chef - [chef] Re: Re: Re: Re: Re: Issue with encrypted data bags

First login ?
Lost password ?

Subscribers: 1946
Owners
Bryan McLellan
Joshua Timberman
Nathen Harvey
Seth Chisamore
Serdar Sutay

Subscribe
Unsubscribe
Info
Archive

Post

RSS
Shared documents

General discussion about Chef

[chef] Re: Re: Re: Re: Re: Issue with encrypted data bags

From: "steve ." < >
To: " " < >
Subject: [chef] Re: Re: Re: Re: Re: Issue with encrypted data bags
Date: Wed, 26 Jun 2013 17:04:12 -0700

Hi Russ,

If it's trivial for you to do so, could you try downgrading the guest to chef-client 11.4.0 and trying your run in that environment?

I developed this whole big fancy RunDeck cookbook with self-provisioning data bags (encrypted + plaintext) against Chef 11.4.0 nodes and it broke with almost the same error once I started testing it in Chef 11.4.4 / 10.26.0...

(There were other changes I had to make in order to get it to play nice in that org, but if you're doing something similar, perhaps it's not my overly-ambitious code that is buggy? :D )

On Tue, Jun 18, 2013 at 1:32 PM, Russ Lavoy < " target="_blank"> > wrote:

I just upgraded the client on the vagrant system..

chef-client -v
Chef: 11.4.4

Still have the same issue.

Thanks

From: Russ Lavoy < " target="_blank"> >
To: Daniel DeLeo < " target="_blank"> >
Cc: " " target="_blank"> " < " target="_blank"> >
Sent: Tuesday, June 18, 2013 3:29 PM
Subject: [chef] Re: Re: Re: Issue with encrypted data bags

My chef client on vagrant is:

chef-client -v
Chef: 10.14.2

My knife command was:
knife data bag create production passwords --secret-file /etc/chef/encrypted_data_bag_secret

Thanks,

From: Daniel DeLeo < " target="_blank"> >
To: Russ Lavoy < " target="_blank"> >
Cc: " " target="_blank"> " < " target="_blank"> >
Sent: Tuesday, June 18, 2013 3:22 PM
Subject: Re: [chef] Re: Re: Issue with encrypted data bags

On June 18, 2013 at 2:44:22 PM, Russ Lavoy ( " target="_blank"> ) wrote:
I am having an issue with encrypted data bags with chef 11.4.4 and vagrant 1.2.2.

I was able to successfully create, show encrypted and decrypted data bags with no issue via knife.

But once I dropped it into a recipe it threw me an error.

Here is the portion of the recipe that does not error.

secret = Chef::EncryptedDataBagItem.load_secret("#{node[:production][:secretpath]}") - This spits back the contents of the /etc/chef/encrypted_data_bag_secret

When I add the below it throws an error
pass_keys = Chef::EncryptedDataBagItem.load("production", "passwords", secret)

<error>
[2013-06-18T18:43:48+00:00] FATAL: Chef::Exceptions::ValidationFailed: Data Bag Items must contain a Hash or Mash!

</error>

Not sure why I am getting this issue.

Any help would be good.

Thanks!

A few questions:

* How'd you upload the data bag item to the server? (Specific knife command)

* What version of Chef client is running?
--
Daniel DeLeo

[chef] Issue with encrypted data bags, Russ Lavoy, 06/18/2013
- [chef] Re: Issue with encrypted data bags, Nic Grayson, 06/18/2013
  - [chef] Re: Re: Issue with encrypted data bags, Russ Lavoy, 06/18/2013
    - [chef] Re: Re: Re: Issue with encrypted data bags, Daniel DeLeo, 06/18/2013
      - [chef] Re: Re: Re: Issue with encrypted data bags, Russ Lavoy, 06/18/2013
        
        [chef] Re: Re: Re: Re: Issue with encrypted data bags, Russ Lavoy, 06/18/2013
        
        [chef] Re: Re: Re: Re: Re: Issue with encrypted data bags, steve ., 06/26/2013