Project

General

Profile

Actions

Architecture #12179

closed

Architecture #11858: Add common pre- and post- agent run action triggered by technique logic

Pre-/Post-run hook format evolution

Added by François ARMAND about 6 years ago. Updated about 6 years ago.

Status:
Released
Priority:
N/A
Category:
Web - Config management
Target version:
Effort required:
Name check:
Fix check:
Regression:

Description

Now that we are further on the way, we discover that the current proposal doesn't allow to implement complex pre-run hooks.

Typically, we have in some case in ONE pre-hook:

  • several classes matche used to chose a list of commands,
  • then, the list of command is executed to raise new clases,
  • test for file existense or content and yield more classes,
  • based on the final set of classes, build a new command,
  • execute the final command once.

Moreover, the JSON content for reporting is missing basic information:

  • the technique name,
  • the component name to use for the hook,
  • the component value to use (or None).

Base on that, we think that we need:

  • to evolve the hook XML for technique metadata (see below),
  • to evolve JSON output to add in the "reports" parameter the missing values (see ex below).
  • to make hook be bundles, and not only generic method. A hook bundle must be out of a technique, because it may be use by several version of a technique (or even several techniques). That "hook bundle library" would be defined in parallel of Techniques, and distributed in each node (nothing private on it, and it will be rather small, with low-frequency evolution).
  • simple, generic method-like, hook bundle will be part of that library for the most common needs (typically, service restart, package install). That wrapping bundle will also allows to cleanly manage reporting for the hook (typically, we want a pre-hook to report a specific component value on a service restart different than the one automatically provided by the corresponding generic method),
  • with that evolution, the general "condition" parameter of the hook is no more useful. For complexe condition management like the one exposed in introduction, it will be the responsability of the bundle to know what to do in which case. And in generic, simple hook bundle, "condition" can be a parameter.
  • we need to choose a naming convention for the hook bundle (to have some kind of namespacing). We propose for now "run_hook_".

New metadata for hooks:

      <PRE bundle="runhook_package" >
        <report name="check_visudo_installed" value="ok"/> // value optionnal, if missing => "None" 
        <PARAMETER name="package" value="visudo"/>
        <PARAMETER name="condition" value="debian"/>
        ... more parameters ...
      </PRE>

New output:

    "pre-run-hook"  usebundle => run_hook_package(json)
    ....
    "post-run-hook" usebundle => run_hook_myTechniqueComplexeHook(json)

    Where json is:
    {
      "parameters": { "package": "visudo", "condition": "debian", ... }
    , "reports"   : [ 
        { "id": "report id" , "mode": "audit"  , "technique":"some technique", "name":"check_visudo_installed", "value":"ok" }
      , { "id": "report id" , "mode": "enforce", "technique":"some technique", "name":"check_visudo_installed", "value":"ok" }
      , ... 
      ]
    }
Actions #1

Updated by François ARMAND about 6 years ago

  • Description updated (diff)
Actions #2

Updated by François ARMAND about 6 years ago

  • Description updated (diff)
Actions #3

Updated by François ARMAND about 6 years ago

  • Description updated (diff)
Actions #4

Updated by François ARMAND about 6 years ago

  • Status changed from New to In progress
Actions #5

Updated by François ARMAND about 6 years ago

  • Status changed from In progress to Pending technical review
  • Assignee changed from François ARMAND to Vincent MEMBRÉ
  • Pull Request set to https://github.com/Normation/rudder/pull/1866
Actions #6

Updated by Rudder Quality Assistant about 6 years ago

  • Assignee changed from Vincent MEMBRÉ to François ARMAND
Actions #7

Updated by François ARMAND about 6 years ago

  • Status changed from Pending technical review to Pending release
Actions #8

Updated by Vincent MEMBRÉ about 6 years ago

  • Status changed from Pending release to Released

This bug has been fixed in Rudder 4.3.0~rc1 which was released today.

Actions

Also available in: Atom PDF