https://www.puppet.com/community logo
Join Slack
Powered by
This message was deleted.
# puppet-enterprise
s
This message was deleted.
c
Correct. Location of the key is configurable, and the key is somewhat highly sensitive and might be something that you would prefer to restrict to just the provisioning process that sets up new VMs that will eventually host compilers. But, you could write a profile that manages the key as a 
file
resource. But, that can lead to wanting to store the eyaml key in eyaml which makes it easy to set up a circular dependency... ...which is all fine when it works and BITES YOU HARD when there is a problem.
TL/DR compartmentalizing management of this key into a separate process (like a Bolt task) that exists outside of PE might be good 😉
t
one can use the file resource type and specify content => file(<path, file to key on puppetserver>),
Open in Slack
PreviousNext
Powered by