Project

General

Profile

Bug #12324

Root server can be disable with node lifecycle "ignore" "set empty policies"

Added by Nicolas CHARLES 9 months ago. Updated 8 months ago.

Status:
Released
Priority:
N/A
Category:
Server components
Target version:
Severity:
User visibility:
Effort required:
Priority:
0
Tags:

Description

We can disable the policies for Rudder Root server - so no new policies will be set, and so new nodes cannot fetch their policies
We ought to have some kind on limits on what state can be put on the Root Server

Associated revisions

Revision 259b1047 (diff)
Added by François ARMAND 8 months ago

Fixes #12324: Root server can be disable with node lifecycle \"ignore\" \"set empty policies\"

History

#1 Updated by Vincent MEMBRÉ 9 months ago

  • Target version changed from 4.3.0~rc2 to 4.3.0~rc3

#2 Updated by François ARMAND 8 months ago

  • Tags set to Blocking 4.3
  • Subject changed from We can ignore or set empty policies for Rudder Root server, which is probably not what we want to Root server can be disable with node lifecycle "ignore" "set empty policies"
  • Assignee set to François ARMAND

In fact, we should not be able to change root server lifecycle at all.

#3 Updated by François ARMAND 8 months ago

  • Status changed from New to In progress

#4 Updated by Vincent MEMBRÉ 8 months ago

  • Target version changed from 4.3.0~rc3 to 4.3.0

#5 Updated by François ARMAND 8 months ago

  • Status changed from In progress to Pending technical review
  • Assignee changed from François ARMAND to Vincent MEMBRÉ
  • Pull Request set to https://github.com/Normation/rudder/pull/1894

#6 Updated by François ARMAND 8 months ago

I think we should keep the possibility to change lifecycle for other policy servers or rudder component.
At least, for realy servers, we must have it. We want to be able to keep only system policy on a relay (to make it works as a relay even if a user rule is not correct), or disable it, or whatever.
For Rudder component, it is less clear, but I don't see real problem on keeping it.

#7 Updated by Normation Quality Assistant 8 months ago

  • Assignee changed from Vincent MEMBRÉ to François ARMAND

#8 Updated by François ARMAND 8 months ago

  • Status changed from Pending technical review to Pending release

#9 Updated by Alexis MOUSSET 8 months ago

  • Status changed from Pending release to Released

This bug has been fixed in Rudder 4.3.0 which was released today.

Also available in: Atom PDF