module Chef::DSL::ChefVault

def chef_vault(bag)

Returns:
  • (Array) -

Parameters:
  • bag (String) -- Name of the data bag to load from. 
def chef_vault(bag)
  raise "'#{bag}' is not a vault" unless Chef::DataBag.list.include? bag
  pattern = Regexp.new(/_keys$/).freeze
  data_bag(bag).each_with_object([]) do |id, acc|
    acc << id unless pattern.match?(id)
  end
end

def chef_vault_item(bag, id)

Parameters:
  • id (String) -- Identifier of the data bag item to load.
  • bag (String) -- Name of the data bag to load from.

Other tags:
    Note: - 
def chef_vault_item(bag, id)
  if ::ChefVault::Item.vault?(bag, id)
    ::ChefVault::Item.load(bag, id)
  elsif node["chef-vault"]["databag_fallback"]
    data_bag_item(bag, id)
  else
    raise "Trying to load a regular data bag item #{id} from #{bag}, and databag_fallback is disabled"
  end
end

def chef_vault_item_for_environment(bag, id)

Returns:
  • (Hash) -

Parameters:
  • id (String) -- Identifier of the data bag item to load.
  • bag (String) -- Name of the data bag to load from. 
def chef_vault_item_for_environment(bag, id)
  item = chef_vault_item(bag, id)
  return {} unless item[node.chef_environment]
  item[node.chef_environment]
end