# require 'open3'

Puppet::Functions.create_function(:pass) do
  dispatch :method do
    param 'String', :path
    optional_param 'String', :salt
  end

  def method(path, salt = path)
    # Salt was an attempt to not regenerate the entry every run.
    # This however failed, since the command is still run, and puppet
    # doesn't diff betwen runs
    # -salt #{salt}
    #
    # TODO fetch passwords in some slightly more portable way
    `openssl passwd -apr1 $(sudo -Hu hugo pass #{path})`
    # Open3.popen3("sudo -Hu hugo pass #{path}") do |stdin, stdout, stderr, thread|
    #   stdout.read.chomp
    # end
  end
end