Encrypted-attribute cookbook relies on Chef::REST?


#1

Hit an issue when trying to read an encrypted attribute using @zuazo_onddo’s useful cookbook.

On one node sits my DB, with auto-generated encrypted passwords, however my automated client connections are on another node. This seemed to be a simple enough solution on the client:

# Install Encrypted Attributes gem
include_recipe 'encrypted_attributes'
# Expose the public key for encryption
include_recipe 'encrypted_attributes::expose_key'

# Include the #secure_password method from the openssl cookbook
self.class.send(:include, Opscode::OpenSSL::Password)

# Include the Encrypted Attributes cookbook helpers
self.class.send(:include, Chef::EncryptedAttributesHelpers)

# Encrypted Attributes will be grabbed from a remote node
def retrieve_mysql_password(user)
  key = "server_#{user}_password"
  dev_server =  node['my-app']['db-server']
  encrypted_attribute_read_from_node("#{db_server}", ['mysql-core', key])
end

However Chef doesn’t agree (compile-time failure):

  NameError
  ---------
  uninitialized constant Chef::REST

  Relevant File Content:
  ----------------------
  /var/chef/cache/cookbooks/encrypted_attributes/libraries/encrypted_attributes_helpers.rb:

Being new to Chef, I couldn’t find my way to the source of the issue, any suggestions? I’m aware that I could go the databag route, but given my previous point I’d rather stay within my comfort zone if at all possible for now…


#2

Hi mossy,

  uninitialized constant Chef::REST

This error was fixed in master by Eric Blevins a couple of weeks ago.

I just released version 0.9.0 of the gem with the fix.

I hope this helps with your problem.


#3

I shall upgrade later today, try it out and then let you know. Thanks Zauzo


#4

OK. Any feedback is welcome.

The cookbook is a bit old and may need some updating. Don’t hesitate to open an issue if you encounter any problem:


#5

Will do. The issue was parked for the short term, but is on the critical path so will be revisited in the next few days.


#6

Works, many thanks!