BagConfig
Making data bag entries the "last mile" of attribute overrides.
What's it do?
This cookbook allows attributes to be provided via data bag entries. It slips functionality into recipes seamlessly to provide consistent functionality across all recipes, not just those explicitly built for it.
Repository
https://github.com/hw-cookbooks/bag_config
Basic Usage
Access attributes the same way as always:
node[:my_cookbook][:my_attribute]
Naming scheme
Data bags
The name of the data bag used will correspond to the name of the base attribute
key used within a cookbook. For example, the base attribute key for the munin
cookbook is munin
thus the data bag name used will be munin
. However, the
chef-client cookbook uses the base attribute key of chef_client
so the data
bag name it uses will be chef_client
.
The naming of the data bag entries are based on the node name with a config_
prefix. Given a node named lucid
, the data bag entry id would be config_lucid
.
Periods are replaced with underscores within the node name for generating the
data bag entry name. Thus, a node named lucid.example.com
would have a data
bag entry id of config_lucid_example_com
.
Quick Ref:
cookbook: chef-client
base key: chef_client
node name: test1.box
data bag name: chef_client
data bag entry id: config_test1_box
Advanced Usage
Custom Data Bag
Example: Use the myconfig
data bag to supply configuration entries for the
nagios
attribute:
node[:bag_config][:nagios] = {:bag => :myconfig}
Custom Data Bag Entry
Example: Use custom_config
data bag entry id under the nagios
base attribute key:
node[:bag_config][:nagios] = {:item => 'custom_config'}
Encrypted Data Bag Entry
Encrypted data bags are supported when the encrypted attribute is set:
- `node[:bag_config][:nagios] = {:encrypted => true}
This will require the secret being provided either inline:
node[:bag_config][:nagios] = {:secret => 'my_secret'}
or as a path to the secret file on the node:
node[:bag_config][:nagios] = {:secret => '/etc/config_secret.file'}
Allowing/Restricting lookups
By default, the every base attribute key used will invoke an attempt to load a configuration data bag item related to that key. To help reduce the number of lookups required on a run, whitelisting and blacklisting on keys is available:
node[:bag_config][:bag_whitelist] = [:nagios, :djbdns]
node[:bag_config][:bag_blacklist] = [:nginx, :apache]
NOTE: The blacklist will always have precedence. This means that if an item has been specified in the whitelist and is also found in the blacklist, it will be blacklisted.
Compatibility Note
This version is incompatible with the 1.x versions. It removes all custom methods from Recipe instances and instead proxies the attribute requests via the node, so no modifications are required for full support.