Created
November 4, 2015 19:12
-
-
Save adampats/04b71642ac01c8ecceac to your computer and use it in GitHub Desktop.
chef data bags encryption
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # create json file in appropriate location, e.g. | |
| ./data_bags/docker/config.json | |
| # add stuff in data_bag format to config.json | |
| nano ./data_bags/docker/config.json | |
| # generate a secret key if you don't have one | |
| openssl rand -base64 512 | tr -d '\r\n' > chef_secret_key | |
| # encrypt it - chef-zero style | |
| knife data bag from file docker config.json -z --secret-file ./data_bags/chef_secret_key | |
| # done - commit your code safely, just don't commit the secret key file! | |
| # show encrypted data_bag contents | |
| knife data bag show docker config -z --secret-file data_bags/chef_secret_key |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment