Hi, Am Di., 12. März 2019 um 11:54 Uhr schrieb Henrik Lindberg <henrik.lindb...@puppet.com>: > Yeah - sigh... The vault lookup returns an instance of Sensitive which > get / dig cannot dig into. We could possibly allow digging into a > Sensitive value as the result would also be made sensitive, but that > function does not do that. (Please file a ticket).
Just for completeness and in case anyone stumbling over this thread might not know it: You always have also the option to deploy a consul-template (https://github.com/hashicorp/consul-template) config with puppet and then let consult-template request the secrets from the vault instance locally on the server. What's nice about that is that it decouples for example vault secret renewals from the actual puppet runs. Best regards, Karsten -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CAL017hAX_cJWDRcZpfWUaYq53-kueuh1NmpBi-XiCAvp24JTUw%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
