On 2019-02-19 20:15, Grant Davies wrote:
Yes exactly, using the deferred Function to lookup secrets on the agent
side defined in Hiera. So I want to write some Puppet code in a Profile
class that specifies where (Vault for us, but could be anything) to
fetch the secret agent side, how, which key etc. Then reference that in
Hiera for use in pre existing modules as parameters.
If you want hiera to return instances of Deferred, you can do that by
writing your own simple hiera kind of backend function (much simpler
than it sounds).
All it has to do is to return a hash along the lines of:
{ some_key => Deferred('vault_lookup', [params, ...]),
some_other_key => Deferred(...)
}
The hiera 5 documentation should show how to write those functions.
Also checkout video of my Hiera 5 talk from Puppetconf and ConfigMgmntCamp.
best,
- henrik
On Wed, Feb 20, 2019, 4:42 AM Henrik Lindberg
<henrik.lindb...@puppet.com <mailto:henrik.lindb...@puppet.com> wrote:
On 2019-02-18 01:17, comport3 wrote:
> Does anyone have any real world examples of referencing Deferred
> lookups, either in Puppet code or Hiera that you could share?
Vault Lookup shows examples of how to use it to lookup secrets on the
agent side.
https://github.com/voxpupuli/puppet-vault_lookup
You mention hiera as well - what were you thinking about there wrt.
Deferred? Being able to return deferred values from hiera, to be
resolved on the agent? Or something else...
Best,
- henrik
>
> --
> You received this message because you are subscribed to the Google
> Groups "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it,
send
> an email to puppet-users+unsubscr...@googlegroups.com
<mailto:puppet-users%2bunsubscr...@googlegroups.com>
> <mailto:puppet-users+unsubscr...@googlegroups.com
<mailto:puppet-users%2bunsubscr...@googlegroups.com>>.
> To view this discussion on the web visit
>
https://groups.google.com/d/msgid/puppet-users/899f155f-799c-4c32-bad0-9d6f75ce6a23%40googlegroups.com
>
<https://groups.google.com/d/msgid/puppet-users/899f155f-799c-4c32-bad0-9d6f75ce6a23%40googlegroups.com?utm_medium=email&utm_source=footer>.
> For more options, visit https://groups.google.com/d/optout.
--
Visit my Blog "Puppet on the Edge"
http://puppet-on-the-edge.blogspot.se/
--
You received this message because you are subscribed to a topic in
the Google Groups "Puppet Users" group.
To unsubscribe from this topic, visit
https://groups.google.com/d/topic/puppet-users/E-Q-ok-B0gQ/unsubscribe.
To unsubscribe from this group and all its topics, send an email to
puppet-users+unsubscr...@googlegroups.com
<mailto:puppet-users%2bunsubscr...@googlegroups.com>.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/q4e2bv%247pd%241%40blaine.gmane.org.
For more options, visit https://groups.google.com/d/optout.
--
You received this message because you are subscribed to the Google
Groups "Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send
an email to puppet-users+unsubscr...@googlegroups.com
<mailto:puppet-users+unsubscr...@googlegroups.com>.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/CAE1da7JSO_hCiosb_5sTtAsE4qOx9K6XKzTB6C1Udj1WVKUzCA%40mail.gmail.com
<https://groups.google.com/d/msgid/puppet-users/CAE1da7JSO_hCiosb_5sTtAsE4qOx9K6XKzTB6C1Udj1WVKUzCA%40mail.gmail.com?utm_medium=email&utm_source=footer>.
For more options, visit https://groups.google.com/d/optout.
--
Visit my Blog "Puppet on the Edge"
http://puppet-on-the-edge.blogspot.se/
--
You received this message because you are subscribed to the Google Groups "Puppet
Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/q4hnc4%244esj%241%40blaine.gmane.org.
For more options, visit https://groups.google.com/d/optout.
