Work in progress

Fdall · Nov 5, 2019 · 57e9fed · 57e9fed
1 parent 2ccc7fb
commit 57e9fed
Show file tree

Hide file tree

Showing 5 changed files with 137 additions and 10 deletions.
diff --git a/cis/Makefile b/cis/Makefile
@@ -3,15 +3,11 @@
 # make licensed : will build a license limited version of the plugin
 #
 
-FILES = ncf
+FILES = configuration-repository
 SCRIPTS = postinst prerm cis.json rudder-synchronize
 OTHER_ARCHIVES = target/configuration.txz
 
 include ../makefiles/common-plugin.mk
-targets = $(addprefix target/, $(FILES))
-
-$(targets): target/%: % target/configuration.txz
-	cp -ar $< target/
 
 configuration: target/configuration.txz
 
@@ -21,8 +17,9 @@ target/configuration.txz: packaging/cis.json
 	cp -ar configuration/techniques target/
 	tar cJ -C target -f target/configuration.txz rules directives techniques
 
-ncf:
-	cp -ar configuration/ncf .
+target/configuration-repository: configuration
+	mkdir -p target/configuration-repository
+	tools/make-configuration-repository
 
 packaging/cis.json:
 	tools/cis-tag

diff --git a/cis/mk.sh b/cis/mk.sh
@@ -0,0 +1,104 @@
+#!/bin/bash
+CONF=/var/rudder/configuration-repository
+CATEGORY=bob
+TECH=a
+
+cd $CONF
+git reset
+
+# 50_techniques
+mkdir -p $CONF/ncf/50_techniques/$CATEGORY/$TECH
+touch $CONF/ncf/50_techniques/$CATEGORY/$TECH/$TECH.cf
+chown -R ncf-api-venv:rudder $CONF/ncf/50_techniques/$CATEGORY
+chmod 664 -R $CONF/ncf/50_techniques/$CATEGORY
+
+# techniques/CATEGORY
+mkdir -p $CONF/techniques/$CATEGORY/$TECH
+cat <<EOT > $CONF/techniques/$CATEGORY/category.xml
+<xml>
+  <name>$CATEGORY</name>
+  <description>
+    Techniques from the CIS plugin
+  </description>
+</xml>
+EOT
+chown -R ncf-api-venv:rudder $CONF/techniques/$CATEGORY
+chmod 664 -R $CONF/techniques/$CATEGORY
+
+# techniques/ncf_techniques
+mkdir -p $CONF/techniques/ncf_techniques/$CATEGORY
+cd $CONF/techniques/ncf_techniques/$CATEGORY && ln -nrsf ../../$CATEGORY/$TECH && cd -
+chown -R ncf-api-venv:rudder $CONF/techniques/ncf_techniques/$CATEGORY
+chmod 664 -R $CONF/techniques/ncf_techniques/$CATEGORY
+
+
+# Commit
+chmod -R +X $CONF
+git add $CONF/ncf/50_techniques/$CATEGORY $CONF/techniques/$CATEGORY $CONF/techniques/ncf_techniques/$CATEGORY
+git commit -m "Importing op technique"
+rudder server reload-techniques
+
+# Import techniques
+
+cat <<EOT > /tmp/$TECH.json
+{
+  "data": {
+    "bundle_args": [
+      "service"
+    ],
+    "bundle_name": "a",
+    "description": "",
+    "method_calls": [
+      {
+        "args": [
+          "skip_item_\${report_data.canonified_directive_id}",
+          "node.properties[skip][\${report_data.directive_id}]"
+        ],
+        "class_context": "any",
+        "component": "condition_from_variable_existence",
+        "method_name": "condition_from_variable_existence"
+      },
+      {
+        "args": [
+          "\${service}"
+        ],
+        "class_context": "any.(skip_item_\${report_data.canonified_directive_id}_false)",
+        "component": "service_enabled",
+        "method_name": "service_enabled"
+      },
+      {
+        "args": [
+          "\${service}"
+        ],
+        "class_context": "any.(skip_item_\${report_data.canonified_directive_id}_false)",
+        "component": "service_started",
+        "method_name": "service_started"
+      }
+    ],
+    "name": "Enable Service",
+    "parameter": [
+      {
+        "constraints": {
+          "allow_empty_string": false,
+          "allow_whitespace_string": false,
+          "max_length": 16384
+        },
+        "id": "981a5b9d-b062-4011-8dff-df1810cb2fe6",
+        "name": "service"
+      }
+    ],
+    "version": "1.0"
+  },
+  "tags": [],
+  "type": "ncf_technique",
+  "version": 1
+}
+EOT
+
+mkdir /usr/share/rudder-api-client
+cd /tmp
+git clone https://github.com/Normation/rudder-api-client.git
+cd rudder-api-client/lib.python && ./build.sh && mv rudder.py /usr/share/rudder-api-client/rudder.py
+wget https://raw.githubusercontent.com/Normation/rudder-plugins/master/cis/packaging/rudder-synchronize -O /tmp/rudder-synchronize
+chmod +x /tmp/rudder-synchronize
+/tmp/rudder-synchronize import technique /tmp/$TECH.json
diff --git a/cis/packaging/metadata b/cis/packaging/metadata
@@ -5,7 +5,7 @@
   "build-date": "${maven.build.timestamp}",
   "build-commit": "${commit-id}",
   "content": {
-    "files.txz": "/var/rudder/configuration-repository",
+    "files.txz": "/var/rudder/",
     "configuration.txz": "/var/rudder/packages/rudder-plugin-cis/"
   }
 }
diff --git a/cis/packaging/postinst b/cis/packaging/postinst
@@ -1,12 +1,12 @@
 #!/bin/bash
 CONFIGURATION_PATH=/var/rudder/packages/rudder-plugin-cis
+FOLDERS="ncf/30_generic_methods/cis ncf/50_techniques/CIS_plugin techniques/CIS_plugin techniques/ncf_techniques/CIS_plugin"
 
 # Import Generic Methods
 cd /var/rudder/configuration-repository/
 git reset
-for file in "ncf/30_generic_methods/cis"
+for file in $FOLDERS
 do
-
   chown -R root:rudder $file
   chmod 664 -R $file
   chmod -R +X $file

diff --git a/cis/tools/make-configuration-repository b/cis/tools/make-configuration-repository
@@ -0,0 +1,26 @@
+#!/usr/bin/bash
+SOURCE_DIR=target/techniques
+CONFIG_REPO=target/configuration-repository
+CATEGORY="CIS plugin"
+C_CATEGORY=$(echo $CATEGORY | sed "s/[^a-zA-Z0-9_]/_/g")
+
+mkdir -p $CONFIG_REPO/techniques/ncf_techniques/$C_CATEGORY
+for file in $SOURCE_DIR/*; do
+  BASE=$(echo $file | sed "s/.*\///" | sed "s/\.[^.]*$//")
+  C_BASE=$(echo $BASE | sed "s/[^a-zA-Z0-9_]/_/g")
+  mkdir -p $CONFIG_REPO/ncf/50_techniques/$C_CATEGORY/$C_BASE
+  touch $CONFIG_REPO/ncf/50_techniques/$C_CATEGORY/$C_BASE/$C_BASE.cf
+  mkdir -p $CONFIG_REPO/techniques/$C_CATEGORY/$C_BASE
+  cd $CONFIG_REPO/techniques/ncf_techniques/$C_CATEGORY && ln -rs ../../$C_CATEGORY/$C_BASE && cd -
+done
+
+
+cat <<EOT > $CONFIG_REPO/techniques/$C_CATEGORY/category.xml
+<xml>
+  <name>$CATEGORY</name>
+  <description>
+    Techniques from the CIS plugin
+  </description>
+</xml>
+EOT
+