Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

Merge pull request #816 from Oakie3CR/chef-solo-encrypted-databags

Add encrypted data bag options to chef-solo
  • Loading branch information...
commit a1b16fd96d80439fca0c40470a608710b3439f50 2 parents f4719a4 + b4e24c9
@mitchellh authored
View
16 lib/vagrant/provisioners/chef_solo.rb
@@ -15,6 +15,10 @@ class Config < Chef::Config
attr_accessor :data_bags_path
attr_accessor :recipe_url
attr_accessor :nfs
+ attr_accessor :encrypted_data_bag_secret_key_path
+ attr_accessor :encrypted_data_bag_secret
+
+ def encrypted_data_bag_secret; @encrypted_data_bag_secret || "/tmp/encrypted_data_bag_secret"; end
def initialize
super
@@ -86,6 +90,7 @@ def provision!
verify_binary(chef_binary_path("chef-solo"))
chown_provisioning_folder
+ upload_encrypted_data_bag_secret if config.encrypted_data_bag_secret_key_path
setup_json
setup_solo_config
run_chef_solo
@@ -155,6 +160,12 @@ def share_folders(prefix, folders)
end
end
+ def upload_encrypted_data_bag_secret
+ env[:ui].info I18n.t("vagrant.provisioners.chef.upload_encrypted_data_bag_secret_key")
+ env[:vm].channel.upload(encrypted_data_bag_secret_key_path,
+ config.encrypted_data_bag_secret)
+ end
+
def setup_solo_config
cookbooks_path = guest_paths(@cookbook_folders)
roles_path = guest_paths(@role_folders).first
@@ -167,6 +178,7 @@ def setup_solo_config
:recipe_url => config.recipe_url,
:roles_path => roles_path,
:data_bags_path => data_bags_path,
+ :encrypted_data_bag_secret => config.encrypted_data_bag_secret,
})
end
@@ -207,6 +219,10 @@ def verify_shared_folders(folders)
end
end
+ def encrypted_data_bag_secret_key_path
+ File.expand_path(config.encrypted_data_bag_secret_key_path, env[:root_path])
+ end
+
protected
# Extracts only the remote paths from a list of folders
View
2  templates/provisioners/chef_solo/solo.erb
@@ -6,6 +6,8 @@ cookbook_path <%= cookbooks_path.inspect %>
role_path <%= roles_path.inspect %>
log_level <%= log_level.inspect %>
+encrypted_data_bag_secret "<%= encrypted_data_bag_secret %>"
+
<% if data_bags_path -%>
data_bag_path <%= data_bags_path.inspect %>
<% end %>
View
3  test/unit_legacy/vagrant/provisioners/chef_solo_test.rb
@@ -87,7 +87,8 @@ class ChefSoloProvisionerTest < Test::Unit::TestCase
:cookbooks_path => @action.guest_paths(@action.cookbook_folders),
:recipe_url => @config.recipe_url,
:roles_path => @action.guest_paths(@action.role_folders).first,
- :data_bags_path => @action.guest_paths(@action.data_bags_folders).first
+ :data_bags_path => @action.guest_paths(@action.data_bags_folders).first,
+ :encrypted_data_bag_secret => @config.encrypted_data_bag_secret
})
@action.setup_solo_config
Please sign in to comment.
Something went wrong with that request. Please try again.