[chef] How should I handle the problem of the pubkey auth for git repos in Chef recipes?


Chronological Thread 
  • From: Marcelo de Moraes Serpa < >
  • To:
  • Subject: [chef] How should I handle the problem of the pubkey auth for git repos in Chef recipes?
  • Date: Mon, 12 Nov 2012 22:43:52 -0600

Hello list,

I want to use Chef as "executable documentation" for my server(s) infrastructure. The classic Chef+Chef Server (or opscode platform) conf is overkill for me, so I'm using the "good old" chef-solo.

I'm writing my own recipe as a way to practice. The goal of this recipe is to describe my current Server in Chef, and allow me to recreate it somewhere else (both server provisioning and app provisioning). I'm using Vagrant to test it out.

My question is: How should I handle the problem of the pubkey auth for git repos? Is there a way to "tunnel" the private key from my workstation? I've seen the "secret databag" solution, but I found it a bit awkward to setup. Another solution perhaps would be to go to the server and manually create a key pair, upload the pub key to github and then point to it in the recipe configuration, however, this requires some manual labor that can't be avoided (uploading the key to github).

What would be the best way to solve this problem? Any insights appreciated!

Thanks in advance,

- Marcelo.



Archive powered by MHonArc 2.6.16.

§