Mantaining several chef repositories


#1

Hi,

I have a problem partially related to chef (it’s also a git problem) but I
think i’ll get better answers in the chef list than in git’s one.

The problem is that I have to mantain different chef repositories since I’m
doing chef work for a couple of companys and also I want to publish recipes
code to github. I am looking for strategies to do this.

All repositories share the same code except what I call ‘sensible data’,
(passwords, certs, etc…) So 95% of the files in the repository are exactly
the same except those ones. What’s the best way to keep this sensible files
private to my clients and also be able to spread changes between
repositories?

Thank you very much.

Jacobo García López de Araujo
blog: http://robotplaysguitar.com
http://workingwithrails.com/person/13395-jacobo-garc-a


#2

Hello,

On 28/12/2009, at 1:20 PM, Jacobo García wrote:

Hi,

I have a problem partially related to chef (it’s also a git problem) but I think i’ll get better answers in the chef list than in git’s one.

The problem is that I have to mantain different chef repositories since I’m doing chef work for a couple of companys and also I want to publish recipes code to github. I am looking for strategies to do this.

All repositories share the same code except what I call ‘sensible data’, (passwords, certs, etc…) So 95% of the files in the repository are exactly the same except those ones. What’s the best way to keep this sensible files private to my clients and also be able to spread changes between repositories?

The site-cookbooks override mechanism is how we’ve always solved this. You can add templates, remote files, …, … to a cookbook just by adjusting your cookbook_path setting. Something like:

cookbook_path %w{site-cookbooks cookbooks}.collect{|s| “/srv/chef/#{s}”}

Will ensure assets located in /srv/chef/site-cookbooks/ are used before the ones in /srv/chef/cookbooks/

Alternatively, consider keeping offline integration branches with the secure data.

Thank you very much.

Jacobo García López de Araujo
blog: http://robotplaysguitar.com
http://workingwithrails.com/person/13395-jacobo-garc-a

Cheers!


Arjuna Christensen, Software Development Engineer
Opscode, Inc.
E: aj@opscode.com