chef - [chef] Re: Validation Error using encrypted databags on windows

Subscribers: 1946
Owners
Bryan McLellan
Joshua Timberman
Nathen Harvey
Seth Chisamore
Serdar Sutay

Subscribe
Unsubscribe
Info
Archive

Post

RSS
Shared documents

General discussion about Chef

[chef] Re: Validation Error using encrypted databags on windows

From: Tyler Ball < >
To: Sachin Gupta < >
Cc: " " < >
Subject: [chef] Re: Validation Error using encrypted databags on windows
Date: Wed, 18 Feb 2015 09:22:24 -0800

Hey Sachin, can you try it with Chef Client 12.x? If `knife data bag show` works but EncryptedDataBagItem does not, I think an upgrade might fix the issue.

-T

On Feb 17, 2015, at 11:53 PM, Sachin Gupta < " class=""> > wrote:

Hi Tyler,

I am using chef client 11.18.0 and chef solo for my development.

C:\Users\sachkkum\chef-repo>knife data bag show credentials WinTest -z --secret-file D:\Secret_key_Win\encrypted_data_bag_secret
id:       WinTest
password: sachin
username: Admin

C:\Users\sachkkum\chef-repo>

these are the same credentials which I had previously set while creating databag.

I don't understand why I am getting this error,
[2015-02-18T13:21:11+05:30] FATAL: Chef::Exceptions::ValidationFailed: Data Bag Items must contain a Hash or Mash!

I my recipe , I am only using

#secret = Chef::EncryptedDataBagItem.load_secret('D:\Secret_key_Win\encrypted_data_bag_secret')
win_cred=Chef::EncryptedDataBagItem.load("credentials","WinTest")

win_username=win_cred["username"]
win_passwd=win_cred["password"]

Thanks
Sachin

On Wed, Feb 18, 2015 at 4:31 AM, Tyler Ball < " target="_blank" class=""> > wrote:
Hey Sachin - I tried duplicating your steps with the latest ChefDK (0.4.0) on both Windows and OSX and was unable to duplicate it. Are you using ChefDK or the Chef omnibus install? In either case, can you try updating to the latest version and seeing if it is still a problem?

Can you also try running `knife data bag show credentials WinTest -z --secret-file D:\Secret_key_Win\encrypted_data_bag_secret`? That will exercise the same code path that running your recipe does.

-T

On Feb 17, 2015, at 10:17 AM, Sachin Gupta < " target="_blank" class=""> > wrote:

Hi Tyler,

These are the steps I am executing for creating data bags on windows

C:\Users\sachkkum\chef-repo>set RANDFILE=D:\Secret_key_Win\.rnd

C:\Users\sachkkum\chef-repo>openssl rand -base64 2048 > D:\Secret_key_Win\encrypted_data_bag_secret

C:\Users\sachkkum\chef-repo>set EDITOR="%windir%\system32\notepad.exe"

C:\Users\sachkkum\chef-repo>knife data bag create --local-mode credentials WinTest --secret-file D:\Secret_key_Win\encrypted_data_bag_secret
Created data_bag[credentials]
Created data_bag_item[WinTest]

C:\Users\sachkkum\chef-repo>cat data_bags\credentials\WinTest.json
{
"id": "WinTest",
"username": {
    "encrypted_data": "IvDS8Sb+ZS3Xwl5sw74/17moKk/fwnkMMeEycCTlJvY=\n",
    "iv": "UakZ8xbJtsUI+aB04nSEeg==\n",
    "version": 1,
    "cipher": "aes-256-cbc"
},
"password": {
    "encrypted_data": "qKJqOTKFWeuE9HznSy+7+/KxsURHvcK3+b7CClBSB2U=\n",
    "iv": "j4cMqNGiMWzAJA8W1ssFRg==\n",
    "version": 1,
    "cipher": "aes-256-cbc"
}
}
C:\Users\sachkkum\chef-repo>

--------- Inside the recipe I am calling load data bags function--
secret = Chef::EncryptedDataBagItem.load_secret('D:\Secret_key_Win\encrypted_data_bag_secret')
win_cred=Chef::EncryptedDataBagItem.load("credentials","WinTest", secret)

while loading I am getting error message as "FATAL: Chef::Exceptions::ValidationFailed: Data Bag Items must contain a Hash or Mash!"

attached is the chef-stractrace.out

Thanks
Sachin

On Tue, Feb 17, 2015 at 10:20 PM, Tyler Ball < " target="_blank" class=""> > wrote:
Hey Sachin, I would like to see the full stacktrace of that exception. Can you enable debug logging(`-l debug`), run it again and grab the stacktrace? You may also see a message like `Stacktrace dumped to c:/chef/cache/chef-stacktrace.out` showing where the stacktrace is stored.

-T

On Feb 16, 2015, at 7:05 PM, Sachin Gupta < " target="_blank" class=""> > wrote:

Hi Julian,

I changed the data_bag_path
data_bag_path "C:\\Users\\sachkkum\\chef-repo\\data_bags" or data_bag_path 'C:\Users\sachkkum\chef-repo\data_bags'
but still the same error

Chef::Exceptions::ValidationFailed
----------------------------------
Data Bag Items must contain a Hash or Mash!

Thanks
Sachin

On Mon, Feb 16, 2015 at 11:32 PM, Julian C. Dunn < " target="_blank" class=""> > wrote:
On Mon, Feb 16, 2015 at 2:53 AM, Sachin Gupta
< " target="_blank" class=""> > wrote:

> In my solo.rb, I had made these entries
>
> data_bag_path root 'C:\chef-repo\data_bags'

Is that literally what it says? What is "root"?

- Julian

--
[ Julian C. Dunn < " target="_blank" class=""> > * Sorry, I'm ]
[ WWW: http://www.aquezada.com/staff/julian   * only Web 1.0 ]
[ gopher://sdf.org/1/users/keymaker/ * compliant! ]
[ PGP: 91B3 7A9D 683C 7C16 715F 442C 6065 D533 FDC2 05B9 ]

<chef-stacktrace.out>

[chef] Validation Error using encrypted databags on windows, Sachin Gupta, 02/15/2015
- [chef] Re: Validation Error using encrypted databags on windows, Julian C. Dunn, 02/16/2015
  - [chef] Re: Re: Validation Error using encrypted databags on windows, Sachin Gupta, 02/16/2015
    - [chef] Re: Validation Error using encrypted databags on windows, Tyler Ball, 02/17/2015
      - [chef] Re: Validation Error using encrypted databags on windows, Sachin Gupta, 02/17/2015
        
        [chef] Re: Validation Error using encrypted databags on windows, Tyler Ball, 02/17/2015
        
        [chef] Re: Validation Error using encrypted databags on windows, Sachin Gupta, 02/17/2015
        
        [chef] Re: Validation Error using encrypted databags on windows, Tyler Ball, 02/18/2015