Add two configuration options to chef_server provision:
  encrypted_data_bag_secret_key_path - the location of your encrypted secret key on your local machine
  encrypted_data_bag_secret - the location you wish to place the key on the target machine and the value of Chef::Config[:encrypted_data_bag_secret]. Default value of "/etc/chef/encrypted_data_bag".
This commit is contained in:
Jamie Winsor 2011-06-26 22:30:39 -07:00 committed by Mitchell Hashimoto
parent 096c8b284f
commit 7c89ef3de2
4 changed files with 21 additions and 2 deletions

View File

@ -15,6 +15,8 @@ module Vagrant
attr_accessor :file_cache_path
attr_accessor :file_backup_path
attr_accessor :environment
attr_accessor :encrypted_data_bag_secret_key_path
attr_accessor :encrypted_data_bag_secret
def initialize
super
@ -23,6 +25,8 @@ module Vagrant
@client_key_path = "/etc/chef/client.pem"
@file_cache_path = "/srv/chef/file_store"
@file_backup_path = "/srv/chef/cache"
@encrypted_data_bag_secret_key_path = nil
@encrypted_data_bag_secret = "/etc/chef/encrypted_data_bag_secret"
end
def validate(errors)
@ -45,6 +49,7 @@ module Vagrant
chown_provisioning_folder
create_client_key_folder
upload_validation_key
upload_encrypted_data_bag_secret if config.encrypted_data_bag_secret_key_path
setup_json
setup_server_config
run_chef_client
@ -63,6 +68,11 @@ module Vagrant
env.ui.info I18n.t("vagrant.provisioners.chef.upload_validation_key")
vm.ssh.upload!(validation_key_path, guest_validation_key_path)
end
def upload_encrypted_data_bag_secret
env.ui.info I18n.t("vagrant.provisioners.chef.upload_encrypted_data_bag_secret_key")
vm.ssh.upload!(encrypted_data_bag_secret_key_path, config.encrypted_data_bag_secret)
end
def setup_server_config
setup_config("chef_server_client", "client.rb", {
@ -73,7 +83,8 @@ module Vagrant
:client_key => config.client_key_path,
:file_cache_path => config.file_cache_path,
:file_backup_path => config.file_backup_path,
:environment => config.environment
:environment => config.environment,
:encrypted_data_bag_secret => config.encrypted_data_bag_secret
})
end
@ -96,6 +107,10 @@ module Vagrant
def validation_key_path
File.expand_path(config.validation_key_path, env.root_path)
end
def encrypted_data_bag_secret_key_path
File.expand_path(config.encrypted_data_bag_secret_key_path, env.root_path)
end
def guest_validation_key_path
File.join(config.provisioning_path, "validation.pem")

View File

@ -10,6 +10,8 @@ validation_client_name "<%= validation_client_name %>"
validation_key "<%= validation_key %>"
client_key "<%= client_key %>"
encrypted_data_bag_secret "<%= encrypted_data_bag_secret %>"
<% unless environment.nil? %>
environment "<%= environment %>"
<% end %>

View File

@ -465,6 +465,7 @@ en:
json: "Generating chef JSON and uploading..."
client_key_folder: "Creating folder to hold client key..."
upload_validation_key: "Uploading chef client validation key..."
upload_encrypted_data_bag_secret_key: "Uploading chef encrypted data bag secret key..."
running_client: "Running chef-client..."
running_solo: "Running chef-solo..."
invalid_provisioner: "Vagrant::Provisioners::Chef is not a valid provisioner! Use ChefSolo or ChefServer instead."

View File

@ -162,7 +162,8 @@ class ChefServerProvisionerTest < Test::Unit::TestCase
:client_key => @config.client_key_path,
:file_cache_path => @config.file_cache_path,
:file_backup_path => @config.file_backup_path,
:environment => @config.environment
:environment => @config.environment,
:encrypted_data_bag_secret => @config.encrypted_data_bag_secret
})
@action.setup_server_config