I’d like to use kafo for an installer based on puppet modules, works fine. But I do not understand how kafo handles random passwords e.g. database passwords.
In my puppet manifest I use extlib::cache and random to generate random passwords and it works correct. I took a look at the foreman-installer but that didn’t help.
There is a limitation that kafo can’t really parse Puppet code. There’s some naive parsing:
However, puppet-strings gives a raw value. So a string shows up as "mystring". It has known limitations, like not being able to interpret [] as an array. It ends up being interpreted as "[]", so a string that contains []. This leads to Bug #31565: Validation of array's as static parameters on a class is incorrectly handled - Kafo - Foreman but there’s more ways this can manifest itself. Another is $facts['myfact'] which is also not properly understood.
We’ve always worked around this by creating params.pp and inheriting. Perhaps not so pretty, but patches welcome.
Code wise that looks like it should work. Do you also have the code to the actual installer? I also wonder if there’s something weird in your answers file.