Using puppet to manage certificates (not SSL certificates) on Windows - how to pass argument to powershell exec?

[Omer Levi Hevroni]

Hey,

I am trying to use puppet to manage certificates on Windows Nodes. The certificates are used to authenticate to Azure Active Directory. So far I was able to use eyaml to encrypt the certificate and store it in hiera. I am struggling now with how to install it. I noticed there is an existing module to manage SSL certificates, but it is not exactly what I need. So I tried to create my own implementation using the Powershell module. It was pretty easy, except the part of passing parameters to the exec. I tried something like the following:

exec { 'Install Certificate':

    command   => file('activedirectory_certificates_windows/install_certificate.ps1'),

    environment => ({

      'CertLocation' => "c:\ProgramData\AzureCertificates\prodhome1service-teamcity.pfx",

      'CertPassword' => $prodhome1service_teamcity_password,

      'StoreName' => "My",

      'StoreLocation' => "LocalMachine"}),

    unless    => file('activedirectory_certificates_windows/check_certificate.ps1'),

    provider  => powershell,

  }here...

But this is not working - failed with the following error: Invalid Environment Setting. I googled it a bit, and it seem that my best option is to use template for this (this is what the SSL Certificate module does), but it also mean I have to clean up after the module execute successfully. I saw a few threads regarding support for parameters to powershell scripts, but nothing seems like it is working. 

So, my question is - is there a way to pass a parameters to Powershell script using this module?

Thanks,

Omer