General discussion about Chef

[chef] Re: Re: Using libraries in attributes file to fetch values from a service.


Chronological Thread 
  • From: Tom Duckering < >
  • To:
  • Subject: [chef] Re: Re: Using libraries in attributes file to fetch values from a service.
  • Date: Tue, 26 Aug 2014 14:00:21 +0100
Yes - it's home grown. Asymmetrically encrypted secrets served over HTTP. Private key given to you at deploy time.

Various problems with it but it's been built by others.


On 25 August 2014 16:29, Benjamin Bytheway < " target="_blank"> > wrote:
Out of curiosity, what kind of external service are you using to store these secrets, something home grown?

-Ben Bytheway


On Fri, Aug 22, 2014 at 6:14 AM, Tom Duckering < " target="_blank"> > wrote:
Hi,

I'm in an environment where secrets (i.e. passwords) are stored encrypted in an external service.

I'd like to be able to pull those values in and have them used by Chef.

I can write some nasty code in my attributes file to do it but I'd have to place that code in each attributes file since I understand that libraries are not available to attributes files.

Is there a better or right way to share some code for fetching and decoding these attributes?

Or does anyone have any other bright ideas? Alas I'm not at liberty to use encrypted data bags or chef server so this is all via chef-solo.

Thanks

Tom




--
Tom Duckering
ThoughtWorks UK

phone:07811 393 010
mailto: " target="_blank">
skype:tomduckering

Archive powered by MHonArc 2.6.16.

§