Skip to content

Commit

Permalink
Merge pull request #295 from puppetlabs/maint-add_readme_disclaimer
Browse files Browse the repository at this point in the history 
(maint) - Add disclaimer for script block logging
  • Loading branch information
@david22swan
david22swan authored Aug 15, 2024
2 parents d424f92 + 6b0acab commit 3adb824
Showing 1 changed file with 4 additions and 2 deletions.
6 changes: 4 additions & 2 deletions src/Puppet.Dsc/internal/functions/Get-ReadmeContent.ps1
View file
Original file line number Diff line number Diff line change
Expand Up @@ -281,13 +281,15 @@ For specific information on troubleshooting a generated module, check the [troub
## Known Limitations
Currently, because of the way Puppet caches files on agents, use of the legacy [``puppetlabs-dsc``]($LegacyDscForgePage) module is **not** compatible with this or any auto-generated DSC module.
* Currently, because of the way Puppet caches files on agents, use of the legacy [``puppetlabs-dsc``]($LegacyDscForgePage) module is **not** compatible with this or any auto-generated DSC module.
Inclusion of both will lead to pluginsync conflicts.
Right now, if you have the same version of a PowerShell module with class-based DSC Resources in your PSModulePath as vendored in a Puppetized DSC Module,
* Right now, if you have the same version of a PowerShell module with class-based DSC Resources in your PSModulePath as vendored in a Puppetized DSC Module,
you cannot use those class-based DSC Resources from inside of Puppet due to a bug in DSC which prevents using a module by path reference instead of name.
Instead, DSC will see that there are two DSC Resources for the same module and version and then error out.
* When PowerShell [Script Block Logging](https://learn.microsoft.com/en-us/powershell/module/microsoft.powershell.core/about/about_logging_windows?view=powershell-7.4#enabling-script-block-logging) is enabled, data marked as sensitive in your manifest may appear in these logs as plain text. It is **highly recommended**, by both Puppet and Microsoft, that you also enable [Protected Event Logging](https://learn.microsoft.com/en-us/powershell/module/microsoft.powershell.core/about/about_logging_windows?view=powershell-7.4#protected-event-logging) alongside this to encrypt the logs to protect this information.
### Configuring the LCM
In order for a Puppetized DSC module to function, the DSC Local Configuration Manager (LCM) ``RefreshMode`` must be set to either ``Push`` or ``Disabled``.
Expand Down

0 comments on commit 3adb824

Please sign in to comment.