-
Notifications
You must be signed in to change notification settings - Fork 16
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Lookup function not working through hiera #101
Comments
Hi @TraGicCode, thank you for your fast reply, for some reason, your comment is not here.
Puppet is logging a lot and in different files, can you tell me in which file this module is writing the output and if there is some key word to filter out the logs? |
Hey @karolina1819 , sorry for responding late. The puppet server logs are the puppet logs on the puppet master/server. This is where the lookup function is executed and the logs there will indicate if any errors occurs ( the code for this module does some level of logging ) https://www.puppet.com/docs/pe/2019.8/log-locations-reference.html var/log/puppetlabs/puppetserver/puppetserver.log |
Hi @TraGicCode, No problem at all. I checked that, but I did not find anything related to this module, unfortunately. Any suggestion how to increase level of logging coming from this module? |
Hey @karolina1819 , If something blows up there should be something in the logs. Can you try adding Sensitive[String] to the puppet code to see if that makes a difference? class infra::akv (
Sensitive[String] $password,
)
{
file { '/opt/akv':
ensure => 'directory',
}
file { '/opt/akv/testpass':
content => $password,
ensure => file,
}
} |
Well, nothing blows up regarding code execution, so there are no errors in log. Only results of using lookup function in manifest and through hiera are different
Yes, we did try that. With that there is an error:
It's seems like lookup function is returning string "Sensitive [value redacted]" instead of true value of the secret just masked in Sensitive type, as it does used in manifest. |
Hey, I will attempt to reproduce this locally today and get back with you. |
…terpolation interpolation inside of a hiera data file must be done using alias and not lookup. This is because the Sensitive[String] data type must be preserved.
Hey @karolina1819 , It appears the documentation is incorrect which is what is causing you an issue. When performing interpolation inside your a hiera data file you must use the before
after
I have created a PR ( #102 ) which will fix this and cut a new release of the module. |
…terpolation (#102) interpolation inside of a hiera data file must be done using alias and not lookup. This is because the Sensitive[String] data type must be preserved.
Please reopen this if you still have issues |
I've tested this, all works as expected, thank you for your help and clarification. |
Hi TraGicCode,
Thank you for writing this module. Unfortunately, I haven't been able to make it work through hiera as expected.
Puppet version: 6.26.0
tragiccode-azure_key_vault version: v3.1.0
Section in hiera.yaml hierarchy:
This is the code I've been testing:
Used like this it gives the output, as expected:
Also, file is correctly updated.
But, if used through hiera, with editing data/nodes/puppetserver.yaml file with line:
With manifest then looking like this:
Output is:
So, nothing is reducted and literally the string "Sensitive [value redacted]" is written in the file.
Can you help me with this?
The text was updated successfully, but these errors were encountered: