Chef数据狗包装器食谱不会与“缺少api键”错误一起运行
[英]Chef datadog wrapper cookbook won't run with “missing api key” error
问题描述
I created a wrapper cookbook to retrieve my datadog api keys from an encrypted data bag but it looks like it is not running during the execution. 
我创建了一个包装食谱,以从加密的数据包中检索我的datadog api密钥,但是在执行过程中它似乎没有运行。
Here is my code: 这是我的代码:
attributes/default.rb 属性/ default.rb
node.default['datadog']['encrypted_data_bag'] = 'datadog'
node.default['datadog']['encrypted_data_bag_item'] = 'datadog_keys'
recipes/set_key.rb: 食谱/set_key.rb:
node.default['datadog']['api_key'] = data_bag_item(node['datadog']['encrypted_data_bag'], node['datadog']['encrypted_data_bag_item'])['api_key']
node.default['datadog']['application_key'] = data_bag_item(node['datadog']['encrypted_data_bag'], node['datadog']['encrypted_data_bag_item'])['chef']
and del_key: 和del_key:
node.rm['datadog']['api_key']
node.rm['datadog']['application_key']
I created a role named datadog and run list of this role looks like: 我创建了一个名为datadog的角色,该角色的运行列表如下所示:
datadog-wrapper-0.1.0::set_key
datadog::dd-agent
datadog::dd-handler
datadog-wrapper-0.1.0::del_key
I'm expecting this wrapper recipe load datadog keys, then datadog recipes to run and finally another wrapper recipe to remove keys. 我期望这个包装器配方加载datadog密钥,然后运行datadog配方,最后运行另一个包装器配方来删除密钥。 But when Chef is running, I receive an error message like: 但是,当Chef运行时,我会收到一条错误消息,例如:
ArgumentError
-------------
chef_handler[Chef::Handler::Datadog] (datadog::dd-handler line 52) had an error: ArgumentError: Missing Datadog Api Key
Since I'm new to Chef and data bags use, I'm a bit confused. 由于我是Chef的新手,并且使用数据袋,所以有点困惑。 Why my setter recipe is not running? 为什么我的二传手菜谱没有运行?
Thanks. 谢谢。
1 个解决方案
解决方案1
0 已采纳 2018-02-23 10:55:16
As I have mentioned in the comment, you are affected by two pass model . 正如我在评论中提到的,您受到两次通过模型的影响。 You should remove the keys in the resource added to the end of the chef run or triggered by the DD cookbook resources invoked as the last one in the run. 您应该删除添加到chef运行结束时或由作为运行中最后一个调用的DD Cookbook资源触发的资源中的键。
ruby_block "clean datadog api attributes" do
block do
node.rm("datadog", "api_key")
....
end
subscribes :create, "template[<some dd template using api keys>]", :immediately
end
However, it may not work with all versions of DD cookbook. 但是,它可能不适用于所有版本的DD Cookbook。 From few DD cookbook versions, it is possible to store keys in node's run state which is not written to the Chef server. 从少数DD Cookbook版本开始,可以将密钥存储在节点的运行状态中,而不会写入Chef服务器。
node.run_state["datadog"] = {
"api_key" => datadog["api_key"],
"application_key" => datadog["application_key"]
}
The above example is preferred solution to your issue. 上面的示例是解决您的问题的首选方法。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.