Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add p6 Deferred function #46

Merged
merged 1 commit into from
Jan 17, 2019
Merged

Add p6 Deferred function #46

merged 1 commit into from
Jan 17, 2019

Conversation

binford2k
Copy link
Contributor

This allows node_encrypt to be used for any parameter of any resource
type, by simply tagging the secret with a function call.

Example usage:

notify { 'example':
  message => 'this string will be encrypted in your catalog'.node_encrypt::secret
}

file { '/etc/secretfile.cfg':
  ensure  => file,
  content => template('path/to/template.erb').node_encrypt::secret,
}

I'll do proper docs after more testing.

danielparks
danielparks approved these changes Jan 16, 2019
View reviewed changes
Copy link
Contributor

@danielparks danielparks left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Wow, that's awesome.

@binford2k
Copy link
Contributor Author

I should point out that using Sensitive means that it's subject to the same leakage problems that Sensitive is, since it relies on providers implementing their half.

@danielparks
Copy link
Contributor

I tested this with the command parameter of an exec, and it works nicely. It has the desired result, and the cipher text is all that shows up in PuppetDB.

@binford2k
Add p6 Deferred function
c04ebf3 
This allows node_encrypt to be used for any parameter of any resource
type, by simply tagging the secret with a function call.

Example usage:

``` puppet
notify { 'example':
  message => 'this string will be encrypted in your catalog'.node_encrypt::secret
}

file { '/etc/secretfile.cfg':
  ensure  => file,
  content => template('path/to/template.erb').node_encrypt::secret,
}
```
@binford2k
Copy link
Contributor Author

Spec and smoke tested on 3/4/5/6.

@binford2k binford2k merged commit 4433daa into master Jan 17, 2019
This was referenced Jan 17, 2019
Closed
Closed
cegeka-jenkins pushed a commit to cegeka/puppet-node_encrypt that referenced this pull request Aug 1, 2019
@binford2k
Merge pull request puppetlabs#46 from binford2k/add_p4_functions
e1a6aea 
Add p6 Deferred function
@binford2k binford2k deleted the add_p4_functions branch April 29, 2020 04:41
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@danielparks danielparks danielparks approved these changes

Assignees
No one assigned
Labels
feature
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@binford2k @danielparks @jordanbreen28