Ability to optionally set human-readable name to keys in sops config file

[ajvb]

I'd like to be able to set a name for each key in a sops config file. The main benefit for this is the potential to vastly improve error messages on decryption failures when you have a number of PGP keys within the config file. Currently you will have a huge error output and it can be difficult to parse what error is relevant to your key, especially if you don't immediately recognize your fingerprint.

[autrilla]

It'd also be nice to be able to do the same for key groups.

It might also be worth it to support something like:

keys:
- name: user1
  pgp: 1022470DE3F0BC54BC6AB62DE05550BC07FB1A0A
- name: kms-prod
  kms: arn:aws:kms:us-west-2:927034868273:key/fe86dd69-4132-404c-ab86-4269956b4500
groups:
- name: operators
  keys:
  - user1
creation_rules:
- path_regex: \.ops\.yaml$
  key_groups:
  - operators
- path_regex: .*
  key_groups:
  - name: prod
    keys:
    - kms-prod

Although perhaps it's too complex

[hobti01]

We put comments in the file which helps:

creation_rules:
  # Operators
  - path_regex: .some-secrets.yaml
    key_groups:
      - pgp:
        # Robot (Deployer)
        - 0367E722878D9586894386ED2E38389A4F9B4FAE
        # Robot (Global Backup)
        - 09EA6D8A1B5E8CE18F3C9FC845E5EF716FB2B767