Chef: Load Attributes from encrypted databag in json role
Posted
by
jcvj
on Server Fault
See other posts from Server Fault
or by jcvj
Published on 2014-04-24T11:43:13Z
Indexed on
2014/06/03
21:27 UTC
Read the original article
Hit count: 158
I'm want to use the postfix cookbook for chef. The sasl password is expected to be in an attribute. So usually you would do this:
"default_attributes": {
"postfix": {
"sasl": {
"smtp_sasl_passwd": "somepassword"
}
}
}
The thing is: I don't want to have the password in the repository in plain text. So I put it in an encrypted data bag. Now I want to access it. This can be done with this:
Chef::EncryptedDataBagItem.load("passwords", "postfix")['password']
The problem: This only works in a .rb file, but my role is in json; all my roles are in json! I don't want to change that just for this purpose. Does anybody have an idea what to do here? Help is very appreciated.
© Server Fault or respective owner