Enable encrypted_data_bag_secret support for Chef

Encrypted data bags require a secrets file to be present to decrypt, and the location of the file must be configured the Chef client configuration file, client.rb. This update enables cloud-init's chef module to update that setting in client.rb. LP: #1817082
author: Eric Williams <eric@subcritical.org> 2019-02-25 19:09:39 +0000
committer: Server Team CI Bot <josh.powers+server-team-bot@canonical.com> 2019-02-25 19:09:39 +0000
commit: 8cfcc28db1acc7594dbbf76b846f4964f40f9e63 (patch)
tree: ac44551ef435e5d5e1d59dd7a84bb30608883417 /templates
parent: 34f54360fcc1e0f805002a0b639d0a84eb2cb8ee (diff)
download: vyos-cloud-init-8cfcc28db1acc7594dbbf76b846f4964f40f9e63.tar.gz
vyos-cloud-init-8cfcc28db1acc7594dbbf76b846f4964f40f9e63.zip
1 files changed, 4 insertions, 1 deletions
diff --git a/templates/chef_client.rb.tmpl b/templates/chef_client.rb.tmpl
index cbb6b15f..99978d3b 100644
--- a/templates/chef_client.rb.tmpl
+++ b/templates/chef_client.rb.tmpl
@@ -1,6 +1,6 @@
 ## template:jinja
 {#
-This file is only utilized if the module 'cc_chef' is enabled in 
+This file is only utilized if the module 'cc_chef' is enabled in
 cloud-config. Specifically, in order to enable it
 you need to add the following to config:
   chef:
@@ -56,3 +56,6 @@ pid_file               "{{pid_file}}"
 {% if show_time %}
 Chef::Log::Formatter.show_time = true
 {% endif %}
+{% if encrypted_data_bag_secret %}
+encrypted_data_bag_secret "{{encrypted_data_bag_secret}}"
+{% endif %}
author	Eric Williams <eric@subcritical.org>	2019-02-25 19:09:39 +0000
committer	Server Team CI Bot <josh.powers+server-team-bot@canonical.com>	2019-02-25 19:09:39 +0000
commit	8cfcc28db1acc7594dbbf76b846f4964f40f9e63 (patch)
tree	ac44551ef435e5d5e1d59dd7a84bb30608883417 /templates
parent	34f54360fcc1e0f805002a0b639d0a84eb2cb8ee (diff)
download	vyos-cloud-init-8cfcc28db1acc7594dbbf76b846f4964f40f9e63.tar.gz vyos-cloud-init-8cfcc28db1acc7594dbbf76b846f4964f40f9e63.zip