encrypt a list

[nicefuture2016]

I have a yaml like this:

global:
  imageRegistry: "harbor-test.com/new-buss"
  imagePullSecrets:
    - harbor-core
  storageClass: "ceph-filesystem"
env:
  - name: log_env
    value: 'new-buss'
  - name: log_env
    value: "new-buss"
  - name: randomkey
    value: "2022-12-0815:11:10"
  - name: _JAVA_OPTIONS
    value: "-Xmx2048m -Xms2048m -Dlog_env=prod"
  - name: active_profiles
    value: prod
  - name: discovery_addr
    value: nacos-cs.nacos.svc.cluster.local:8848
  - name: label
    value: new-buss-prod
  - name: nacos_username
    value: nacos
  - name: nacos_password
    value: dsadsad2dasdsa

I wan to encrypt imagePullSecrets and env.nacos_username env.nacos_password only

How can i create the .sops.yaml

[nicefuture2016]

anyone can help？I appreciate it

[felixfontein]

For imagePullSecrets you can use encrypted_regex, but for env[].name and env[].value you need something like encrypted_comment_regex. Since encrypted_comment_regex is mutually exclusive with encrypted_regex you need to use encrypted_comment_regex with all three I guess.