Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

FIX-15921 Clean clients from chef-vault on recreate_client enabled #16357

Merged
merged 1 commit into from
Oct 20, 2017
Merged

FIX-15921 Clean clients from chef-vault on recreate_client enabled #16357

merged 1 commit into from
Oct 20, 2017

Conversation

supergicko
Copy link
Contributor

Fixes #15921

When terraform re-creates an existing node/client with chef provisioner,
the already existing client (which has old keys) must be removed from
the vault items. Afterwards, the chef-vault will be updated with the
newly created client (which has the new keys). Therefore, the recreated
client will be able to decrypt the vault items properly.

@supergicko
Clean clients from chef-vault on recreate_client enabled
c3ce018 
Fixes #15921

When terraform re-creates an existing node/client with chef provisioner,
the already existing client (which has old keys) must be removed from
the vault items. Afterwards, the chef-vault will be updated with the
newly created client (which has the new keys). Therefore, the recreated
client will be able to decrypt the vault items properly.
@supergicko supergicko changed the title Clean clients from chef-vault on recreate_client enabled FIX-15921 Clean clients from chef-vault on recreate_client enabled Oct 14, 2017
apenev
apenev approved these changes Oct 14, 2017
View reviewed changes
Copy link

@apenev apenev left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Great that there is finally a fix for this really blocker bug , without it practically you can not use Terraform with chef if you also handle secrets with chef vault

@supergicko supergicko mentioned this pull request Oct 17, 2017
Closed
@supergicko
Copy link
Contributor Author

@svanharmelen would love to hear your thoughts on this one.

@svanharmelen
Copy link
Contributor

Thanks for the PR @supergicko! LGTM!

@svanharmelen svanharmelen merged commit af206e7 into hashicorp:master Oct 20, 2017
@ghost
Copy link

ghost commented Apr 6, 2020

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.

@ghost ghost locked and limited conversation to collaborators Apr 6, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@apenev apenev apenev approved these changes

Assignees
No one assigned
Labels
provisioner/chef
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Terraform should clean clients for chef vault
4 participants
@supergicko @svanharmelen @apenev @apparentlymart