I am using a ruby block to get the secret value. However, I want to change it in a way so that secret is not stored as node attribute. Otherwise, it can be visible when viewing attributes in Chef.
ruby_block 'load_acl_master_token' do
block do
secret = Chef::EncryptedDataBagItem.load_secret("/etc/chef/app_encrypted_data_bag_secret")
acl_master_token = Chef::EncryptedDataBagItem.load("app_consul_secrets", "app_consul_acl_mastertoken", secret)
node.set['cluster']['acl_master_token'] = acl_master_token['keyval']
end
only_if { node['cluster']['acl'] == true }
end
bootstrap_json = Chef::JSONCompat.to_json_pretty(node['consul']['config'].to_hash)
rb_bootstrap_hash = JSON.parse(bootstrap_json)
require "active_support/core_ext/hash"
rb_cluster_hash_acl_master_token = rb_bootstrap_hash.deep_merge({ "acl_master_token" => acl_master_token['uuidgen'] } )
How can I write the same code in more efficient way?
the code looks like below
rb_cluster_hash_acl_master_token = rb_bootstrap_hash.deep_merge({ "acl_master_token" => acl_master_token['uuidgen'] } )
And, i get this error
NameError
---------
No resource, method, or local variable named acl_master_token' for Chef::Recipe "server"' `
should i make acl_master_token['uuidgen'] as lazy attribute. If yes, how will it look like??
I am able to use lambda to lazily evaluate an arbitrary variable with Chef.
rb_cluster_hash_acl_master_token = lambda { rb_cluster_hash_acl_policy.deep_merge({ "acl_master_token" => acl_master_token['uuidgen'] } ) }