I’m in an environment where secrets (i.e. passwords) are stored encrypted
in an external service.
I’d like to be able to pull those values in and have them used by Chef.
I can write some nasty code in my attributes file to do it but I’d have to
place that code in each attributes file since I understand that libraries
are not available to attributes files.
Is there a better or right way to share some code for fetching and decoding
these attributes?
Or does anyone have any other bright ideas? Alas I’m not at liberty to use
encrypted data bags or chef server so this is all via chef-solo.
I'm in an environment where secrets (i.e. passwords) are stored encrypted
in an external service.
I'd like to be able to pull those values in and have them used by Chef.
I can write some nasty code in my attributes file to do it but I'd have to
place that code in each attributes file since I understand that libraries
are not available to attributes files.
Is there a better or right way to share some code for fetching and
decoding these attributes?
Or does anyone have any other bright ideas? Alas I'm not at liberty to use
encrypted data bags or chef server so this is all via chef-solo.
Is anyone aware of a way to load libraries from another cookbook without requiring a recipe from it? A depends statement isn't enough in metadata.rb to make them available in my experience. I usually just dump an empty recipe in the cookbook containing the library I want to use. Is this expected / designed behavior or should I fix it?
I'm in an environment where secrets (i.e. passwords) are stored encrypted in an external service.
I'd like to be able to pull those values in and have them used by Chef.
I can write some nasty code in my attributes file to do it but I'd have to place that code in each attributes file since I understand that libraries are not available to attributes files.
Is there a better or right way to share some code for fetching and decoding these attributes?
Or does anyone have any other bright ideas? Alas I'm not at liberty to use encrypted data bags or chef server so this is all via chef-solo.
On Friday, August 22, 2014 at 7:14 AM, Daniel Condomitti wrote:
Is anyone aware of a way to load libraries from another cookbook without requiring a recipe from it? A depends statement isn't enough in metadata.rb to make them available in my experience. I usually just dump an empty recipe in the cookbook containing the library I want to use. Is this expected / designed behavior or should I fix it?
Dan depends ought to do it. If it didn’t then you couldn’t include_recipe from another cookbook and all sorts of things wouldn’t be working. Can you come up with a reproduction case that demonstrates the behavior you’re seeing?
Yeah I’ll try to put one together. Now that I think about it we’re on 11.6.0 but I started using that workaround/haven’t tested since 10.16.
On Friday, August 22, 2014 at 10:27 AM, Daniel DeLeo wrote:
On Friday, August 22, 2014 at 7:14 AM, Daniel Condomitti wrote:
Is anyone aware of a way to load libraries from another cookbook without requiring a recipe from it? A depends statement isn't enough in metadata.rb to make them available in my experience. I usually just dump an empty recipe in the cookbook containing the library I want to use. Is this expected / designed behavior or should I fix it?
Dan
depends ought to do it. If it didn’t then you couldn’t include_recipe from another cookbook and all sorts of things wouldn’t be working. Can you come up with a reproduction case that demonstrates the behavior you’re seeing?
If yes, then my experience is that this isn't working.
Yours
Steffen
On 22/08/14 16:30, Daniel Condomitti wrote:
Yeah I’ll try to put one together. Now that I think about it we’re on 11.6.0 but I started using that workaround/haven’t tested since 10.16.
On Friday, August 22, 2014 at 10:27 AM, Daniel DeLeo wrote:
On Friday, August 22, 2014 at 7:14 AM, Daniel Condomitti wrote:
Is anyone aware of a way to load libraries from another cookbook without requiring a recipe from it? A depends statement isn't enough in metadata.rb to make them available in my experience. I usually just dump an empty recipe in the cookbook containing the library I want to use. Is this expected / designed behavior or should I fix it?
Dan
depends ought to do it. If it didn’t then you couldn’t include_recipe from another cookbook and all sorts of things wouldn’t be working. Can you come up with a reproduction case that demonstrates the behavior you’re seeing?
If yes, then my experience is that this isn't working.
Yours
Steffen
Attribute files are eval’d in the context of the Chef::Node object, not Chef::Node::Attribute. In any case, when you include your helper, your code is basically the same as node.node[“gerrit”][“version”], which is why you get the NoMethodError.
I'm in an environment where secrets (i.e. passwords) are stored encrypted
in an external service.
I'd like to be able to pull those values in and have them used by Chef.
I can write some nasty code in my attributes file to do it but I'd have to
place that code in each attributes file since I understand that libraries
are not available to attributes files.
Is there a better or right way to share some code for fetching and
decoding these attributes?
Or does anyone have any other bright ideas? Alas I'm not at liberty to use
encrypted data bags or chef server so this is all via chef-solo.
I'm in an environment where secrets (i.e. passwords) are stored encrypted
in an external service.
I'd like to be able to pull those values in and have them used by Chef.
I can write some nasty code in my attributes file to do it but I'd have
to place that code in each attributes file since I understand that
libraries are not available to attributes files.
Is there a better or right way to share some code for fetching and
decoding these attributes?
Or does anyone have any other bright ideas? Alas I'm not at liberty to
use encrypted data bags or chef server so this is all via chef-solo.
