Skip to content

@matschaffer /create_data_bag.rb

Embed URL


Subversion checkout URL

You can clone with
Download ZIP
Creating local encrypted data bags
require 'rubygems'
require 'chef/encrypted_data_bag_item'
secret = Chef::EncryptedDataBagItem.load_secret('data_bag_key')
data = {"id" => "mysql", "root" => "some secret password"}
encrypted_data = Chef::EncryptedDataBagItem.encrypt_data_bag_item(data, secret)
FileUtils.mkpath('data_bags/passwords')'data_bags/passwords/mysql.json', 'w') do |f|
f.print encrypted_data.to_json

I'm using a variant of this, seems like the encrypted string is keeping the \n newline char at the end like this:



It looks like base64 encoding so whitespace shouldn't pose a problem. Are you seeing an error?


yes, sorry, it works fine.


Here's a script that can be used to edit an encrypted databag in place. It makes some assumptions about paths but those are adjustable:


Very nice. Here is a generic script for taking a databag file and encrypting it

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Something went wrong with that request. Please try again.