diff options
| author | Eric Williams <eric@subcritical.org> | 2019-02-25 19:09:39 +0000 |
|---|---|---|
| committer | Server Team CI Bot <josh.powers+server-team-bot@canonical.com> | 2019-02-25 19:09:39 +0000 |
| commit | 8cfcc28db1acc7594dbbf76b846f4964f40f9e63 (patch) | |
| tree | ac44551ef435e5d5e1d59dd7a84bb30608883417 /cloudinit | |
| parent | 34f54360fcc1e0f805002a0b639d0a84eb2cb8ee (diff) | |
| download | vyos-cloud-init-8cfcc28db1acc7594dbbf76b846f4964f40f9e63.tar.gz vyos-cloud-init-8cfcc28db1acc7594dbbf76b846f4964f40f9e63.zip | |
Enable encrypted_data_bag_secret support for Chef
Encrypted data bags require a secrets file to be present to
decrypt, and the location of the file must be configured the
Chef client configuration file, client.rb.
This update enables cloud-init's chef module to update that
setting in client.rb.
LP: #1817082
Diffstat (limited to 'cloudinit')
| -rw-r--r-- | cloudinit/config/cc_chef.py | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/cloudinit/config/cc_chef.py b/cloudinit/config/cc_chef.py index 46abedd1..a6240306 100644 --- a/cloudinit/config/cc_chef.py +++ b/cloudinit/config/cc_chef.py @@ -51,6 +51,7 @@ file). chef: client_key: + encrypted_data_bag_secret: environment: file_backup_path: file_cache_path: @@ -114,6 +115,7 @@ CHEF_RB_TPL_DEFAULTS = { 'file_backup_path': "/var/backups/chef", 'pid_file': "/var/run/chef/client.pid", 'show_time': True, + 'encrypted_data_bag_secret': None, } CHEF_RB_TPL_BOOL_KEYS = frozenset(['show_time']) CHEF_RB_TPL_PATH_KEYS = frozenset([ @@ -124,6 +126,7 @@ CHEF_RB_TPL_PATH_KEYS = frozenset([ 'json_attribs', 'file_cache_path', 'pid_file', + 'encrypted_data_bag_secret', ]) CHEF_RB_TPL_KEYS = list(CHEF_RB_TPL_DEFAULTS.keys()) CHEF_RB_TPL_KEYS.extend(CHEF_RB_TPL_BOOL_KEYS) |