diff options
author | Anshul Sharma <justanshulsharma@gmail.com> | 2014-08-19 18:16:34 +0000 |
---|---|---|
committer | tyler-ball <tyleraball@gmail.com> | 2014-09-29 08:31:07 -0700 |
commit | 4623c6a7f504bbac9a1a847ba3c16f17d9a7e5cf (patch) | |
tree | cf3627a538052c23b69b7188ae3064f1893ac6ce /lib/chef/knife/data_bag_create.rb | |
parent | 5a88d0ef5b64280150f89332544e55144605eeb1 (diff) | |
download | chef-4623c6a7f504bbac9a1a847ba3c16f17d9a7e5cf.tar.gz |
[Feature] encrypted flag to knife data bag create
Diffstat (limited to 'lib/chef/knife/data_bag_create.rb')
-rw-r--r-- | lib/chef/knife/data_bag_create.rb | 27 |
1 files changed, 18 insertions, 9 deletions
diff --git a/lib/chef/knife/data_bag_create.rb b/lib/chef/knife/data_bag_create.rb index bc49c68448..e8ca479fe4 100644 --- a/lib/chef/knife/data_bag_create.rb +++ b/lib/chef/knife/data_bag_create.rb @@ -42,6 +42,11 @@ class Chef :description => "A file containing the secret key to use to encrypt data bag item values", :proc => Proc.new { |sf| Chef::Config[:knife][:secret_file] = sf } + option :encrypted, + :long => "--encrypted", + :description => "Only encrypt data bag when specified.", + :proc => Proc.new { |e| Chef::Config[:knife][:encrypted] = e } + def read_secret if config[:secret] config[:secret] @@ -51,11 +56,15 @@ class Chef end def use_encryption - if config[:secret] && config[:secret_file] - ui.fatal("please specify only one of --secret, --secret-file") - exit(1) + if config[:encrypted] + if config[:secret] && config[:secret_file] + ui.fatal("please specify only one of --secret, --secret-file") + exit(1) + end + config[:secret] || config[:secret_file] + else + false end - config[:secret] || config[:secret_file] end def run @@ -87,11 +96,11 @@ class Chef if @data_bag_item_name create_object({ "id" => @data_bag_item_name }, "data_bag_item[#{@data_bag_item_name}]") do |output| item = Chef::DataBagItem.from_hash( - if use_encryption - Chef::EncryptedDataBagItem.encrypt_data_bag_item(output, read_secret) - else - output - end) + if use_encryption + Chef::EncryptedDataBagItem.encrypt_data_bag_item(output, read_secret) + else + output + end) item.data_bag(@data_bag_name) rest.post_rest("data/#{@data_bag_name}", item) end |