Adoptable Cookbooks List

Looking for a cookbook to adopt? You can now see a list of cookbooks available for adoption!
List of Adoptable Cookbooks

Supermarket Belongs to the Community

Supermarket belongs to the community. While Chef has the responsibility to keep it running and be stewards of its functionality, what it does and how it works is driven by the community. The chef/supermarket repository will continue to be where development of the Supermarket application takes place. Come be part of shaping the direction of Supermarket by opening issues and pull requests or by joining us on the Chef Mailing List.

Select Badges

Select Supported Platforms

Select Status

RSS

chef-conceal (1) Versions 0.1.0

Adds a decrypt function so you can store secrets in attributes.

Policyfile
Berkshelf
Knife
cookbook 'chef-conceal', '~> 0.1.0', :supermarket
cookbook 'chef-conceal', '~> 0.1.0'
knife supermarket install chef-conceal
knife supermarket download chef-conceal
README
Dependencies
Quality 33%

chef-conceal

Chef-conceal is a gem and chef recipe that includes a helpful DSL method to decrypt attributes with encrypted content using the encrypted_data_bag_secret file as the key.

Supported Platforms

  • Ubuntu

Installation

Add chef-conceal to your Berksfile:

cookbook 'chef-conceal'

Usage

In order to use chef-conceal in your recipes, you'll first need to include it:

include_recipe 'chef-conceal'

This will extend the recipe, resource, and provider DSLs with a decrypt convenience method.

Encrypting plaintext

Use the conceal gem (https://github.com/gamepoet/conceal) to encrypt your plaintext into an encoded string. Generating a new password and putting it in the clipboard can be as easy as:

$ ruby -rsecurerandom -e 'print SecureRandom.urlsafe_base64(32)' | conceal encrypt ~/.chef/encrypted_data_bag_secret | pbcopy

Examples

Given a chef environment

$ knife environment show chef_conceal_example
chef_type: environment
default_attributes:
  my_password: '1:aes-256-cbc:toekea56oRvQG1KpJNo2tw==:NjI2MjFmNjliODk4ZDM0YjJmNTQzNzdhMDdlMTBjZjhhMTUyZDQ0NTkyNjVlYjY1ODM4OTk4YmI0NDA0MmFlMDAzNWE4MDYwNjdmMDA3MTAxZWQ1NjBjZGNjMGYxNGNjYTM2YzMzYWIzYzYyNTFjNGYxZWQzNGFkYjkzZTgyN2M3YzBjY2JhNDUzNWVjYjkwY2FmODEzNGJhNWRkZmNmZGI2ZTM0NWI0MzUzMGZhODY1OGIxNjU5NjU0N2JiMDg1NzMxNWEzMmMxYWRiNzBjNWZkZWJhZDFhYzVhMGM4NzllYTQyNjViODVlOWMwYTIxZjM1OGYzZWJkMTBmY2M0Zg==:oh8bn5krZvMKiIzYt5LFEvEZMZt3sDS2Q4jL97Vty0g=:rnaFQ4su+/tSjtondhXKbSlbmbmLSIndPaBA++2kMgw='
json_class: Chef::Environment
name: chef_conceal_example

You could then write a recipe that references the decrypted content of the attribute with the decrypt function which will automatically use your encrypted_data_bag_secret as the key.

include_recipe 'chef-conceal'

log decrypt(node[:my_password])

Authors

Dependent cookbooks

This cookbook has no specified dependencies.

Contingent cookbooks

There are no cookbooks that are contingent upon this one.

Collaborator Number Metric
            

0.1.0 failed this metric

Failure: Cookbook has 0 collaborators. A cookbook must have at least 2 collaborators to pass this metric.

Contributing File Metric
            

0.1.0 failed this metric

Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must contain a CONTRIBUTING.md file

Foodcritic Metric
            

0.1.0 passed this metric

No Binaries Metric
            

0.1.0 passed this metric

Testing File Metric
            

0.1.0 failed this metric

Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must contain a TESTING.md file

Version Tag Metric
            

0.1.0 failed this metric

Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must include a tag that matches this cookbook version number