Actions
Bug #25770
closedOverride audit/enforce mode does not work with iterator
Pull Request:
Severity:
UX impact:
User visibility:
Effort required:
Priority:
0
Name check:
To do
Fix check:
Checked
Regression:
No
Description
When we use an iterator, the override for audit or enforce is only applied for the 1st element, but not the subsequent
The generate code is as follow
bundle agent call_ensure_unchanged_files_6bd0b06f_1564_4b0d_aeb0_b01aea6870e9(c_name, c_key, report_id, args, class_prefix, method_call_condition, source, path) { methods: "6bd0b06f-1564-4b0d-aeb0-b01aea6870e9_${report_data.directive_id}" usebundle => _method_reporting_context_v4("${c_name}", "${c_key}", "${report_id}"); "6bd0b06f-1564-4b0d-aeb0-b01aea6870e9_${report_data.directive_id}" usebundle => push_dry_run_mode("true"); "6bd0b06f-1564-4b0d-aeb0-b01aea6870e9_${report_data.directive_id}" usebundle => file_from_local_source("${source}", "${path}"), if => "${method_call_condition}"; "6bd0b06f-1564-4b0d-aeb0-b01aea6870e9_${report_data.directive_id}" usebundle => pop_dry_run_mode(); "6bd0b06f-1564-4b0d-aeb0-b01aea6870e9_${report_data.directive_id}" usebundle => _classes_noop(canonify("${class_prefix}_file_from_local_source_${c_key}")), unless => "${method_call_condition}"; "6bd0b06f-1564-4b0d-aeb0-b01aea6870e9_${report_data.directive_id}" usebundle => log_rudder("Skipping method 'File from local source' with key parameter '/opt/files_backup${list_unchanged_files.file}' since condition 'user_privileges_is_user_root' is not reached", "/opt/files_backup${list_unchanged_files.file}", canonify("${class_prefix}_file_from_local_source_${c_key}"), canonify("${class_prefix}_file_from_local_source_${c_key}"), @{args}), unless => "${method_call_condition}"; }
The part driving the override are the two lines
"6bd0b06f-1564-4b0d-aeb0-b01aea6870e9_${report_data.directive_id}" usebundle => push_dry_run_mode("true") "6bd0b06f-1564-4b0d-aeb0-b01aea6870e9_${report_data.directive_id}" usebundle => pop_dry_run_mode();
With an iterator, the bundle is evaluated several time, and so the push and pop are done only once, as in the next passage in the bundle the agent assumes it has already done it
Adding the c_key or args as a comment for push and pop would cover most of the cases (or something similar)
Updated by Félix DALLIDET about 2 months ago
- Priority changed from N/A to 1 (highest)
Updated by Alexis Mousset about 2 months ago
- Status changed from New to In progress
- Assignee set to Alexis Mousset
Updated by Alexis Mousset about 2 months ago
- Status changed from In progress to Pending technical review
- Assignee changed from Alexis Mousset to Félix DALLIDET
- Pull Request set to https://github.com/Normation/rudder/pull/5982
Updated by Alexis Mousset about 2 months ago
- Status changed from Pending technical review to Pending release
Applied in changeset rudder|2820409732bc983ec2d4cdf88ea845464b2e6296.
Updated by Alexis Mousset about 1 month ago
- Fix check changed from To do to Checked
Updated by Vincent MEMBRÉ about 1 month ago
- Status changed from Pending release to Released
This bug has been fixed in Rudder 8.1.8 and 8.2.1 which were released today.
Actions