The Chef-Guard cookbook installs and configures Chef-Guard into your environment
Please check http://xanzy.io/projects/chef-guard for all needed details
This cookbook uses Chef-Vault to store the .pem file content, bookshelf key, and bookshelf secret. The pem file is the private key of the Chef user that Chef-Guard uses to interact with the Chef server and Supermarket. Bookshelf is an internal component of your Chef installation and is used to store uploaded cookbook files.
Please see the following examples for creating the vault items:
knife vault create chef-guard chef.pem -M client -S "name:some-node-search" -A your-chef-username --file chef.pem
The bookshelf keys are created by Chef during install time and are saved in either /etc/chef-server/chef-server-secrets.json (for Open Source Chef) or /etc/opscode/private-chef-secrets.json (for Enterpise Chef and Chef 12) and look something like this in those files:
"bookshelf": {
"access_key_id": "xxxxxx",
"secret_access_key": "yyyyyy"
}
So just get the keys from one of those files and create the vault like this to get yourself going:
knife vault create chef-guard chef.bookshelf -M client -S "name:some-node-search" -A your-chef-username '{"key":"xxxxxx","secret":"yyyyyy"}'
- Fork the repository on Github
- Create a named feature branch (i.e.
add-new-recipe
) - Write your change
- Write tests for your change (if applicable)
- Run the tests, ensuring they all pass
- Submit a Pull Request
Authors: Sander van Harmelen (sander@vanharmelen.nl)
Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at