Our plan for eyaml is that operations owns and protects the private key. So developers only have access to the public key and after creating new encrypted values cannot decrypt them. Unless I'm missing something, developers won't be able to use 'eyaml edit' because it requires the private key. As far as I can tell, the workflow in developer space is...
> eyaml -s [string you want encrypted] Then paste the ENC[] text into the .eyaml file and save it back to the git repo. That's a reasonably tight workflow, I'm just wondering if I missed a better one. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/cc11484e-2def-40ad-9dd4-4b8c2ac528e2%40googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
