Module: Chef::Sugar::DataBag

Extended by:: DataBag

Included in:: DataBag

Defined in:: lib/chef/sugar/data_bag.rb

Defined Under Namespace

Classes: EncryptedDataBagSecretNotGiven

Instance Method Summary collapse

#encrypted_data_bag_item(bag, id, secret = nil) ⇒ Hash

Helper method for loading an encrypted data bag item in a similar syntax/recipe DSL method.
#encrypted_data_bag_item_for_environment(node, bag, id, secret = nil) ⇒ Hash

This algorithm attempts to find the data bag entry for the current node’s Chef environment.

Instance Method Details

#encrypted_data_bag_item(bag, id, secret = nil) ⇒ `Hash`

Helper method for loading an encrypted data bag item in a similar syntax/recipe DSL method.

Parameters:

bag (String) —

the name of the encrypted data bag
id (String) —

the id of the encrypted data bag
secret (String) (defaults to: nil) —

the encrypted data bag secret (default’s to the Chef::Config value)

Returns:

(Hash)

# File 'lib/chef/sugar/data_bag.rb', line 49

def encrypted_data_bag_item(bag, id, secret = nil)
  Chef::Log.debug "Loading encrypted data bag item #{bag}/#{id}"

  secret ||= Chef::Config[:encrypted_data_bag_secret]

  if secret
    Chef::EncryptedDataBagItem.load(bag, id, secret)
  else
    raise EncryptedDataBagSecretNotGiven.new
  end
end

#encrypted_data_bag_item_for_environment(node, bag, id, secret = nil) ⇒ `Hash`

This algorithm attempts to find the data bag entry for the current node’s Chef environment. If there are no environment-specific values, the “default” bucket is used. The data bag must follow the schema:

{
  "default": {...},
  "environment_name": {...},
  "other_environment": {...},
}