- From: AJ Christensen <
>
- To:
- Subject: [chef] Re: encrypted databag question
- Date: Sat, 22 Oct 2011 10:00:48 +1300
Yo,
You can put the secret anywhere.
The third argument is a string to the path of the file containing the key.
If you put your key in /etc/chef/encrypted_data_bag_secret, the
default value of Chef::Config[:encrypted_data_bag_secret], you can
omit the third argument.
Here are the codes for loading the secret:
https://github.com/opscode/chef/blob/master/chef/lib/chef/encrypted_data_bag_item.rb#L105-127
HTH
–AJ
On 22 October 2011 09:52, Maven User
<
>
wrote:
>
Hi all -
>
>
In the example on the opscode wiki,
>
http://wiki.opscode.com/display/chef/Encrypted+Data+Bags there's an example
>
on how to point to a non-standard place for your secret file:
>
>
mysql_creds = Chef::EncryptedDataBagItem.load("passwords", "mysql", secret)
>
>
>
I'm struggling a bit with the "secret" in the above statement. From what I
>
can tell, that can be a path (string) to the place where the secret file
>
is. But for the life of me, I can't seem to get that to click. I keep
>
getting a "bad decrypt" stacktrace.
>
>
Is that supposed to be a path or the contents of the file?
>
>
Any suggestions?
>
>
Archive powered by MHonArc 2.6.16.