Adoptable Cookbooks List

Looking for a cookbook to adopt? You can now see a list of cookbooks available for adoption!
List of Adoptable Cookbooks

Supermarket Belongs to the Community

Supermarket belongs to the community. While Chef has the responsibility to keep it running and be stewards of its functionality, what it does and how it works is driven by the community. The chef/supermarket repository will continue to be where development of the Supermarket application takes place. Come be part of shaping the direction of Supermarket by opening issues and pull requests or by joining us on the Chef Mailing List.

Select Badges

Select Supported Platforms

Select Status

RSS

data-bag-merge (10) Versions 0.2.0

Installs/Configures data-bag-merge

Policyfile
Berkshelf
Knife
cookbook 'data-bag-merge', '= 0.2.0', :supermarket
cookbook 'data-bag-merge', '= 0.2.0'
knife supermarket install data-bag-merge
knife supermarket download data-bag-merge
README
Dependencies
Quality 0%

data-bag-merge Cookbook

This cookbook gives you the ability to store environment and node configuration
in data bags (including encrypted ones).

No cookbook would then need changing to support getting credentials from data bag,
as it will be able to read the merged attributes from the data bag.

Encrypting sensitive environment and node configuration is important, as you
shouldn't allow anyone to access this information, including VCS (Version control systems)

The encryption secret key can then be stored elsewhere, and data bags decrypted
by it at the point of chef converge.

Attributes

data-bag-merge::environment

<table>
<tr>
<th>Key</th>
<th>Type</th>
<th>Description</th>
<th>Default</th>
</tr>
<tr>
<td><tt>['data-bag-merge']['environments']['data_bag_name']</tt></td>
<td>String</td>
<td>Name of the data bag to fetch environment data from</td>
<td><tt>environments</tt></td>
</tr>
<tr>
<td><tt>['data-bag-merge']['environments']['encrypted']</tt></td>
<td>String</td>
<td>Flag to determine whether to try to access as an encrypted data bag</td>
<td><tt>true</tt></td>
</tr>
<tr>
<td><tt>['data-bag-merge']['environments']['format']</tt></td>
<td>String</td>
<td>Option to change style of attributes (default/override/default_override)',</td>
<td><tt>default_override</tt></td>
</tr>
<tr>
<td><tt>['data-bag-merge']['environments']['secret_path']</tt></td>
<td>String</td>
<td>Optional path to the secret file that decrypts the encrypted data bag, nil will use the path supplied in the chef config</td>
<td><tt>nil</tt></td>
</tr>
</table>

data-bag-merge::node

<table>
<tr>
<th>Key</th>
<th>Type</th>
<th>Description</th>
<th>Default</th>
</tr>
<tr>
<td><tt>['data-bag-merge']['nodes']['data_bag_name']</tt></td>
<td>String</td>
<td>Name of the data bag to fetch node data from</td>
<td><tt>nodes</tt></td>
</tr>
<tr>
<td><tt>['data-bag-merge']['nodes']['encrypted']</tt></td>
<td>String</td>
<td>Flag to determine whether to try to access as an encrypted data bag</td>
<td><tt>true</tt></td>
</tr>
<tr>
<td><tt>['data-bag-merge']['nodes']['format']</tt></td>
<td>String</td>
<td>Option to change style of attributes (default/override/default_override)',</td>
<td><tt>default_override</tt></td>
</tr>
<tr>
<td><tt>['data-bag-merge']['nodes']['secret_path']</tt></td>
<td>String</td>
<td>Optional path to the secret file that decrypts the encrypted data bag, nil will use the path supplied in the chef config</td>
<td><tt>nil</tt></td>
</tr>
</table>

Usage

data-bag-merge::environment

Include data-bag-merge::environment in your node's run_list at the very top
of the run-list and define the node's environment

Node

{
  "name":"my_node",
  "environment": "production",
  "run_list": [
    "recipe[data-bag-merge::environment]"
  ],
  "item_with_normal": "normal value",
  "item_with_override": "normal value"
}

Encrypted Data Bag environments/production

{
  "id": "production",
  "default_attributes": {
    "item_with_default": "default value",
    "item_with_normal": "default value"
  },
  "override_attributes": {
    "item_with_override": "override value"
  }
}

Result

{
  "item_with_default": "default value",
  "item_with_normal": "normal value",
  "item_with_override": "override value"
}

This will access the data bag environments/production, merging it's data into
the node's defaults.

data-bag-merge::node

Include data-bag-merge::node in your node's run_list at the very top of the
run-list and define the node's environment

Node

{
  "name":"my_node",
  "environment": "production",
  "run_list": [
    "recipe[data-bag-merge::node]"
  ],
  "item_with_normal": "normal value",
  "item_with_override": "normal value"
}

Encrypted Data Bag nodes/my_node

{
  "id": "production",
  "default_attributes": {
    "item_with_default": "default value",
    "item_with_normal": "default value"
  },
  "override_attributes": {
    "item_with_override": "override value"
  }
}

Result

{
  "item_with_default": "default value",
  "item_with_normal": "normal value",
  "item_with_override": "override value"
}

This will access the data bag nodes/my_node, merging it's data into the node's
defaults.

definitions

Chef definitions are provided for additionally providing custom data bag merges

e.g.

encrypted_data_bag_merge "custom" do
  data_bag "my-custom-bag"
  item 'my-bag-item'
end

Contributing

  1. Fork the repository on Github
  2. Create a named feature branch (like add_component_x)
  3. Write your change
  4. Write tests for your change (if applicable)
  5. Run the tests, ensuring they all pass
  6. Submit a Pull Request using Github

License and Authors

License: MIT
Authors: Andy Thompson

Dependent cookbooks

This cookbook has no specified dependencies.

Contingent cookbooks

There are no cookbooks that are contingent upon this one.

Foodcritic Metric
            

0.2.0 failed this metric

FC015: Consider converting definition to a LWRP: /tmp/cook/4908d7b9fb3dd4dc716021d8/data-bag-merge/definitions/data_bag_merge.rb:1
FC015: Consider converting definition to a LWRP: /tmp/cook/4908d7b9fb3dd4dc716021d8/data-bag-merge/definitions/encrypted_data_bag_merge.rb:1