| Puppet Version:
Puppet Server Version:
OS Name/Version: When encrypting a file that has a newline at the end (e.g. a openssh private key) the file is missing the newline when decrypted. in a puppet module we create a file resource with some content, passed in from hiera.
file { "path/to/file": |
content => $content |
} |
|
where the content is encrypted
# private.eyaml |
--- |
enc_file: ENC[PKCS7,Y22exl+O...] |
... |
# common.yaml |
my_module::content: "%{lookup('enc_file')}"
|
Desired Behavior: The newline of encrypted content should not be removed. Actual Behavior: The newline in the encrypted file gets removed. Potential Fix: I think the issue is by either the eyaml parser to emit an extra NonMatchToken or the eyaml_lookup_key function to join the trailing NonMatchToken. Removing chomp shows tests failing because of an extra newline. When filtering out NonMatchTokens and then join the tokens, tests are still green, and the encrypted file will keep its newline.
diff --git a/lib/puppet/functions/eyaml_lookup_key.rb b/lib/puppet/functions/eyaml_lookup_key.rb |
index 5fbae35b3a..321aa191fb 100644 |
--- a/lib/puppet/functions/eyaml_lookup_key.rb |
+++ b/lib/puppet/functions/eyaml_lookup_key.rb |
@@ -87,7 +87,7 @@ Puppet::Functions.create_function(:eyaml_lookup_key) do |
Hiera::Backend::Eyaml::Options.set(options) |
begin |
tokens = Hiera::Backend::Eyaml::Parser::ParserFactory.hiera_backend_parser.parse(data) |
- data = tokens.map(&:to_plain_text).join.chomp |
+ data = tokens.select{|token| not token.kind_of? Hiera::Backend::Eyaml::Parser::NonMatchToken}.map(&:to_plain_text).join |
rescue StandardError => ex |
raise Puppet::DataBinding::LookupError, |
_("hiera-eyaml backend error decrypting %{data} when looking up %{key} in %{path}. Error was %{message}") % { data: data, key: key, path: options['path'], message: ex.message }
|
|
