Chef-Vault examples of encrypting in recipes?


Does anyone have any code examples of creating a new chef-vault item within
a chef recipe, and uploading to the Chef server? Is that even possible
without using an “admin” PEM file, and simply using the node’s PEM file?

I was successful in using chef-vault via knife, but now I have a use case
where I need to create an user account, AND store the secret all within the
same recipe.

Another issue I ran into - how do you guys deal with the face that new
nodes are not authorized to access chef-vault items, due to having to
re-run the knife command which re-runs the search for the keys of
authorized nodes? Do you kick it off after you provision every VM?