Fixes #13983: Remove template in system techniques

Normation · Dec 18, 2018 · 8c83e75 · 8c83e75
1 parent 5dacefe
commit 8c83e75
Show file tree

Hide file tree

Showing 30 changed files with 307 additions and 240 deletions.
diff --git a/techniques/system/common/1.0/common.st b/techniques/system/common/1.0/common.st
@@ -0,0 +1,20 @@
+# Common variable for common system technique
+bundle common system_common {
+  vars:
+    "directiveId"           string => "&TRACKINGKEY&";
+    "sharedfiles_folder"    string => "&SHARED_FILES_FOLDER&";
+    "community_port"        string => "&COMMUNITYPORT&";
+    "uuid"                  string => "&UUID&";
+    "davuser"               string => "&DAVUSER&";
+    "davpw"                 string => "&DAVPASSWORD&";
+    "rudder_configuration_repository"
+                            string => "&CONFIGURATION_REPOSITORY_FOLDER&";
+    "heartbeat_interval"    string => "&RUDDER_HEARTBEAT_INTERVAL&";
+    "rudder_node_config_id" string => "&RUDDER_NODE_CONFIG_ID&";
+    "agent_run_interval"    string => "&AGENT_RUN_INTERVAL&";
+
+  classes:
+&if(INITIAL)&
+    "initial_promises" expression => "any", scope => "namespace";
+&endif&
+}
diff --git a/techniques/system/common/1.0/cron-setup.st → techniques/system/common/1.0/cron-setup.cf b/techniques/system/common/1.0/cron-setup.st → techniques/system/common/1.0/cron-setup.cf
@@ -60,18 +60,18 @@ bundle agent setup_cronjob
       # Cleanup the crontab without logfile
       "/var/spool/cron/crontabs/root"
         edit_defaults => noempty_backup,
-        edit_line => delete_lines_matching("0,5,10,15,20,25,30,35,40,45,50,55 \* \* \* \* /usr/bin/test -x /opt/rudder/bin/rudder \&\& /opt/rudder/bin/rudder agent check >/dev/null");
+        edit_line => delete_lines_matching("0,5,10,15,20,25,30,35,40,45,50,55 \* \* \* \* /usr/bin/test -x /opt/rudder/bin/rudder && /opt/rudder/bin/rudder agent check >/dev/null");
 
       # Cleanup crontab again
       "/var/spool/cron/crontabs/root"
         edit_defaults => noempty_backup,
-        edit_line => delete_lines_matching("0,5,10,15,20,25,30,35,40,45,50,55 \* \* \* \* /usr/bin/test -x /opt/rudder/bin/rudder \&\& /opt/rudder/bin/rudder agent check >> /var/log/rudder/agent-check/check.log 2>\&1");
+        edit_line => delete_lines_matching("0,5,10,15,20,25,30,35,40,45,50,55 \* \* \* \* /usr/bin/test -x /opt/rudder/bin/rudder && /opt/rudder/bin/rudder agent check >> /var/log/rudder/agent-check/check.log 2>&1");
 
       # Add Rudder entry
       "/var/spool/cron/crontabs/root"
         create        => "true",
         perms         => mog("600", "root", "cron"),
-        edit_line     => insert_lines("0,5,10,15,20,25,30,35,40,45,50,55 * * * * /opt/rudder/bin/rudder agent check -q >> /var/log/rudder/agent-check/check.log 2>\&1"),
+        edit_line     => insert_lines("0,5,10,15,20,25,30,35,40,45,50,55 * * * * /opt/rudder/bin/rudder agent check -q >> /var/log/rudder/agent-check/check.log 2>&1"),
         classes       => rudder_common_classes("rudder_aix_crontab_insertion"),
         comment       => "Insert an AIX-compatible user crontab to run /opt/rudder/bin/rudder agent check";
 
@@ -110,10 +110,10 @@ bundle agent check_cron_daemon
       "any" usebundle => _classes_success("service_restart_${service_name}");
 
     pass3.!aix::
-      "any" usebundle => rudder_common_reports_generic("Common", "service_restart_${service_name}", "&TRACKINGKEY&", "CRON Daemon", "None", "Cron daemon status");
+      "any" usebundle => rudder_common_reports_generic("Common", "service_restart_${service_name}", "${system_common.directiveId}", "CRON Daemon", "None", "Cron daemon status");
 
     aix::
-      "any" usebundle => rudder_common_report("Common", "result_na", "&TRACKINGKEY&", "CRON Daemon", "None", "CRON is not a service on AIX: CRON verifications skipped");
+      "any" usebundle => rudder_common_report("Common", "result_na", "${system_common.directiveId}", "CRON Daemon", "None", "CRON is not a service on AIX: CRON verifications skipped");
 
   processes:
 

diff --git a/techniques/system/common/1.0/failsafe.st b/techniques/system/common/1.0/failsafe.st
@@ -24,7 +24,7 @@ body common control
 {
         bundlesequence     => { "check_uuid", "init_files", "update_action" };
 
-        inputs             => { "common/1.0/update.cf" };
+        inputs             => { "common/1.0/common.cf", "common/1.0/update.cf" };
         output_prefix      => "rudder";
 
         protocol_version   => "2";

diff --git a/techniques/system/common/1.0/hooks.st → techniques/system/common/1.0/hooks.cf b/techniques/system/common/1.0/hooks.st → techniques/system/common/1.0/hooks.cf
@@ -219,7 +219,7 @@ bundle agent runhook_sudo_post_hook(json) {
       # For version 1.7, bugs in the strict parsing prevent from using safely the strict mode (see http://www.sudo.ws/bugs/show_bug.cgi?id=519 )
       # Versions after 1.7 don't need to have Aliases defined before they are used, and strict mode only checks that, so we can safely ignore it
       # visudo -V can returns several lines, so we need to keep only the visudo version line
-      "visudo_use_strict_mode" expression => returnszero("/usr/sbin/visudo  -V | grep 'visudo version' | /bin/sed -e 's/visudo version \([0-9]\+\)\.\([0-9]\+\)\..*/\1 \2/p' | /usr/bin/awk '{ if(($1<1)||($1==1 \&\& $2<=6)) { exit 0 }; exit 1 }'", "useshell");
+      "visudo_use_strict_mode" expression => returnszero("/usr/sbin/visudo  -V | grep 'visudo version' | /bin/sed -e 's/visudo version \([0-9]\+\)\.\([0-9]\+\)\..*/\1 \2/p' | /usr/bin/awk '{ if(($1<1)||($1==1 && $2<=6)) { exit 0 }; exit 1 }'", "useshell");
 
     any::
       "pass3" expression => "pass2";

diff --git a/...es/system/common/1.0/internal-security.st → ...es/system/common/1.0/internal-security.cf b/...es/system/common/1.0/internal-security.st → ...es/system/common/1.0/internal-security.cf
@@ -51,11 +51,11 @@ bundle agent internal_security
   methods:
 
     security_sanitization_ok.!security_sanitization_repaired::
-      "any" usebundle => rudder_common_report("Common", "result_success", "&TRACKINGKEY&", "Security parameters", "None", "The internal environment security is acceptable");
+      "any" usebundle => rudder_common_report("Common", "result_success", "${system_common.directiveId}", "Security parameters", "None", "The internal environment security is acceptable");
 
     security_sanitization_repaired::
-      "any" usebundle => rudder_common_report("Common", "result_repaired", "&TRACKINGKEY&", "Security parameters", "None", "Some internal security parameters were adjusted");
+      "any" usebundle => rudder_common_report("Common", "result_repaired", "${system_common.directiveId}", "Security parameters", "None", "Some internal security parameters were adjusted");
 
     security_sanitization_failed::
-      "any" usebundle => rudder_common_report("Common", "result_error", "&TRACKINGKEY&", "Security parameters", "None", "The internal environment security is NOT acceptable!");
+      "any" usebundle => rudder_common_report("Common", "result_error", "${system_common.directiveId}", "Security parameters", "None", "The internal environment security is NOT acceptable!");
 }
diff --git a/techniques/system/common/1.0/metadata.xml b/techniques/system/common/1.0/metadata.xml
@@ -19,13 +19,8 @@ along with this program.  If not, see <http://www.gnu.org/licenses/>.
   <SYSTEM>true</SYSTEM>
 
   <TMLS>
-    <TML name="monitoring" />
+    <TML name="common"/>
     <TML name="cf-serverd"/>
-    <TML name="rudder-lib" />
-    <TML name="internal-security" />
-    <TML name="cron-setup" />
-    <TML name="site"/>
-    <TML name="update"/>
     <TML name="failsafe">
       <OUTPATH>failsafe.cf</OUTPATH>
       <INCLUDED>false</INCLUDED>
@@ -53,12 +48,34 @@ along with this program.  If not, see <http://www.gnu.org/licenses/>.
       <OUTPATH>run_interval</OUTPATH>
       <INCLUDED>false</INCLUDED>
     </TML>
-    <TML name="restart-services"/>
     <TML name="rudder-groups"/>
-    <TML name="hooks"/>
   </TMLS>
 
   <FILES>
+    <FILE name="hooks.cf">
+      <INCLUDED>true</INCLUDED>
+    </FILE>
+    <FILE name="cron-setup.cf">
+      <INCLUDED>true</INCLUDED>
+    </FILE>
+    <FILE name="site.cf">
+      <INCLUDED>true</INCLUDED>
+    </FILE>
+    <FILE name="update.cf">
+      <INCLUDED>true</INCLUDED>
+    </FILE>
+    <FILE name="monitoring.cf">
+      <INCLUDED>true</INCLUDED>
+    </FILE>
+    <FILE name="restart-services.cf">
+      <INCLUDED>true</INCLUDED>
+    </FILE>
+    <FILE name="rudder-lib.cf">
+      <INCLUDED>true</INCLUDED>
+    </FILE>
+    <FILE name="internal-security.cf">
+      <INCLUDED>true</INCLUDED>
+    </FILE>
     <FILE name="rudder-stdlib.cf">
       <INCLUDED>true</INCLUDED>
     </FILE>

diff --git a/techniques/system/common/1.0/monitoring.st → techniques/system/common/1.0/monitoring.cf b/techniques/system/common/1.0/monitoring.st → techniques/system/common/1.0/monitoring.cf
@@ -40,8 +40,8 @@ bundle agent monitoring_hook_post
     "reporting" usebundle => enable_reporting;
 
     csv_exists::
-    "reporting" usebundle => rudder_common_reports_generic("Common", "sharedfile_to_node_rudder_monitoring_csv", "&TRACKINGKEY&", "Monitoring", "None", "Share Rudder monitoring information with the server");
+    "reporting" usebundle => rudder_common_reports_generic("Common", "sharedfile_to_node_rudder_monitoring_csv", "${system_common.directiveId}", "Monitoring", "None", "Share Rudder monitoring information with the server");
 
     !csv_exists::
-    "reporting" usebundle => rudder_common_report("Common", "result_na", "&TRACKINGKEY&", "Monitoring", "None", "No Rudder monitoring information to share with the server");
+    "reporting" usebundle => rudder_common_report("Common", "result_na", "${system_common.directiveId}", "Monitoring", "None", "No Rudder monitoring information to share with the server");
 }