meallhour
Reputation: 15599
How to get value of encrypted data bag secret within Test Kitchen
I have added data_bags_path and encrypted_data_bag_secret_key_path within kitchen.yml as follows:
provisioner:
name: chef_zero
chef_omnibus_url: omni-url/chef/install.sh
roles_path: 'test/integration/default/roles'
data_bags_path: "test/integration/default/data_bags"
encrypted_data_bag_secret_key_path: "test/integration/default/encrypted_data_bag_secret"
I believe the above copies the encrypted_data_bag_secret to a file named encrypted_data_bag_secret under /tmp/kitchen/
That is why, in my recipe I am calling secret as follows:
secret = Chef::EncryptedDataBagItem.load_secret("/tmp/kitchen/encrypted_data_bag_secret")
encryptkey = Chef::EncryptedDataBagItem.load("tokens", "encryptkey", secret)
However, the test kitchen is failing with following error:
No such file or directory - file not found '/tmp/kitchen/encrypted_data_bag_secret'
Upvotes: 3
Views: 1225
Answers (1)
coderanger
Reputation: 54251
In general you probably don't want to use encrypted data bags in your tests. If you do want to use the encryption for some reason (really, don't) use the normal data_bag_item() API which does the key loading for you.
Upvotes: 2
Related Questions
- How do I insert an encrypted data bag item value into a Chef recipe?
- Encrypt data bag from inside of ruby without relying on knife
- How to read an encrypted data bag in a chef recipe?
- how to create\edit encrypted data bag item from a chef recipe
- Access chef data bag in recipe
- Encrypted chef data bag json file, how to decrypt and show contents?
- Chef Decryption of Data Bags and Retrieval of Key
- Chef on Vagrant Box: Can't find encrypted data bag secret
- Iterating over EncryptedDataBagItem in Chef Recipe
- How to access current values from a Chef data bag?