It depends on how you organize/protect your repos. If you use something like Gitolite, you can restrict branches to specific users which would let you enforce central isolation.
However, a mistake on a branch or permissions could indeed lead to sensitive information leaks. Trevor On Thu, Sep 18, 2014 at 4:26 PM, Julien Deloubes <julien.delou...@gmail.com> wrote: > Old topic but i was wondering how secure is the git masterless setup. > Do you have to separate each node configuration in a git branch or sub > directory? > I mean if you git clone the whole repo isn't a bit dangerous to have all > the configuration on the node? > In a master/agent configuration the configuration code is never locally on > the node. > Thanks. > > Le mercredi 26 février 2014 16:59:54 UTC+1, Julien Deloubes a écrit : >> >> Very interesting , thanks for your feedbacks. >> >> Le mardi 25 février 2014 15:09:43 UTC+1, Ken Barber a écrit : >>> >>> > This is the approach we are currently taking and it allows you to use >>> > virtual resources. This is the only thing which should drive you to >>> this >>> > setup - the other is much simpler in my opinion. Of course there might >>> > be a way to use a central PuppetDB service in masterless setup but at >>> > least I am unaware of how to do this. >>> >>> It is possible: >>> >>> http://docs.puppetlabs.com/puppetdb/1.6/connect_puppet_apply.html >>> >>> ken. >>> >> -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to puppet-users+unsubscr...@googlegroups.com. > To view this discussion on the web visit > https://groups.google.com/d/msgid/puppet-users/d7eb43a3-0a17-4192-98e8-4de7ae73b140%40googlegroups.com > <https://groups.google.com/d/msgid/puppet-users/d7eb43a3-0a17-4192-98e8-4de7ae73b140%40googlegroups.com?utm_medium=email&utm_source=footer> > . > For more options, visit https://groups.google.com/d/optout. > -- Trevor Vaughan Vice President, Onyx Point, Inc (410) 541-6699 tvaug...@onyxpoint.com -- This account not approved for unencrypted proprietary information -- -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CANs%2BFoU3chQBQyC%3DVbKpK3tAxa1Uprbc6ToWnkcF0uvY2PkAyA%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
