...turns out chef-vault changed behavior; empty vaults now show up as…

… plain data bags, confusing themselves
cloudamatic · Aug 4, 2017 · d84c809 · d84c809
1 parent b37bacc
commit d84c809
Showing 1 changed file with 9 additions and 9 deletions.
diff --git a/bin/mu-configure b/bin/mu-configure
@@ -1010,17 +1010,17 @@ if !File.exists?("#{MU_BASE}/var/users/mu/email") or !File.exists?("#{MU_BASE}/v
   sleep 3 # avoid LDAP lag for mu-user-manage
 end
 
-%x{/opt/chef/bin/knife vault show scratchpad 2>&1}
-if $?.exitstatus != 0
-  MU.log "Creating Scratchpad vault: /opt/chef/bin/knife vault create scratchpad"
-  output = %x{/opt/chef/bin/knife vault create scratchpad foo-#{Process.pid} '{}' 2>&1}
-  if $?.exitstatus != 0
-    MU.log "Got non-zero exit code creating Scratchpad vault", MU::WARN, details: output
-  else
-    %x{/opt/chef/bin/knife vault delete -y scratchpad foo-#{Process.pid} 2>&1}
-  end
+output = %x{/opt/chef/bin/knife vault show scratchpad 2>&1}
+if $?.exitstatus != 0 or output.match(/is not a chef-vault/)
+  MU::Groomer::Chef.saveSecret(
+    vault: "scratchpad",
+    item: "placeholder",
+    data: { "secret" => "DO NOT DELETE", "timestamp" => "9999999999" },
+    permissions: "name:MU-MASTER"
+  )
 end
 
+
 if $INITIALIZE
   MU.log "Setting initial password for admin user 'mu', for logging into Nagios and other built-in services.", MU::NOTICE
   puts %x{#{MU_BASE}/lib/bin/mu-user-manage -g mu}