[chef] populating encrypted_data_bag_secret?

[Brad Knowles < >]

Folks,

We've recently started using encrypted data bags, and we're stumbling over 
the problem of how to populate this file early in the chef-client run, so 
that we don't bomb out on the initial install.

Of course, I've read the posts at <http://jtimberman.github.com/>, as that 
was one of the primary sources of information I used to help get us 
bootstrapped on using encrypted data bags to begin with, but one thing that 
was missing from these posts was any discussion of how to do the population 
of the /etc/chef/encrypted_data_bag_secret file during an initial install.

Looking through the release notes, I found 
<http://tickets.opscode.com/browse/CHEF-2434> which supposedly is fixed in 
0.10.6, but it's not clear to me how to make use of this new feature or how 
to upgrade knife on my workstation to allow me to make use of this new 
feature.  Is this as simple as doing a "gem upgrade knife"?  Does that also 
install the new templates that allow me to pre-populate this file during the 
initial install of a machine?  I'm also curious to learn what happens to the 
old template files that I've been using (especially omnibus.erb).


Any and all assistance you can provide will be appreciated, especially 
including where in TFM that I should be R'ing.  Thanks!

-- 
Brad Knowles 
<
 >
SAGE Level IV, Chef Level 0.0.1