Hi all, I have a requirement where I want to change password in cassandra using chef, for that I am maintaining old and new cassandra passwords in databag and using them in recipe. In my recipe I am creating a file to store old password and then checking If the old password file exits I will trigger some password change action on cassandra.
I have a data_bag with old_cassandra_password and new_cassandra_password as below
cassandra{
old_password : cassandra
new_password : newpasswd
}
and my recipe has below content:
pwd_state_file = "some_dir/.pwd_state"
prev_password = nil
ruby_block "read_previous_password" do
block do
prev_password = File.exists?(pwd_state_file) ? File.read(pwd_state_file) : node.run_state['cassandra_old_password']
end
action :nothing
end
file pwd_state_file do
content node.run_state['cassandra_new_password']
notifies :run, 'ruby_block[read_previous_password]', :before
notifies :run, 'custome_block[change_cassandra_password]', :immediately
action :create
end
The problem here is that the .pwd_state
is empty since the local variable prev_password
is not updated by ruby block,
also I have requirement the I can change password multiple time, can someone please me out with updating the prev_password
during runtime or some advice on best practise or approaches for how to handle passwords in this kind of scenerio .