Adoptable Cookbooks List

Looking for a cookbook to adopt? You can now see a list of cookbooks available for adoption!
List of Adoptable Cookbooks

Supermarket Belongs to the Community

Supermarket belongs to the community. While Chef has the responsibility to keep it running and be stewards of its functionality, what it does and how it works is driven by the community. The chef/supermarket repository will continue to be where development of the Supermarket application takes place. Come be part of shaping the direction of Supermarket by opening issues and pull requests or by joining us on the Chef Mailing List.

Select Badges

Select Supported Platforms

RSS

gitlab-attributes-with-secrets (1) Versions 0.1.0

Library for working with vault secrets

Berkshelf/Librarian
Policyfile
Knife
cookbook 'gitlab-attributes-with-secrets', '~> 0.1.0'
cookbook 'gitlab-attributes-with-secrets', '~> 0.1.0', :supermarket
knife cookbook site install gitlab-attributes-with-secrets
knife cookbook site download gitlab-attributes-with-secrets
README
Dependencies
Changelog
Quality

gitlab-attributes-with-secrets-cookbook

Overwrite node attributes with values from a Chef Vault item at run time.

Usage

Suppose your recipe's attributes are in node['my-cookbook']['my-recipe']. You want to store some of the attributes in a Chef Vault called 'my-vault' (with item 'my-item' ) instead of in the node attributes. At the start of your recipe, write:

chef_gem 'chef-vault'
require 'chef-vault'
my_recipe_conf = GitLab::AttributesWithSecrets.get(node, 'my-cookbook', 'my-recipe')

You now have a hash my_recipe_conf which you can use wherever you would otherwise write node['my-cookbook']['my-recipe']. At run time, this hash will contain a mix of regular attributes and secrets.

In the Chef role applied to your nodes that should see the secrets, specify which vault and vault item to use.

{
  "my-cookbook": {
    "my-recipe": {
      "not_secret": "everybody is allowed to see this",
      "chef_vault": "my-vault",
      "chef_vault_item": "my-item"
    }
}

In your Chef Vault item, you can just mirror the structure of your node attributes. Note that the 'id' field is used by Chef Vault itself.

{
  "id": "my-item",
  "my-cookbook": {
    "my-recipe": {
      "secret": "need to know only"
    }
  }
}

Then at run time, the my_recipe_conf hash will look like:

{
  "my-cookbook": {
    "my-recipe": {
      "not_secret": "everybody is allowed to see this",
      "secret": "need to know only",
      "chef_vault": "my-vault",
      "chef_vault_item": "my-item"
    }
  }
}

License and Authors

Author:: GitLab B.V. (jacob@gitlab.com) MIT license

Dependent cookbooks

This cookbook has no specified dependencies.

Contingent cookbooks

omnibus-gitlab Applicable Versions

0.1.0

Initial release of gitlab-attributes-with-secrets

Collaborator Number Metric
            

0.1.0 failed this metric

Failure: Cookbook has 1 collaborators. A cookbook must have at least 2 collaborators to pass this metric.

Contributing File Metric
            

0.1.0 failed this metric

Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must contain a CONTRIBUTING.md file

Foodcritic Metric
            

0.1.0 failed this metric

FC064: Ensure issues_url is set in metadata: gitlab-attributes-with-secrets/metadata.rb:1
FC065: Ensure source_url is set in metadata: gitlab-attributes-with-secrets/metadata.rb:1
FC066: Ensure chef_version is set in metadata: gitlab-attributes-with-secrets/metadata.rb:1
FC067: Ensure at least one platform supported in metadata: gitlab-attributes-with-secrets/metadata.rb:1
Run with Foodcritic Version 11.1.0 with tags metadata,correctness ~FC031 ~FC045 and failure tags any

License Metric
            

0.1.0 passed this metric

No Binaries Metric
            

0.1.0 passed this metric

Publish Metric
            

0.1.0 passed this metric

Supported Platforms Metric
            

0.1.0 failed this metric

gitlab-attributes-with-secrets should declare what platform(s) it supports.

Testing File Metric
            

0.1.0 failed this metric

Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must contain a TESTING.md file

Version Tag Metric
            

0.1.0 failed this metric

Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must include a tag that matches this cookbook version number