I would like to add nodes to a certain vault before creating them, for example:
All vagrant machines that I provision with vagrant up that has the patter vagrant-dev-* could acces the chef vault secrets.
If i try to do this, I've got a warning that no one machine is on chef with that pattern.
WARNING: No clients were returned from search, you may not have got what you expected!!
If I try the command after the machine is provisioned it works, but then the provision fails because the machine does not have acces to the vault for configure the sensitive information.
knife vault create secrets root -M client -S "name:vagrant-dev-*"
How can I make the machines have access to the vaul before provisioning them?
Unfortunately this is not possible. For something to be added to a vault it needs to have an RSA public key available on the Chef Server. This is generally done as part of the node bootstrap and client creation. This is a structural limitation of this whole category of asymmetric pre-encryption systems, the keys for all secrets consumers must be known at the time of the pre-encryption process.