This plugin contains various file based utilities for manipulating files in a Chef repository. Right now, you can encrypt and decrypt .json files in place, without first uploading to a Chef server (which is useful for generating encrypted files for a repository.)
These commands will output to stdout:
knife file encrypt
knife file decrypt
These commands are interactive, and will write to a file by default:
knife file create
knife file edit
This plugin is distributed as a Ruby Gem. To install it, run:
gem install knife-file
Depending on your system configuration, you may need to run this command with root privileges.
For `knife file encrypt` and `knife file decrypt`, you will need to specify either –secret or –secret-file.
For `knife file create` and `knife file edit`, –secret/–secret-file is optional.
Encrypting a file with a secret keyword
knife file encrypt FILE --secret KEYWORD
Encrypting a file with a secret key file
knife file encrypt FILE --secret-file path/to/file
Decrypt a file with a secret key file, and output in JSON to a file
knife file decrypt FILE --secret-file path/to/file -Fj > foobar.json
Decrypt a file with a secret key file, open $EDITOR and save the changed file, encrypted
knife file edit FILE --secret-file path/to/file
Create an encrypted file called “test.json” from scratch
knife file create test --secret-file path/to/file