Comments (3)
I've opened #12 for this, but we are still looking for feedback on whether this is something people would actually use. If not, feel free to close this and the associated PR. No need to add complexity that won't be used.
from puppet-vault_lookup.
This would be a very welcome feature. I'm working on setting up a Vault cluster, and plan to start using this module soon to deploy secrets in templates. If there's an issue reaching the Vault cluster, in most cases I prefer for the catalog application to proceed without interruption and leave the target file unmodified. However, if this would require to define a default value, then this feature would not work for me. Anything else than the secret itself would break whatever needs the secret, and that can't happen.
from puppet-vault_lookup.
The problem as I see it is at the point where vault_lookup is running... you must return a value in most cases. because it's on the assignment side of a => in some kind of resource. the main compile already ran on the master/compiler and the resource is in the catalogue it's just the content value that's going to be interpolated by the agent side deferred function I think this might be a good idea but. having nil instead of (webserver private cert) or (integration credentials) is going to break a working service
from puppet-vault_lookup.
Related Issues (20)
- Please release 1.1.1 with approle trailing / url fix.
- Disable Cache
- certificate failed to verify with self signed certificates HOT 1
- Server error 500 after upgrade of Puppet Enterprise 2023.5 to 2023.7
- Issue gathering multiple fields from a secret in vault HOT 1
- [Feature Request] Ability to use a list of Vault nodes HOT 3
- Specifying different login endpoint HOT 1
- Error: Failed to apply catalog: undefined method `http_ssl_instance' for Puppet::Network::HttpPool:Module HOT 2
- Update function for work with Vault secured with Letsencrypt certificates HOT 5
- Per-client cert policies possible? HOT 4
- Detection of what kv version the vault is should be done via a different heuristic. HOT 2
- error: "client certificate must be supplied" HOT 2
- Agent unable to connect to Vault because of cert issue HOT 4
- bolt with approle
- undefined local variable or method 'vault_role_id'
- Retreiving a field value fails. HOT 1
- Issue authenticating to Vault using AppRole method
- Can't load environment variables from /etc/sysconfig/puppet HOT 1
- Contact Vault with Self-signed CA HOT 2
- Features: Token caching and rate-limit
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from puppet-vault_lookup.