- From: Brad Knowles <
- To: Tahir Raza <
- Cc: Brad Knowles <
- Subject: [chef-dev] Re: Can encrypted data bag json file be decrypted?
- Date: Fri, 27 Apr 2012 11:57:32 -0500
On Apr 27, 2012, at 10:59 AM, Tahir Raza wrote:
> I have an encrypted data bag json file that I'd like to check-in into
> GIT/SVN. Can I do "knife data bag from file BAG ALREADY-ENCRYPTED-FILE".
Good question. I'd expect that to work, so long as you have the exact same
/etc/chef/encrypted_data_bag_secret on both the old and new machines.
> The intention is to avoid doing the manual process of encrypting the
> data-bag everytime chef-server is re-created but rather be able to use
> previously encrypted data-bags and just do "knife data bag from file ..."
> on all my data bags.
> So far I havent found anything fruitful on the web. I have tried "knife
> data bag show passwords mysql -Fj >data_bags/passwords.json" from
> jtimberman's code blog but that hasn't worked.
> Any recommendations would be appreciated.
> I am using chef 10.2.
10.2? Do you mean 0.10.2? If so, that's pretty old -- 0.10.10 is in late
beta (iirc), and 0.10.8 has been out for a while.
SAGE Level IV, Chef Level 0.0.1
Archive powered by MHonArc 2.6.16.