Architecture #11858
closed
Add common pre- and post- agent run action triggered by technique logic
Description
We would like to have some cfengine code shared between more than one version of a technique. This is needed to be able to "merge" common action like restarting a service if its config file was updated, or execute a command to get a common information.
For example we would have 3 versions of technique A :- A/v1/code.st
- A/v1/common.st
- A/v2/code.st
- A/v2/common.st
- A/v3/code.st
- A/v3/common.st
- A/v1/code.st
- A/v2/code.st
- A/v2/common.st
To generate the final content.
After some thought on it (see comments), the chosen solution is to add a notion of run-hooks implemented like that:
- in metadata.xml, we add an optionnal section in <AGENT> with the following parameters: pre or post hook, hook type (service restart, command, variable from command, package), parameters (a list of k/value), condition (a class expression)
- during generation, on a given node, we:
- accumulate pre (post) hooks which differ on type or parameters
- merge (i.e: accumulate reportid, "or" condition) hooks with same type / parameters
- we add the resulting pre (post) hooks in the bundle sequence by mapping them to the corresponding method calls
Note: reports are for all directive registering for a hook. It makes no sense to have a report for only one directive (because in that case, it is not a common code, it's some code specific to one directive that should be defined in the directive logic)
Updated by Nicolas CHARLES over 6 years ago
- Related to User story #11851: Port techniques to multi-versionned format added
Updated by
Updated by François ARMAND over 6 years ago
Some more precisions:
- this a pre-hook / post-hook general mecanism, need to factor out common actions that need to be done only one time, for a run, for all the directives from the same technique (OR for the whole run for all techniques ?)
- examples are:
- restart a service if it was modified during the run
- visudo edit and replace in one go (NOTE: it may be more logic to have only atomic visudo)
- get all package repository keys (because extremelly long)
- update package list (or any other long running process that need to be done only time per run, and even must be done only one time to have some consistency along the run)
Updated by François ARMAND over 6 years ago
Thought iteration +1:
- in fact, we just need a to had a pre-trigger and post-trigger. The triggers come from a new technique standard file, named "action-triggers.json".
- the action-triggers.json contains pre- and post- hook registration
- a hook line is composed of a hook type (service restart, command execution, etc), a condition (a class expression), list of reportIds, and some parameters,
- on node policy generation, we merge all pre- and post-hooks for a node, with some merging logic:
- for a some hook type, with same parameters, we OR class condition and |+| reportId,
- we add the pre- and post- code logic in the standard system bundle list
Updated by François ARMAND over 6 years ago
- Subject changed from Have monoinstance code in multiversioned technique to Add common pre- and post- agent run action triggered by technique logic
Change title.
I'm not sur that pre- and post- are the correct terms, it is really begin- and end- run action.
Updated by François ARMAND over 6 years ago
- Related to Architecture #11940: Warn if an "uniqueVariable" is found in a technique added
Updated by François ARMAND over 6 years ago
- Description updated (diff)
- Category set to Web - Config management
- Assignee set to François ARMAND
- Target version set to 4.3.0~beta1
Full solution for that problem:
- we need to add a couple of optionnal json file to keep pre-/post-run hooks definition, and use it in technique parsing and policy generation: this ticket with updated description.
- for each hook "kind", we need a corresponding "hook_action-name" ncf method: #11857
- and then, we need to finish #11851 with the correct addition of hooks.
Updated by François ARMAND over 6 years ago
In fact, it is more logical to put the information into metadata.xml in place of new ad-hoc json files, since we won't use the same format agent-side. See updated ticket description for details.
Updated by François ARMAND over 6 years ago
- Status changed from New to In progress
Updated by François ARMAND over 6 years ago
We forgot to manage the case where we have two directive with the same hook/parameters (say, "service-restart"), one in "enforce" and the other in "audit".
In that case, we need to "enforce" the restart, but the reporting for the audit directive will be broken (not expecting a change).
So, we need to not only give the reportIds but also the corresponding policy mode (and the method implementation will have to do the case matching when writting reports).
Updated by François ARMAND over 6 years ago
- Status changed from In progress to Pending technical review
- Assignee changed from François ARMAND to Vincent MEMBRÉ
- Pull Request set to https://github.com/Normation/rudder/pull/1834
Updated by François ARMAND about 6 years ago
- Status changed from Pending technical review to Pending release
Applied in changeset rudder|d26ca88ff3d699dff65ba2ed1029b40d44cced1e.
Updated by Vincent MEMBRÉ about 6 years ago
- Status changed from Pending release to Released
This bug has been fixed in Rudder 4.3.0~beta1 which was released today.
- 4.3.0~beta1: Announce Changelog
- Download: https://www.rudder-project.org/site/get-rudder/downloads/