wonder if anyone can help? I have a cookbook which executes a powershell script to retrieve a password from CyberArk. I then need to use the password in other resources later in the recipe.
Essentially I want to do this:
powershell_script 'get_password' do
code <<-EOH
do stuff
return $password
EOH
end
excute 'a command' do
command "somecommand.exe -option1 blah -option2 blah -password $password"
end
I've been trying to get powershell_out to work like this:
script = <<-EOH
do stuff
return $password
EOH
pword = powershell_out(script)
excute 'a command' do
command "somecommand.exe -option1 blah -option2 blah -password #{pword}"
end
But that doesn't work.
I've also tried node.run_state but I can't get that to work either.
Well resources are not designed to pass information between each other, but you can call the internal powershell_out mixin directly in your recipe noting that the password to be used would be retrieved at compile time in the Chef run rather than at time of resource execution. i.e. don't expect to retrieve a password that is set in the same Chef run in this way. For a simplified example:
password = powershell_out!('write-output "password_here!"').stdout.chomp
execute 'your command' do
command "cmd /c echo #{password}"
end
Of course it's less than ideal to be passing around passwords on the command line so remember to add:
sensitive true
to your execute resource so that any sensitive parameters don't end up in the log.