jeremymv2/client.rb

## client.rb
# this is the secret used for encrypting/decryting encrypted databags
# https://docs.chef.io/data_bags.html#encrypt-a-data-bag-item
# defaults to /etc/chef/encrypted_data_bag_secret
encrypted_data_bag_secret '/path/to/file/with/secret'

## config.json
# If you define `supermarket-custom-credentials` in the config.json
# delivery-truck will automagically load your Internal Supermarket
# username + pem key from the `delivery-secrets` databag on the Chef Server
# this user credential must have the access needed to publish cookbooks
# and the databag must already exist.

"delivery-truck":{
  "publish": {
    "chef_server": "true",
    "supermarket": "https://supermarket.chef.io",
    "supermarket-custom-credentials": "true"
  }
}

## delivery-secrets.json
# The databag name must be `delivery-secrets`.
# Note that if you don't want to create per-project databag items,
# you can create an organization-wide databag item named: "ENTERPRISE-OGRANIZATION"

{
  "id": "ENTERPRISE-ORGANIZATION-PROJECT",
  "supermarket_user": "the_user_credential_name",
  "supermarket_key": "the_user_credential_pemkey",
}

# the `supermarket_key` above needs to be a PEM key in json format
# it is private key of the above Chef Server user associated with the Supermarket instance
# you can create a json formatted key from a .pem very easily with:
# cat /path/to/priv.pem  | sed s/$/\\\\n/ | tr -d '\n'

# IMPORTANT: The key is to trigger a new login dance between Supermarket and the
# Chef Server so that Supermarket can retrieve the user's most up-to-date public key from the Chef Server.
# To do this, log in and out of the Supermarket UI. Supermarket can only use the user's
# primary key - so if the user has multiple keys in the Chef Server, take this into account.

## deploy.rb
# https://github.com/chef-cookbooks/delivery-sugar/blob/master/README.md#resource-delivery_supermarket
# As an alternative to setting `supermarket-custom-credentials` in `config.json`
# you can also directly utilize the `delivery_supermarket` resource.
# Directly using the `delivery_supermarket` resource allows you to utilize secrets
# from something other than an encrypted databag. For instance, vault.

# https://github.com/chef-cookbooks/delivery-sugar#using-get_chef_vault_data
# load vaults from the `workflow-vaults` databag
secrets = get_chef_vault_data # for encrypted databags use `get_project_secrets`

delivery_supermarket 'share_custom_cookbook' do
  site 'https://my-private-supermarket.example.com'
  user secrets['supermarket_user']
  key secrets['supermarket_key'] # private key of the above Chef Server user associated with the Supermarket instance
  action :share
end
	# this is the secret used for encrypting/decryting encrypted databags
	# https://docs.chef.io/data_bags.html#encrypt-a-data-bag-item
	# defaults to /etc/chef/encrypted_data_bag_secret
	encrypted_data_bag_secret '/path/to/file/with/secret'
	# If you define `supermarket-custom-credentials` in the config.json
	# delivery-truck will automagically load your Internal Supermarket
	# username + pem key from the `delivery-secrets` databag on the Chef Server
	# this user credential must have the access needed to publish cookbooks
	# and the databag must already exist.

	"delivery-truck":{
	"publish": {
	"chef_server": "true",
	"supermarket": "https://supermarket.chef.io",
	"supermarket-custom-credentials": "true"
	}
	}
	# The databag name must be `delivery-secrets`.
	# Note that if you don't want to create per-project databag items,
	# you can create an organization-wide databag item named: "ENTERPRISE-OGRANIZATION"

	{
	"id": "ENTERPRISE-ORGANIZATION-PROJECT",
	"supermarket_user": "the_user_credential_name",
	"supermarket_key": "the_user_credential_pemkey",
	}

	# the `supermarket_key` above needs to be a PEM key in json format
	# it is private key of the above Chef Server user associated with the Supermarket instance
	# you can create a json formatted key from a .pem very easily with:
	# cat /path/to/priv.pem \| sed s/$/\\\\n/ \| tr -d '\n'

	# IMPORTANT: The key is to trigger a new login dance between Supermarket and the
	# Chef Server so that Supermarket can retrieve the user's most up-to-date public key from the Chef Server.
	# To do this, log in and out of the Supermarket UI. Supermarket can only use the user's
	# primary key - so if the user has multiple keys in the Chef Server, take this into account.
	# https://github.com/chef-cookbooks/delivery-sugar/blob/master/README.md#resource-delivery_supermarket
	# As an alternative to setting `supermarket-custom-credentials` in `config.json`
	# you can also directly utilize the `delivery_supermarket` resource.
	# Directly using the `delivery_supermarket` resource allows you to utilize secrets
	# from something other than an encrypted databag. For instance, vault.

	# https://github.com/chef-cookbooks/delivery-sugar#using-get_chef_vault_data
	# load vaults from the `workflow-vaults` databag
	secrets = get_chef_vault_data # for encrypted databags use `get_project_secrets`

	delivery_supermarket 'share_custom_cookbook' do
	site 'https://my-private-supermarket.example.com'
	user secrets['supermarket_user']
	key secrets['supermarket_key'] # private key of the above Chef Server user associated with the Supermarket instance
	action :share
	end