Skip to content

Instantly share code, notes, and snippets.

/decrypt.rb
Created May 11, 2017

Embed
What would you like to do?
Encrypt/Decrypt chef data bags locally
#!/usr/bin/env ruby
require 'chef/encrypted_data_bag_item'
require 'json'
secret = Chef::EncryptedDataBagItem.load_secret ARGV[0]
to_decrypt = JSON.parse($stdin.read)
id = to_decrypt.delete('id')
decrypted_data = to_decrypt.reduce({}) do |h,(k,v)|
decryptor = Chef::EncryptedDataBagItem::Decryptor.for(v, secret)
h[k] = Chef::JSONCompat.parse(decryptor.decrypted_data)['json_wrapper']
h
end
decrypted_data['id'] = id
puts JSON.dump decrypted_data
#!/usr/bin/env ruby
require 'chef/encrypted_data_bag_item'
require 'json'
secret = Chef::EncryptedDataBagItem.load_secret ARGV[0]
to_encrypt = JSON.parse($stdin.read)
encrypted_data = Chef::EncryptedDataBagItem.encrypt_data_bag_item to_encrypt, secret
puts JSON.dump encrypted_data
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.