Puppet Plan: secure_env_vars

Defined in:
plans/init.pp

Overview

Run a command or script with sensitive environment variables. Environment variables are loaded from the BOLT_ENV_VARS environment variable, which is a JSON object mapping environment variable names to values.

Parameters:

  • targets (TargetSpec)

    The targets to run the command or script on.

  • command (Optional[String]) (defaults to: undef)

    The command to run.

  • script (Optional[String]) (defaults to: undef)

    The script to run. This can be either a relative path, absolute path, or a file from a module.



8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
 
# File 'plans/init.pp', line 8

plan secure_env_vars(
  TargetSpec       $targets,
  Optional[String] $command = undef,
  Optional[String] $script  = undef
) {
  unless type($command) == Undef or type($script) == Undef {
      fail_plan('Cannot specify both script and command for secure_env_vars')
  }

  $bolt_env_vars = system::env('BOLT_ENV_VARS')

  $env_vars = if $bolt_env_vars {
                parsejson($bolt_env_vars)
              }
              else {
                {}
              }

  return if $command {
           run_command($command, $targets, '_env_vars' => $env_vars)
         }
         elsif $script {
           run_script($script, $targets, '_env_vars' => $env_vars)
         }
         else {
           fail_plan('Must specify either script or command for secure_env_vars')
         }
}