chef - [chef] Re: Re: decrypted data bag missing data, ruby 1.8.7 vs rvm 1.9.3

Subscribers: 1946
Owners
Bryan McLellan
Joshua Timberman
Nathen Harvey
Seth Chisamore
Serdar Sutay

Subscribe
Unsubscribe
Info
Archive

Post

RSS
Shared documents

General discussion about Chef

[chef] Re: Re: decrypted data bag missing data, ruby 1.8.7 vs rvm 1.9.3

From: AJ Christensen < >
To:
Subject: [chef] Re: Re: decrypted data bag missing data, ruby 1.8.7 vs rvm 1.9.3
Date: Fri, 31 Aug 2012 09:42:19 +1200

Dan,

Where do you chuck that?  knife.rb (encryption) or client.rb
(decryption) or bolth?

--AJ

On 31 August 2012 09:40, Daniel DeLeo
< >
wrote:
>
> On Thursday, August 30, 2012 at 2:35 PM,
>
>  wrote:
>
>
> hi. anyone know what's going on here? i was updating an encrypted data bag
> item today. when i decrypted it in order to edit the json, i found entries
> missing in the decrypted form when using rvm 1.9.3.
>
> the entries missing were all "_cert" entries in the decrypted form. in the
> decrypted form all the "_key" entries were intact. when displaying the data
> bag item in encrypted form, all entires were intact. see below.
>
> anyone know what's going on?
>
> thanks,
> kallen
>
>
> [zahadum chef-repo]$ rvm use 1.9.3
> Using /home/kallen/.rvm/gems/ruby-1.9.3-p194
> Running /home/kallen/.rvm/hooks/after_use
> [zahadum chef-repo]$ knife data bag show secrets webproxy-vacaynow-x509
> --secret-file ~/.chef/encrypted_data_bag_secret -Fj > decrypted.omfg.json
>
> decrypted.omfg.json looks like this, entries missing:
>
> {
> "wildcard_mysite_key": "-----BEGIN RSA PRIVATE
> KEY-----\nMIIEpAIBAAKCA\nxxxxSNIP_GOOD_DATA\n",
> "wildcard_mysite_cert": "",
> "wildcard_anothersite-admin_key": "-----BEGIN PRIVATE
> KEY-----\nMIIEvQIB\nxxxSNIP_GOOD_DATA\n",
> "wildcard_anothersite_cert": "",
> "id": "webproxy-vacaynow-x509"
> }
>
> if i don't decrypt, the "_cert" entries are intact:
>
> [zahadum chef-repo]$ knife data bag show secrets webproxy-vacaynow-x509 -Fj
> | grep _cert
> "wildcard_mysite_cert": "Vcd646sJ/Cy8xxxx we're cool",
> "wildcard_anothersite_cert": "Bg8xjDjVLh2oIOz8h we're cool",
>
>
>
> if i use the system ruby, 1.8.7, this problem does not occur.
>
> [zahadum chef-repo]$ which ruby
> /usr/bin/ruby
> [zahadum chef-repo]$ ruby -v
> ruby 1.8.7 (2010-08-16 patchlevel 302) [i686-linux]
> [zahadum chef-repo]$ knife data bag show secrets webproxy-vacaynow-x509
> --secret-file ~/.chef/encrypted_data_bag_secret -Fj > decrypted.good.json
>
> {
> "wildcard_mysite_key": "-----BEGIN RSA PRIVATE
> KEY-----\nMIIEpAIBAAKCA\nxxxxSNIP_GOOD_DATA\n",
> "wildcard_mysite_cert": "MIIFhTCCBG2gAw\nxxxxSNIP_GOOD_DATA\n",
> "wildcard_anothersite-admin_key": "-----BEGIN PRIVATE
> KEY-----\nMIIEvQIB\nxxxSNIP_GOOD_DATA\n",
> "wildcard_mysite_cert": "MIIFYTCCBEmgAw\nxxxxSNIP_GOOD_DATA\n",
> "id": "webproxy-vacaynow-x509"
> }
>
>
> [zahadum chef-repo]$ lsb_release -a
> No LSB modules are available.
> Distributor ID: Ubuntu
> Description: Ubuntu 11.04
> Release: 11.04
> Codename: natty
>
> http://tickets.opscode.com/browse/CHEF-3393
>
> Workaround is:
>  YAML::ENGINE.yamler = 'syck' if RUBY_VERSION > '1.9'
>
> ...until we figure out a fix that doesn't break people or just kick the can
> down the road.
>
> --
> Daniel DeLeo
>

[chef] decrypted data bag missing data, ruby 1.8.7 vs rvm 1.9.3, kallen, 08/30/2012
- [chef] Re: decrypted data bag missing data, ruby 1.8.7 vs rvm 1.9.3, AJ Christensen, 08/30/2012
- [chef] Re: decrypted data bag missing data, ruby 1.8.7 vs rvm 1.9.3, Daniel DeLeo, 08/30/2012
  - [chef] Re: Re: decrypted data bag missing data, ruby 1.8.7 vs rvm 1.9.3, AJ Christensen, 08/30/2012
    - [chef] Re: Re: Re: decrypted data bag missing data, ruby 1.8.7 vs rvm 1.9.3, Daniel DeLeo, 08/30/2012
  - [chef] Re: Re: decrypted data bag missing data, ruby 1.8.7 vs rvm 1.9.3, kallen, 08/30/2012