[chef] Re: Re: RE: Best Practices for Retrieving Generated Passwords

[Dane Elwell < >]

On 2012-12-03 16:49, Andrea Campi wrote:

> Another option I've used (if you have some means of authenticating 
> the
> client, e.g. own the network and can ensure IP addresses can't 
> possibly
> be spoofed):
>
> Have the "in-house provisioning application" generate passwords and 
> serve
> a JSON (or other) file.
> It's a rather simple matter to replace data bags uses with a method 
> that
> consumes JSON.
> This usually ends up reducing duplication, and makes it easy to 
> enforce
> any kind of additional constraints you may have.
>
> I will clean up and publish my consume_json cookbook if you are
> interested.
>
> Andrea

That would be quite interesting to see if you don't mind sharing? 
Replacing databags with that means I can invoke my requests directly to 
the other system rather than have that pull from the Chef server. I 
think this would be the best way of going about things for my 
intentions.

Thanks

Dane