Am 08.11.2016 um 20:10 schrieb Ziwi:
> Thanks for the link, I will definitely look at this. If this actually
> renders on agent it could come in handy.
>
> However different outputs of the encryption command are still a
> problem, as there should be some kind of: onlyif =>
> decrypt('old_value') != plain_password functionality for this.
>
> If anyone has some straightforward examples of using an exec on agent
> to collect data and reference them in manifests in the type/provider
> manner please share.
The puppet way to collect data from the client is to create facts.
https://docs.puppet.com/facter/3.5/custom_facts.htmlBut i doubt having credentials in facts are a good thing, as they are transmitted to the puppet server and saved stored in reports (saved as yaml files and if configured also to PuppetDB). IMHO also parameters of classes and resources are stored. You have to be aware of this when you start managing credentials. There was just recently a sensitive data type introduced (https://docs.puppet.com/puppet/latest/reference/lang_data_sensitive.html) which should prevent storing it at too many places. Havent looked into it in details. -Thomas -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/39a6c470-7765-3fb9-d5e7-410284412b29%40chaschperli.ch. For more options, visit https://groups.google.com/d/optout.
