using data bags with test kitchen

[cfiel...@gmail.com]

The chef fundamentals repo (https://github.com/learnchef/chef-fundamentals-repo) has a 'users' cookbook that searches a data bag and provisions users accounts. It's easy enough to load a single item of a data bag with test kitchen according to these instructions: https://github.com/test-kitchen/test-kitchen/issues/317. However, that's not working with the 'search' resource in the users default recipe. I'm wondering how to make this work in test kitchen? See the samples below:

--Excerpt from .kitchen.yml
provisioner:
name: chef_solo
data_bags_path: ~/chef-fundamentals-repo/data_bags
#json files with data bag items go in this path

--from the default recipe in the 'users' data bag
#I added the line below
users=data_bag("users")

#from the original cookbook
search("users", "*:*").each do |user_data|
user user_data["id"] do
comment user_data["comment"]
uid user_data["uid"]
gid user_data["gid"]
home user_data["home"]
shell user_data["shell"]
end
end

The 'search' fails with 'I cannot read the /tmp/kitchen/client.pem.' This is the same error I get if I specify a recipe in the run list that does not exist.

[Mischa Taylor]

I can outline the approaches here.  There are two popular approaches to using data bags with Test Kitchen:

1) Put special test values in the .kitchen.yml as attributes and add `if Chef::Config[:solo]` statements as appropriate to provide alternate versions that read attributes from the .kitchen.yml when running under test

2) Use the chef_zero provisioner instead of the chef_solo provisioner in your .kitchen.yml.  Chef zero has an in-memory chef server (supporting search) and you can run your recipe data bag code unmodified against that, populating the data bags in with test values in your .kitchen.yml

Approach #1 is backwards-compatible to Chef 10, Approach #2 only works for the versions of Chef that support Chef Zero (11.12.0 or higher).

[Mischa Taylor]

P.S. You'll also note that in the article you referenced: https://github.com/test-kitchen/test-kitchen/issues/317 Fletcher also recommends using chef_zero

On Monday, May 12, 2014 7:54:30 AM UTC-7, cfiel...@gmail.com wrote:

[cfiel...@gmail.com]

Nice! All I had to do was change my provisioner to chef_solo and the bookcook works. From /tmp/kitchen/data_bags a 'knife data bag list -z' shows everything in the ~/chef-fundamentals-repo/data_bags directory. Thanks!

[Mischa Taylor]

I think you meant to say "All I had to do was change my provisioner to chef_zero and the cookbook works".  Yes, all my colleagues at Chef pretty much change the provisioner to chef_zero first thing in their .kitchen.yml files.  It's very useful.  When that is set, Test Kitchen will automatically fire up a chef-zero in-memory server instance and upload your cookbooks to the server.  Plus, when you add the -z/--local option to both chef-client & knife commands, it will use this in-memory instance, so it's pretty easy to flip back and forth between testing and real instances.

[cfiel...@gmail.com]

One more thing - I'm wondering how to pass my secret file for an encrypted data bag to "/tmp/kitchen/encrypted_data_bag_secret" on my kitchen VM? It's easy enough to sync folders but I don't see an option to send a file?

[dorian....@gmail.com]

Le mardi 13 mai 2014 10:26:41 UTC-4, cfiel...@gmail.com a écrit :
> One more thing - I'm wondering how to pass my secret file for an encrypted data bag to "/tmp/kitchen/encrypted_data_bag_secret" on my kitchen VM? It's easy enough to sync folders but I don't see an option to send a file?

Did you find out how to publish secret with test-kitchen other than the default tmp directory ?

[spe...@vin65.com]

Anyone figure this out? I am having the same issue