How to pass Chef data bag secret to a docker container?

I have already created a databag item which is existing on the chef server.
Now, I am trying to pass on that databag item secret value to a docker container.

I am creating the data bag as follows:

  • How Docker is better than Vagrant+LXC+Chef [closed]
  • Vagrant, Docker, Puppet, Chef
  • Combining Chef And Docker
  • how to make docker image ssh enabled
  • Installing chef-server in a docker container
  • Docker for GUI-based environments?
  • knife data bag create bag_secrets bag_masterkey --secret-file C:\path\data_bag_secret

    I am retrieving value of that databag item in Chef recipe as follows:

    secret = Chef::EncryptedDataBagItem.load_secret("#{node['secret']}")
    masterkey = Chef::EncryptedDataBagItem.load("databag_secrets", "databag_masterkey", secret)

    What logic do i need to add to pass on the data bag secret to a docker container?

  • Using xdebug through Docker container in PhpStorm
  • 5 - Docker
  • Specify linux interface for docker container
  • Docker. No such file or directory
  • How can I make docker-machine create a VM in a specific location
  • How to use alsa sound and/or snd_pcm_open in docker?
  • One Solution collect form web for “How to pass Chef data bag secret to a docker container?”

    I’ve said this like twice on different questions: DO NOT USE ENCRYPTED DATABAGS LIKE THIS IT IS NOT SAFE.

    I think you fundamentally misunderstand the security model of encrypted bags, they exist only to allow for data where the Chef Server cannot read it. The cost is you must manage key distribution. For Docker this would probably be via sidecar containers or data volumes but running chef-client inside a container is relatively rare so you’ll have to sort that out yourself. I would recommend working with a security/infosec engineer at your company to figure out the right security model for your usage.

    Docker will be the best open platform for developers and sysadmins to build, ship, and run distributed applications.