On 28/12/2009, at 1:20 PM, Jacobo García wrote:
Hi,
I have a problem partially related to chef (it's also a git problem) but I think i'll get better answers in the chef list than in git's one.
The problem is that I have to mantain different chef repositories since I'm doing chef work for a couple of companys and also I want to publish recipes code to github. I am looking for strategies to do this.
All repositories share the same code except what I call 'sensible data', (passwords, certs, etc...) So 95% of the files in the repository are exactly the same except those ones. What's the best way to keep this sensible files private to my clients and also be able to spread changes between repositories?
The site-cookbooks override mechanism is how we've always solved this. You can add templates, remote files, .., .. to a cookbook just by adjusting your cookbook_path setting. Something like:
cookbook_path %w{site-cookbooks cookbooks}.collect{|s| "/srv/chef/#{s}"}
Will ensure assets located in /srv/chef/site-cookbooks/<foo> are used before the ones in /srv/chef/cookbooks/<foo>
Alternatively, consider keeping offline integration branches with the secure data.
Thank you very much.