AI SummaryChef-vault Copilot Instructions provides GitHub Copilot with detailed repository structure and context for the chef-vault Ruby gem, enabling developers to securely manage passwords and secrets in Chef environments. Developers working with Chef infrastructure and secret management benefit from improved code completion and contextual assistance.
Install
Copy this and paste it into Claude Code, Cursor, or any AI assistant:
I want to add the "chef-vault — Copilot Instructions" prompt rules to my project. Repository: https://github.com/chef/chef-vault Please read the repo to find the rules/prompt file, then: 1. Download it to the correct location (.cursorrules, .windsurfrules, .github/prompts/, or project root — based on the file type) 2. If there's an existing rules file, merge the new rules in rather than overwriting 3. Confirm what was added
Description
Securely manage passwords, certs, and other secrets in Chef
3. Testing Requirements (Critical)
ALL code changes MUST include comprehensive unit tests. • >80% test coverage is a HARD REQUIREMENT. • Use RSpec for unit tests (spec/), Cucumber for BDD (features/). • Run tests with: • bundle exec rspec spec/ • bundle exec rake features • Coverage report: coverage/index.html (generated by SimpleCov) • Test both positive/negative, edge cases, and error conditions. • Use mocks for external dependencies. • Tests must be independent and order-agnostic. • Verify coverage: • open coverage/index.html (macOS) • Ensure SimpleCov reports >80%. • Emphasize: No PR will be accepted without >80% coverage. Example RSpec Test Structure `ruby require 'spec_helper' describe ChefVault::Item do it 'loads a vault item' do # ... test code ... end end ` Example Cucumber Feature `gherkin Feature: Vault creation Scenario: Create a new vault Given I have a valid config When I run "knife vault create ..." Then the vault should be created ` ---
11. Security and Compliance Requirements
• CVE Awareness: Monitor dependencies • FIPS: Ensure FIPS compliance if required • License Headers: Do not remove/modify • Scanning: Use SonarQube, RuboCop • Authentication: Chef server, vault keys ---
Project Purpose
chef-vault is a Ruby gem that enables encryption of Chef Data Bag Items using the public keys of Chef nodes, allowing only those nodes to decrypt the values. It is a critical part of the Chef ecosystem for secure secret management.
Folder Structure Diagram
` chef-vault/ ├── .github/ # GitHub workflows, CODEOWNERS, Copilot instructions ├── bin/ # Executable scripts (e.g., chef-vault CLI) ├── coverage/ # Test coverage reports ├── dev/ # Dockerfiles and dev environment setup ├── features/ # Cucumber BDD feature tests │ ├── step_definitions/ # Step definitions for Cucumber │ └── support/ # Cucumber environment config ├── habitat/ # Habitat packaging and test scripts ├── hooks/ # Git hooks (e.g., pre-commit) ├── lib/ # Main Ruby library code │ ├── chef/knife/ # Knife plugin commands │ └── chef-vault/ # Core gem logic ├── spec/ # RSpec unit tests │ ├── chef-vault/ # Unit tests for core logic │ └── chef/ # Helper specs ├── tmp/ # Temp files for test runs ├── vendor/ # Bundled dependencies ├── .expeditor/ # Expeditor build automation config ├── CHANGELOG.md # Changelog ├── CODE_OF_CONDUCT.md # Code of conduct ├── CONTRIBUTING.md # Contribution guidelines ├── DEMO.md # Demo instructions ├── Gemfile # Ruby gem dependencies ├── Gemfile.lock # Locked gem versions ├── KNIFE_EXAMPLES.md # Knife command examples ├── LICENSE # Apache 2.0 License ├── Rakefile # Rake build/test tasks ├── README.md # Main documentation ├── sonar-project.properties # SonarQube config ├── THEORY.md # Vault design and theory ├── UPGRADE.md # Vault upgrade instructions ├── VERSION # Gem version `
Users who saved this also saved
Discussion
Health Signals
My Fox Den
Community Rating
Sign in to rate this booster
Works With
Any AI assistant that accepts custom rules or system prompts