我使用hiera加密了密码:
// Promises way
const promises = service.getManifest().map(url => new HeaderService(url).doSomething().toPromise());
Promise.all(promises).then(.....
// Observable way
import { forkJoin } from 'rxjs';
...
const observables = service.getManifest().map(url => new HeaderService(url).doSomething());
forkJoin(observables).subscribe(result => ....
但是在节点上,运行dsc_xADUser {'FirstUser':
dsc_ensure => 'present',
dsc_domainname => 'ad.contoso.com',
dsc_username => 'tfl',
dsc_userprincipalname => 'tfl@ad.contoso.com',
dsc_password => {
'user' => 'tfl@ad.contoso.com',
'password' => Sensitive(lookup('password'))
},
dsc_passwordneverexpires => true,
dsc_domainadministratorcredential => {
'user' => 'Administrator@ad.contoso.com',
'password' => Sensitive(lookup('password'))
},
}
时,密码在代理输出和目录JSON文件中显示为纯文本。
我还尝试了node_encrypt(lookup('password')),然后获取了加密密码的内容(很好),而Windows则抱怨密码不符合密码复杂性(因为它试图设置密码,所以很糟糕)所有下面的密码)
agent -t -vhiera配置:
'password' = '-----BEGIN PKCS7-----
MIIMyQYJKoZIhvcNAQcDoIIMujCCDLYCAQAxggKdMIICmQIBADCBgjB9MXsweQYD
VQQDDHJQdXBwZXQgRW50ZXJwcmlzZSBDQSBnZW5lcmF0ZWQgb24gbXlwdXBwZXQt
eGwwZGJ5a212Z2xrYnl2eS5ldS13ZXN0LTEub3Bzd29ya3MtY20uaW8gYXQgKzIw
MTgtMTEtMDIgMTQ6MDQ6MDAgKzAwMDACAQUwCwYJKoZIhvcNAQEBBIICABkJDfGb
4CdHUntrVR1E......
编辑:刚刚发现this,似乎是已解决的问题,仅与Windows有关
更新:我设法将p配置为不在Windows客户端上缓存目录文件(将---
version: 5
defaults:
datadir: data
data_hash: yaml_data
hierarchy:
- name: "Eyaml hierarchy"
lookup_key: eyaml_lookup_key # eyaml backend
paths:
- "nodes/%{trusted.certname}.yaml"
- "windowspass.eyaml"
options:
pkcs7_private_key: "/etc/puppetlabs/puppet/keys/private_key.pkcs7.pem"
pkcs7_public_key: "/etc/puppetlabs/puppet/keys/public_key.pkcs7.pem"
添加到Windows上的p配置文件中,因此我将其用作“解决方法”,似乎无法从中删除密码)代理调试输出