我使用以下密钥创建加密数据包。密钥加载在文件/etc/chef/encrypted_data_bag_secret中的服务器节点上:
ERKYMi6xbv36xkrg1N4eXOuKbI6f5zogCXOGNyrs66fjRXI7wtOvK7eA5A9XJcJGdcAt0EuTQcZKtwY5mmTGn21OEOEZlcxWBekB/2NmmVSJJSoA2xlya2dm3CZ97gLES8g4z/XKfNJHP07/cDOnmpCjFWMRSE/qEld/a+YgmW2oTF4zqTHteik0ePclebh7SXSd4lf+GL1oip2aM3yXY6ZJBd6yraXm8CPWfvrswk7VmqnmMGFqR0xi7pSPCOFrmHRs1gxskrqKfbnts0Zy0UU+MNzp5rDIlKHmLL5KO014vDkukV4dIiR2CxjeldJsaqGvRvPC7VIVC2HyMJvAqW772dpi0y5wiBd5HhcjAIQrfqIvVXNLg7Zjk6Eh1xxESe2YJUF7djHAJfru6Hv5b8DsQq/z6OgLJtTkToILRNmd4sBV66CAvw3m0xC4PUhi4c+7pTBiqV1/q+dTQhx2k7G0GM9hsRosCP0Erz7H3jfyUroUPPEMWMsgqXP33fNEz3txBHDPM2L1PcObzT2FHXjHQMgsaTH+oIqlLXWmnqBAtZTIMkG49DVIjj9NrkiN5267+rlIJORAGV6CY7QX4TKuTZqcReYmLpcdMA33Tzius/ife3TOZoN8IoPb1RFLQfn3KFAwI50eOQ0KyEYDKjzwmJOkra5jcEww4GNlzd4=
我使用以下命令创建了数据包:
knife data bag create tokens masterkey --secret-file PATH_TO_SECRET
现在,在配方中,我使用data_bag_items API来检索数据包项的值,如下所示:
value = data_bag_item("tokens", "masterkey", "/etc/chef/encrypted_data_bag_secret")
token2_hash = lambda { token1_hash.deep_merge({ "value" => value['key'] } ) }
但是,我收到编译时错误:
ERROR: Error decrypting data bag value: 'bad decrypt'. Most likely the provided key is incorrect