Last active
February 16, 2019 09:52
-
-
Save binford2k/efd953569328baf3f64487b78fefbc62 to your computer and use it in GitHub Desktop.
Generate a templated file on the agent, using secrets resolved agent side.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $variables = { | |
| 'password' => Deferred('vault_lookup::lookup', | |
| ["secret/test", 'https://vault.docker:8200']), | |
| } | |
| # use inline_epp(), and file() to compile the template source into the catalog | |
| file { '/etc/secrets.conf': | |
| ensure => file, | |
| content => Deferred('inline_epp', | |
| [file('mymodule/secrets.conf.epp'), $variables]), | |
| } |
`
$password = Deferred('vault_lookup::lookup',
["secret/test", 'https://vault.docker:8200'])
$hash_variables = {
'password' => $password,
}
# use inline_epp(), and file() to compile the template source into the catalog
file { '/etc/secrets.conf':
ensure => file,
content => Deferred('inline_epp',
[file('mymodule/secrets.conf.epp'), $hash_variables]),
}
`
Note ERB is not available when resolving deferred values.
It is possible to reference a template in the templates directory by first locating the module root with the function module_directory() in puppet and then adding the relative path to templates.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Note that this means that the template has to live in the
filesdirectory, nottemplates.Also of note:
inline_template()function isn't a Puppet4 function, so it cannot be deferred like this.