Hi, this does look potentially helpful. Thanks for sharing!
On 06/24/2013 03:26 PM, Jens Braeuer wrote: > Hi everyone, > > In my environment, we heavily rely on Hiera to parametrize our modules. > Like the Puppet code, I would like to version-control the Hiera .yaml > files. However committing passwords in plain text to GitHub seems really > odd. > > So I would like to make you aware of one of my side-projects called Raziel. > https://github.com/jbraeuer/raziel/ > http://bit.ly/raziel-slides > > While there is one approach (hiera-gpg), this renders most of the > version-control features useless, as the whole file is encrypted. With > Raziel, keys are selectively encrypted, so your .yaml file may read like > > --- > mail.user: automat...@commercetools.de > mail.password: > ENC(jA0EAwMCsYQ4Nyhcgx9gySZ1Z5HPMDbSxI9TL11UrSbIxApQNeZ+uMJqwkrTNwKgs4qkD5FDgA==) > mail.server: smtp.googlemail.com > > Encryption is based on GPG via ruby-gpgme. The values itself are > encrypted symmetric. The symmetric key is encrypted with asymmetric > crypto, which allows fine grained control over attribute visibility. > > Enjoy, > Jens > > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
