Project

General

Profile

Actions

Bug #16280

closed

Bug #11917: No compliance from a Rule with only one Directive (from a technique created in the editor) when the Directive is also applied in another Rule

Bug #16232: Directive based on a multivalued technique are not marked overriden

Directives appears both skipped and enforce

Added by François ARMAND about 5 years ago. Updated about 5 years ago.

Status:
Released
Priority:
N/A
Category:
Web - Compliance & node report
Target version:
Severity:
Major - prevents use of part of Rudder | no simple workaround
UX impact:
User visibility:
Getting started - demo | first install | Technique editor and level 1 Techniques
Effort required:
Very Small
Priority:
98
Name check:
Reviewed
Fix check:
Error - Fixed
Regression:

Description

Following parent ticket, we now have rules with both skipped and enforce directive, and now I sometimes (not sure why/how) get a variation of #16185.
See screenshot.


Files


Subtasks 2 (0 open2 closed)

Bug #16293: Skipped directives are not displayed anymore - againRejectedFrançois ARMANDActions
Bug #16310: Directive skipped in several place appear duplicatedReleasedNicolas CHARLESActions

Updated by François ARMAND about 5 years ago

The problem is that I changed naming convention and the rule with the fewer nodes got first. If it goes second as it was in other case, it's ok (see other screenshots).

So in the case where the rule with fewer nodes is before the one with more node, I think we want to have both rules with "enforce" (and no skipped anywhere).

Actions #2

Updated by François ARMAND about 5 years ago

  • Status changed from New to In progress
Actions #3

Updated by François ARMAND about 5 years ago

So, the problem is that we have the logic: "if that rule/directive is overriden AND the override is not current rule, print 'skipped'". This logic correct #16185 when the set of nodes with overrides is fully included in the set of node for that rules.

Now we have the case where:

- rule1/dir1 on node 1
- rule2/dir1 on node 1, 2

From rule1:

- dir 1 enforced (because rule1 more prio than rule2)

From rule2:

- dir 1 enforced (because it's on node 2)
- dir 1 skipepd (because it's on node 1 and node1 has rule1/dir1 and rule1 != rule2)

So the logic should be: skipped only directive that are not in the rule in enforce (or audit) at the end.

Actions #4

Updated by François ARMAND about 5 years ago

  • Status changed from In progress to Pending technical review
  • Assignee changed from François ARMAND to Nicolas CHARLES
  • Pull Request set to https://github.com/Normation/rudder/pull/2636
Actions #5

Updated by François ARMAND about 5 years ago

  • Status changed from Pending technical review to Pending release
Actions #6

Updated by François ARMAND about 5 years ago

  • Fix check changed from To do to Error - Blocking
Actions #7

Updated by François ARMAND about 5 years ago

  • Fix check changed from Error - Blocking to Error - Fixed
Actions #8

Updated by Alexis Mousset about 5 years ago

  • Name check changed from To do to Reviewed
Actions #9

Updated by Vincent MEMBRÉ about 5 years ago

  • Status changed from Pending release to Released

This bug has been fixed in Rudder 5.0.15 which was released today.

Actions

Also available in: Atom PDF