hiera icon indicating copy to clipboard operation
hiera copied to clipboard
verified publisher icon lyraproj

Sensitive data encryption or Eyaml support?

Open Jinkxed opened this issue 5 years ago • 14 comments

Was looking at possibly using this instead of the gem counterpart. Love the direction so far, but think I'm blocked as we use eyaml as a way of encrypting secrets.

Do you have a mechanism that accomplishes this or is there plans to support such a plugin?

Jinkxed avatar Feb 03 '20 16:02 Jinkxed

Hi @sc-chad

We have an in-house implementation of hiera-yeaml plugin that works with this server, my original plan was to opensource it, but we had to make architecture decisions which may or may not be optimal for the community.

So, what i'm saying is that I would love to start an interest group to talk through use-cases and maybe then we can work together to shape the plugin.

flashvoid avatar Feb 03 '20 21:02 flashvoid

@flashvoid Would absolutely love to have this conversation. I have an interesting workflow using hiera with https://github.com/cststack/k8comp that leverages the eyaml plugin.

Would love to see a set of golang plugins with this workflow or other use cases surrounding it.

Jinkxed avatar Feb 03 '20 22:02 Jinkxed

@flashvoid @sc-chad @hbuckle feel free to join our #cloudnative channel on Slack puppetcommunity.slack.com. It's intended for conversations such as this.

thallgren avatar Feb 03 '20 22:02 thallgren

don't have a @puppet.com or @puppetlabs.com email, how can i get an invite?

flashvoid avatar Feb 03 '20 22:02 flashvoid

puppetcommunity.slack.com is open to everyone. You shouldn't need an invite.

thallgren avatar Feb 03 '20 22:02 thallgren

Tried a few different ways and different emails - wasn't able to login.

Jinkxed avatar Feb 03 '20 22:02 Jinkxed

"Don't have an @puppetlabs.com or @puppet.com email address? Contact your Workspace Administrator for an invitation."

flashvoid avatar Feb 03 '20 22:02 flashvoid

Can you please send your email addresses to me at [email protected] and I'll see if I can invite you.

thallgren avatar Feb 03 '20 22:02 thallgren

Turns out I'm supposed to be sending anyone interested in joining our community slack to https://slack.puppet.com where you can get your invite yourself.

thallgren avatar Feb 04 '20 07:02 thallgren

That worked - thanks!

Jinkxed avatar Feb 04 '20 15:02 Jinkxed

I know this conversation moved to slack but I don't recall the outcome - @sc-chad did you get a path forward?

ahpook avatar Apr 23 '20 16:04 ahpook

I didn't see the conversation in slack. I had to abandon it until I can revisit it.

I'd still love to see a go version of the eyaml plugin and I'd really really love to see a go version of https://github.com/cststack/k8comp which is a helm plugin that utilizes hiera/hiera-eyaml.

Very very much appreciate you following up.

Jinkxed avatar Apr 23 '20 16:04 Jinkxed

Did you guys ever release your internal eyaml plugin?

Jinkxed avatar Sep 03 '20 13:09 Jinkxed

Two years later and I'd still love to see an eyaml plugin :)

Jinkxed avatar Feb 08 '22 14:02 Jinkxed