Yo,
You can put the secret anywhere.
The third argument is a string to the path of the file containing the key.
If you put your key in /etc/chef/encrypted_data_bag_secret, the
default value of Chef::Config[:encrypted_data_bag_secret], you can
omit the third argument.
Here are the codes for loading the secret:
https://github.com/opscode/chef/blob/master/chef/lib/chef/encrypted_data_bag_item.rb#L105-127
HTH
–AJ
On 22 October 2011 09:52, Maven User < "> > wrote:
> Hi all -
>
> In the example on the opscode wiki,
> http://wiki.opscode.com/display/chef/Encrypted+Data+Bags there's an example
> on how to point to a non-standard place for your secret file:
>
> mysql_creds = Chef::EncryptedDataBagItem.load("passwords", "mysql", secret)
>
>
> I'm struggling a bit with the "secret" in the above statement. From what I
> can tell, that can be a path (string) to the place where the secret file
> is. But for the life of me, I can't seem to get that to click. I keep
> getting a "bad decrypt" stacktrace.
>
> Is that supposed to be a path or the contents of the file?
>
> Any suggestions?
>
>
Archive powered by MHonArc 2.6.16.