-
Notifications
You must be signed in to change notification settings - Fork 29
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fixes #33733 - generate key for db encryption #235
Conversation
I'll write a test for this, but wanted to get some initial impressions |
3bae9d6
to
ff245a8
Compare
not sure if there's more to test here, but i added a test |
Co-authored-by: Ewoud Kohl van Wijngaarden <ewoud@kohlvanwijngaarden.nl>
🟢 i don't have merge access |
I previously took a stab at this with #205 , using a puppet function to wrap Ruby's |
Does the file resource require Is the key visible in puppet logs when the exec resource is evaluated? |
Good question, if I look at the test output:
|
sorry @wbclark didn't realize you had been working on this! |
This does bring a good point. We should set umask on exec so there isn't a short window where it is world readable. |
No description provided.