Better to condition on HSM use than envrironment, SC-2670

global/overlay/etc/puppet/modules/eid/manifests/connector.pp

@@ -41,7 +41,8 @@ class eid::connector (
       content => template("eid/connector/application-${environment}.yml.erb")
     }
 
-    if ($environment == 'qa') {
+    # If we dont use HSM, we need the keys on disk
+    if (unless $use_hsm) {
       sunet::snippets::secret_file {"${connector_directory}/credentials/metadata.key":
         hiera_key => 'eidas_metadata_key',
         base64    => true