Hi There
https://puppet.com/docs/puppet/6.17/lang_data_sensitive.html
You need to "unwrap" the sensitive data in order to consume the original
data in a function
On Wednesday, September 9, 2020 at 2:17:34 PM UTC+1 Dirk Heinrichs wrote:
> Hi,
>
> tried to use the "Sensitive" data type for the first time (with Puppet
> 6.18.0), but it doesn't work as expected (found and followed several
> tutorials on the net, see links below), also using the "lookup_options"
> method to ensure the Hiera-provided value is indeed converted to sensitive.
>
> Here's my sample code (Hiera files omitted):
>
> class test (Sensitive $foo) {
> file {'/tmp/foo':
> content => "${foo}\n",
> }
> }
>
> When I run this, I get:
>
> Notice: /Stage[main]/Test/File[/tmp/foo]/content:
> --- /tmp/foo 2020-09-09 07:53:40.166807782 +0200
> +++ /tmp/puppet-file20200909-18841-zq93gr 2020-09-09
> 14:55:05.569695841 +0200
> @@ -1 +1 @@
> -bar
> +Sensitive [value redacted]
>
> Notice: /Stage[main]/Test/File[/tmp/foo]/content: content changed
> '{md5}fc552...' to '{md5}48a07...'
>
> and then the file indeed looks like this:
>
> # cat /tmp/foo
> Sensitive [value redacted]
>
> instead of containing the real value provided in Hiera.
>
> Any ideas?
>
> Thanks...
>
> Dirk
>
> https://blog.example42.com/2019/04/04/puppet_sensitive_data/
> https://www.puppetcookbook.com/posts/hide-sensitive-values.html
> https://puppet.com/blog/my-journey-securing-sensitive-data-puppet-code/
> --
> *Dirk Heinrichs*
> Senior Systems Engineer, Delivery Pipeline
> OpenText ™ Discovery | Recommind
> *Phone*: +49 2226 15966 18 <+49%202226%201596618>
> *Email*: [email protected]
> *Website*: www.recommind.de
> Recommind GmbH, Von-Liebig-Straße 1, 53359 Rheinbach
> Vertretungsberechtigte Geschäftsführer Gordon Davies, Madhu Ranganathan,
> Christian Waida, Registergericht Amtsgericht Bonn, Registernummer HRB 10646
> This e-mail may contain confidential and/or privileged information. If you
> are not the intended recipient (or have received this e-mail in error)
> please notify the sender immediately and destroy this e-mail. Any
> unauthorized copying, disclosure or distribution of the material in this
> e-mail is strictly forbidden
> Diese E-Mail enthält vertrauliche und/oder rechtlich geschützte
> Informationen. Wenn Sie nicht der richtige Adressat sind oder diese E-Mail
> irrtümlich erhalten haben, informieren Sie bitte sofort den Absender und
> vernichten Sie diese Mail. Das unerlaubte Kopieren sowie die unbefugte
> Weitergabe dieser Mail sind nicht gestattet.
>
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/38f9ada3-c918-4260-8953-4e54de9ddf6dn%40googlegroups.com.
