Thank for taking the time to fill this bug report fully. Without it we may not be able to fix the bug, and the issue may be closed without resolution.
:ghost: Brief Description
Installing the forwarder only has a dependency on the Chef Vault component
:pancakes: Cookbook version
9.2.1
:woman_cook: Chef-Infra Version
16.2
:tophat: Platform details
Ubuntu 16/18 in AWS EC2
Steps To Reproduce
Steps to reproduce the behavior:
add include_recipe 'chef-splunk::forwarder' and trigger a run
observe the following:
Recipe Compile Error in /var/chef/cache/cookbooks/foo/recipes/default.rb
================================================================================
ArgumentError
-------------
No secret specified and no secret found at /etc/chef/encrypted_data_bag_secret
Cookbook Trace: (most recent call first)
----------------------------------------
/var/chef/cache/cookbooks/chef-splunk/recipes/default.rb:22:in `from_file'
/var/chef/cache/cookbooks/chef-splunk/recipes/setup_auth.rb:28:in `from_file'
/var/chef/cache/cookbooks/chef-splunk/recipes/service.rb:50:in `from_file'
/var/chef/cache/cookbooks/chef-splunk/recipes/install_forwarder.rb:46:in `from_file'
/var/chef/cache/cookbooks/role_job/recipes/default.rb:10:in `from_file'
Relevant File Content:
----------------------
/var/chef/cache/cookbooks/chef-splunk/recipes/default.rb:
15: # distributed under the License is distributed on an "AS IS" BASIS,
16: # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
17: # See the License for the specific language governing permissions and
18: # limitations under the License.
19: #
20: # We can rely on loading the chef_vault_item here into the run_state so other
21: # recipes don't have to keep going back to the chef server to access the vault/data bag item
22>> vault_item = chef_vault_item(node['splunk']['data_bag'], "splunk_#{node.chef_environment}")
23: node.run_state['splunk_auth_info'] = splunk_auth(vault_item['auth'])
24: node.run_state['splunk_secret'] = vault_item['secret']
25:
26: include_recipe 'ec2-tags-ohai-plugin'
27:
28: if server?
29: include_recipe 'chef-splunk::server'
30: else
31: include_recipe 'chef-splunk::client'
:police_car: Expected behavior
The forawrder is installed without the need to fetch this.
:heavy_plus_sign: Additional context
The forwarder installed by itself requires no sensitive data so why is this data bag necessary?
:speaking_head: Foreword
Thank for taking the time to fill this bug report fully. Without it we may not be able to fix the bug, and the issue may be closed without resolution.
:ghost: Brief Description
Installing the forwarder only has a dependency on the Chef Vault component
:pancakes: Cookbook version
9.2.1
:woman_cook: Chef-Infra Version
16.2
:tophat: Platform details
Ubuntu 16/18 in AWS EC2
Steps To Reproduce
Steps to reproduce the behavior:
add include_recipe 'chef-splunk::forwarder' and trigger a run observe the following:
:police_car: Expected behavior
The forawrder is installed without the need to fetch this.
:heavy_plus_sign: Additional context
The forwarder installed by itself requires no sensitive data so why is this data bag necessary?