Host factory token use with hiera-backed on newly-provisioned machines causes errors

[sgnn7]

Summary

When using HFTs to provision new Conjur machine identities and using hiera, the code throws errors due to the fact that the registry key that this module uses to store configuration data is not present on the first run.

Dev info:

• Problem code is here
• The fix would just involve make sure that this block of code returns an empty hash on errors

Steps to Reproduce

Steps to reproduce the behavior:

1. Setup puppet with a clean Windows host ready (don't run agent yet)
2. Setup conjur HFTs
3. Configure hiera to pass all of the Windows configuration options for that host for HFT-specific use
4. Run the agent on the node

Expected Results

Agent can pull secrets

Actual Results (including error logs, if applicable)

Agent run fails with errors as the conjur configuration registry key is not present

Reproducible

• Always
• Sometimes
• Non-Reproducible

Version/Tag number

Tested on Puppet 6 and pre-3.0.0 version. This error would be visible on puppet 5 and any older version as well probably.

Environment setup

Puppet Master: Docker-compose, v6
Puppet Agent: Windows 2012r2 VM in VirtualBox
Conjur Master: Docker-compose, v5

Additional Information

N/A