I have a new VM I just built. It has been bootstrapped with the same cookbooks as all the other nodes. They can load this data bag just fine. The new VM cannot.
Stacktrace error ::
/usr/bin/chef-client:57:in `load'
/usr/bin/chef-client:57:in `<main>'
>>>> Caused by ChefVault::Exceptions::SecretDecryption: DATABAG_NAME/ITEM is not encrypted with your public key. Contact an administrator of the vault item to encrypt for you!
/opt/chef/embedded/lib/ruby/gems/2.3.0/gems/chef-vault-2.9.1/lib/chef-vault/item.rb:152:in `secret'
/opt/chef/embedded/lib/ruby/gems/2.3.0/gems/chef-vault-2.9.1/lib/chef-vault/item.rb:74:in `load_keys'
Code snippet causing the issue ::
databag_contents = ChefVault::Item.load(node['DATABAG_NAME']['ITEM']['databag'], node['DATABAG_NAME']['ITEM']['databag_item'])
From the Chef server I have already updated the vault
knife vault update DATABAG_NAME ITEM -S "name:new_node_name_here"
I think this is fundamentally a vault error, but the fact that I've already ran the single command which the docs say should encrypt the data bag with the public key ... I don't know what else can be done.
thanks.
(actual info has been removed and replaced with "DATABAG_NAME" and "ITEM")
EDIT ::
Some additional things I've tried are in the chat. I also did a knife vault update DATABAG_NAME ITEM -S "name:new_vm_name_here" --verbose --verbose to get the keys from the output there. I took those keys and one by one used knife data bag edit DATABAG ITEM_keys to add the key manually. None of them worked.
The command to update the vault needed to be :
knife vault update DATABAG_NAME ITEM -S "name:new_node_name_here" -M client