kitchen-tests/cookbooks/end_to_end/recipes/_chef-vault.rb


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43

#
# Cookbook:: end_to_end
# Recipe:: chef-vault
#
# Copyright:: Copyright (c) Chef Software Inc.
#

chef_data_bag "creds"

openssl_rsa_private_key "/root/bob_bobberson.pem" do
  key_length 2048
  action :create
end

chef_client "bob_bobberson" do
  source_key_path "/root/bob_bobberson.pem"
end

chef_node "bob_bobberson"

chef_vault_secret "super_secret_1" do
  data_bag "creds"
  raw_data("auth" => "1234")
  admins "bob_bobberson"
  search "*:*"
end

chef_vault_secret "super_secret_2" do
  data_bag "creds"
  raw_data("auth" => "4321")
  admins "bob_bobberson"
end

ruby_block "load vault item" do
  block do
    begin
      chef_vault_item("creds", "super_secret_1")
    rescue ChefVault::Exceptions::SecretDecryption
      puts "Not authorized for this key!"
    end
  end
  action :run
end