Bug #27180
closed
Node compliance persistence fails when all reports from sysevents are cleaned
Description
If we have node compliance that is configured for more than 3 days, and we reached the point where all ruddersysevents are cleaned, then:
- we do have the log message "last node run is too old but compliance persistance is configured for that node for XXX days"
- but the compliance bar in UI remains forever in stipped blue
- and we have "never" in last seen column.
So it seems that when we don't have any runs remaining in ruddersysevent, then we don't reach "is there compliance" in the UI, BUT we still have the log.
In that case, the explain compliance logs show:
2025-07-01 17:25:00+0200 DEBUG explain_compliance.384c0785-0291-4964-9249-xxx - Run config for node 384c0785-0291-4964-9249-xxx: NoReportInInterval : no run (ever or too old) 2025-07-01 17:25:00+0200 DEBUG explain_compliance.384c0785-0291-4964-9249-xxx - Computing compliance for node 384c0785-0291-4964-9249-xxx with: [NoReportInInterval: expected NodeConfigId: 20250701-171458-df83b9fc/[20250701T171458+0200-now]| last run: none available (or too old)] 2025-07-01 17:25:00+0200 DEBUG explain_compliance.384c0785-0291-4964-9249-xxx - Node didn't received reports recently, status depend of the compliance mode and previous report status 2025-07-01 17:25:00+0200 INFO compliance - Node with id '384c0785-0291-4964-9249-xxx' hasn't send report in expected time but rudder.compliance_expiration_policy is configured to keep compliance for 93 days: waiting until 2025-10-02T17:35:00+02:00
Files
Updated by Nicolas CHARLES 23 days ago
- Related to Bug #26864: Node in “keep compliance” displayed as “never ran” added
Updated by François ARMAND 22 days ago
- Subject changed from Node compliance pesistence fails when all reports from sysevents are cleaned to Node compliance persistence fails when all reports from sysevents are cleaned
Updated by François ARMAND 22 days ago
So, the problem is that when do the analysis to see if we are still in keep compliance windows, we update saved information with the last available.
We do that to be sure to get the last run even if Rudder rebooted when a more recent run happened, but still too old after reboot to (so we still need to keep compliance).
The problem is that run get cleaned, and so after some time, this update destroy accurate data: the last available run disapears, and we copy the erased value in place of the persisted one.
Updated by François ARMAND 22 days ago
- Status changed from In progress to Pending technical review
- Assignee changed from François ARMAND to Clark ANDRIANASOLO
- Pull Request set to https://github.com/Normation/rudder/pull/6497
Updated by Anonymous 17 days ago
- Status changed from Pending technical review to Pending release
Applied in changeset rudder|56b3295bca65758fb1662e95db165151c8c7fd35.
Updated by Michel BOUISSOU 10 days ago
- Related to Bug #27282: Node persistant compliance fails after a node has been down for a few days added
Updated by Félix DALLIDET 8 days ago
- Status changed from Pending release to Released
This bug has been fixed in Rudder 8.3.3 which was released today.