients.txt`
-do
-    echo "--recipient ${recp}"
-    recipients="${recipients} --recipient ${recp}"
-    gpg --recv-keys ${recp}
-done
+while read -r recp; do
+  echo "--recipient ${recp}"
+  recipients="${recipients} --recipient ${recp}"
+  gpg --recv-keys "${recp}"
+done < recipients.txt
 
-gpg --sign --encrypt --armor $recipients puppet_credentials
+gpg --sign --encrypt --armor "${recipients}" puppet_credentials