Bug #16280
closedBug #11917: No compliance from a Rule with only one Directive (from a technique created in the editor) when the Directive is also applied in another Rule
Bug #16232: Directive based on a multivalued technique are not marked overriden
Directives appears both skipped and enforce
Description
Following parent ticket, we now have rules with both skipped and enforce directive, and now I sometimes (not sure why/how) get a variation of #16185.
See screenshot.
Files
Updated by François ARMAND about 5 years ago
- File 2019-11-27_15.23.09-Rudder_-_Rules_Management.png 2019-11-27_15.23.09-Rudder_-_Rules_Management.png added
- File 2019-11-27_15.22.56-Rudder_-_Rules_Management.png 2019-11-27_15.22.56-Rudder_-_Rules_Management.png added
- Severity set to Major - prevents use of part of Rudder | no simple workaround
- User visibility set to Getting started - demo | first install | Technique editor and level 1 Techniques
- Effort required set to Very Small
- Priority changed from 0 to 98
The problem is that I changed naming convention and the rule with the fewer nodes got first. If it goes second as it was in other case, it's ok (see other screenshots).
So in the case where the rule with fewer nodes is before the one with more node, I think we want to have both rules with "enforce" (and no skipped anywhere).
Updated by François ARMAND about 5 years ago
- Status changed from New to In progress
Updated by François ARMAND about 5 years ago
So, the problem is that we have the logic: "if that rule/directive is overriden AND the override is not current rule, print 'skipped'". This logic correct #16185 when the set of nodes with overrides is fully included in the set of node for that rules.
Now we have the case where:
- rule1/dir1 on node 1
- rule2/dir1 on node 1, 2
From rule1:
- dir 1 enforced (because rule1 more prio than rule2)
From rule2:
- dir 1 enforced (because it's on node 2)
- dir 1 skipepd (because it's on node 1 and node1 has rule1/dir1 and rule1 != rule2)
So the logic should be: skipped only directive that are not in the rule in enforce (or audit) at the end.
Updated by François ARMAND about 5 years ago
- Status changed from In progress to Pending technical review
- Assignee changed from François ARMAND to Nicolas CHARLES
- Pull Request set to https://github.com/Normation/rudder/pull/2636
Updated by François ARMAND about 5 years ago
- Status changed from Pending technical review to Pending release
Applied in changeset rudder|376d6ea0cbfeaf0b64a7f79ea3ab1613a0566b3b.
Updated by François ARMAND about 5 years ago
- Fix check changed from To do to Error - Blocking
Updated by François ARMAND about 5 years ago
- Fix check changed from Error - Blocking to Error - Fixed
Updated by Alexis Mousset about 5 years ago
- Name check changed from To do to Reviewed
Updated by Vincent MEMBRÉ about 5 years ago
- Status changed from Pending release to Released
This bug has been fixed in Rudder 5.0.15 which was released today.