Bug #26232
open
Compliance : Directive displayed as Enforce when running in Audit mode
Description
In the attached screenshot :
- Server's global policy mode is Enforce
- Directive's mode is Global (Enforce)
- Node's mode is Audit, which overrides global policy
On the node's compliance :
- Rule “Rudder Agent upgrade - Debian family” is rightly showed as running in Audit mode
- But the “Upgrade Rudder agent on Debian and Ubuntu families” directive is wrongly showed as being in Enforce mode
- However the internal components of the directive are properly showed producing Audit mode results.
Files
| Audit_enforce_audit.png (135 KB) Audit_enforce_audit.png | Directive displayed as Enforce when running in audit | ||
| Screenshot from 2025-01-23 17-54-57.png (165 KB) Screenshot from 2025-01-23 17-54-57.png |
Updated by François ARMAND about 1 month ago
- Assignee set to Clark ANDRIANASOLO
- Priority changed from To review to 1 (highest)
We need to be sure that kind of bug can't happen.
If it's located in the compliance mode part, we need to extend the unit test framework so that it doesn't happen.
If it's in elm, it must not be computed there: this is a complexe business info, it must be obtained from backend and API changed so that it's possible. If it's just a UI quirk, lets fix it and try to think how make it impossible to happen by construction.
Updated by Clark ANDRIANASOLO about 1 month ago
· Edited
The policy mode returned by the API is "default", so this is likely a display issue, the "default" should really not be returned in any compliance API response, because computation is a backend logic.
Updated by Clark ANDRIANASOLO about 1 month ago
- Status changed from New to In progress
Updated by Clark ANDRIANASOLO about 1 month ago
- Status changed from In progress to Pending technical review
- Assignee changed from Clark ANDRIANASOLO to François ARMAND
- Pull Request set to https://github.com/Normation/rudder/pull/6143
Updated by Michel BOUISSOU 26 days ago
Seen also the other way round :
- Server in global mode audit
- Nodes manually put in enforce
- Directives in “global” mode are then enforced and rightgully displayed as such in compliance
- If a single directive in a rule is passed to Audit mode
- Compliance displays the whole rule and all of its directives as “AUDIT”, even the ones that run in enforce mode.
- However they stil perform enforce, but even their compliance report details are reported as audit.
Updated by François ARMAND 24 days ago
- Status changed from Pending technical review to In progress
Updated by François ARMAND 24 days ago
- Assignee changed from François ARMAND to Clark ANDRIANASOLO
Updated by Clark ANDRIANASOLO 24 days ago
- Status changed from In progress to Pending technical review
- Assignee changed from Clark ANDRIANASOLO to François ARMAND
Updated by François ARMAND 17 days ago
- Assignee changed from François ARMAND to Clark ANDRIANASOLO
Updated by Clark ANDRIANASOLO 17 days ago
- Assignee changed from Clark ANDRIANASOLO to François ARMAND