search

hashicorp / packer-plugin-chef

This Packer provisioner is no longer being maintained and has been archived. Users are encouraged to use the shell or shell-local provisioner to run the provisioning tools made available by this plugin. If interested in maintaining this plugin please reach out to us at packer@hashicorp.com.
https://www.packer.io/docs/provisioners/chef-solo
Mozilla Public License 2.0
0 stars 6 forks source link

Chef provisioner key/value validation happens too early and out of order #11

Open ghost opened 3 years ago

ghost commented 3 years ago

This issue was originally opened by @heathsnow as hashicorp/packer#8002. It was migrated here as a result of the Packer plugin split. The original body of the issue is below.

The provisioners documentation states that "The provisioners will be run in the order they are defined within the template.". I have a shell provisioner that creates the encrypted_data_bag_secret_path key value used by the chef-client provisioner.

However there seems to be some validation happening early on that checks to ensure the value entered for that key exists and it causes packer to fail with the error: _"* Bad encrypted data bag secret '/etc/chef/encrypted_data_bag_secret': stat /etc/chef/encrypted_data_bagsecret: no such file or directory".

It doesn't exist because the shell provisioner right before the chef-client provisioner isn't getting a chance to run. I'd like to get my encrypted key from AWS Parameter Store with the shell script and then have the chef-client provisioner use it.

nywilken commented 2 years ago

With the archival of this repository all open issues will be marked as read-only. If you wish to further discuss this plugin or any of its open issues we invite you to open a discussion on the Packer community forum.

More details on the plugin archiving process for this provisioner can be found on the Plans to Archive Unmaintained Packer Provisioner Plugins blog post.