Hi There
https://puppet.com/docs/puppet/6.17/lang_data_sensitive.html
You need to "unwrap" the sensitive data in order to consume the original
data in a function
On Wednesday, September 9, 2020 at 2:17:34 PM UTC+1 Dirk Heinrichs wrote:
> Hi,
>
> tried to use the "Sensitive" data type for the first time (with Puppet
> 6.18.0), but it doesn't work as expected (found and followed several
> tutorials on the net, see links below), also using the "lookup_options"
> method to ensure the Hiera-provided value is indeed converted to sensitive.
>
> Here's my sample code (Hiera files omitted):
>
> class test (Sensitive $foo) {
> file {'/tmp/foo':
> content => "${foo}\n",
> }
> }
>
> When I run this, I get:
>
> Notice: /Stage[main]/Test/File[/tmp/foo]/content:
> --- /tmp/foo 2020-09-09 07:53:40.166807782 +0200
> +++ /tmp/puppet-file20200909-18841-zq93gr 2020-09-09
> 14:55:05.569695841 +0200
> @@ -1 +1 @@
> -bar
> +Sensitive [value redacted]
>
> Notice: /Stage[main]/Test/File[/tmp/foo]/content: content changed
> '{md5}fc552...' to '{md5}48a07...'
>
> and then the file indeed looks like this:
>
> # cat /tmp/foo
> Sensitive [value redacted]
>
> instead of containing the real value provided in Hiera.
>
> Any ideas?
>
> Thanks...
>
> Dirk
>
> https://blog.example42.com/2019/04/04/puppet_sensitive_data/
> https://www.puppetcookbook.com/posts/hide-sensitive-values.html
> https://puppet.com/blog/my-journey-securing-sensitive-data-puppet-code/
> --
> *Dirk Heinrichs*
> Senior Systems Engineer, Delivery Pipeline
> OpenText ™ Discovery | Recommind
> *Phone*: +49 2226 15966 18 <+49%202226%201596618>
> *Email*: dhei...@opentext.com
> *Website*: www.recommind.de
> Recommind GmbH, Von-Liebig-Straße 1, 53359 Rheinbach
> Vertretungsberechtigte Geschäftsführer Gordon Davies, Madhu Ranganathan,
> Christian Waida, Registergericht Amtsgericht Bonn, Registernummer HRB 10646
> This e-mail may contain confidential and/or privileged information. If you
> are not the intended recipient (or have received this e-mail in error)
> please notify the sender immediately and destroy this e-mail. Any
> unauthorized copying, disclosure or distribution of the material in this
> e-mail is strictly forbidden
> Diese E-Mail enthält vertrauliche und/oder rechtlich geschützte
> Informationen. Wenn Sie nicht der richtige Adressat sind oder diese E-Mail
> irrtümlich erhalten haben, informieren Sie bitte sofort den Absender und
> vernichten Sie diese Mail. Das unerlaubte Kopieren sowie die unbefugte
> Weitergabe dieser Mail sind nicht gestattet.
>
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/38f9ada3-c918-4260-8953-4e54de9ddf6dn%40googlegroups.com.
