The host is provisioned using some other automation tool, then when it comes up, it runs puppet agent. Puppet agent makes cert sign request (at which point csr file is created on puppet server).
Puppet server doesn't have this host in autosign.conf, so doesn't automatically sign the cert. And this is where incron kicks in and runs my script. The script queries the provisioning tool, sees that the host is in there, and runs puppet cert sign command.
Puppet server doesn't have this host in autosign.conf, so doesn't automatically sign the cert. And this is where incron kicks in and runs my script. The script queries the provisioning tool, sees that the host is in there, and runs puppet cert sign command.